| fondorking | 08.09.2011 16:42 |
:stirn:OTL Logfile: Code:
OTL logfile created on: 08.09.2011 17:25:12 - Run 2
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,79 Gb Available Physical Memory | 69,70% Memory free
8,00 Gb Paging File | 6,52 Gb Available in Paging File | 81,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397,17 Gb Total Space | 1014,20 Gb Free Space | 72,59% Space Free | Partition Type: NTFS
Computer Name: ENERMAX | User Name: Cedric | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.09.08 15:05:50 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2011.08.11 22:29:16 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.08.10 17:02:45 | 001,505,800 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2011.05.20 14:50:48 | 000,368,136 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
PRC - [2011.05.20 14:50:36 | 001,540,616 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
PRC - [2011.05.11 12:18:59 | 000,923,144 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
PRC - [2011.03.28 14:15:10 | 000,380,736 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2011.03.04 20:56:12 | 000,381,448 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.08.10 15:23:36 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011.07.28 23:35:34 | 000,204,288 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.06.13 22:21:14 | 000,343,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV:64bit: - [2011.01.05 07:03:30 | 002,610,952 | ---- | M] (Raxco Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV:64bit: - [2011.01.05 07:03:20 | 002,266,376 | ---- | M] (Raxco Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine)
SRV - [2011.08.11 22:29:16 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.08.10 17:02:45 | 001,505,800 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2011.08.10 15:31:08 | 002,027,840 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.08.10 15:23:30 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.08.10 14:21:10 | 001,556,816 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2011.06.17 09:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.05.26 03:11:13 | 001,929,104 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe -- (AVKWCtl)
SRV - [2011.05.20 14:50:48 | 000,368,136 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2011.03.04 20:56:12 | 000,381,448 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.11 13:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Disabled | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.11.12 19:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)
SRV - [2000.01.01 00:00:00 | 000,271,360 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\DTProTS\DTProTS.exe -- (DTProTS)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.08.15 22:08:24 | 000,059,256 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2011.08.15 14:05:45 | 000,110,968 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2011.08.15 14:05:45 | 000,050,552 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2011.08.15 14:05:44 | 000,065,912 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2011.07.29 00:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.07.29 00:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.28 22:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.07.02 14:47:10 | 000,106,488 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2011.06.29 13:23:20 | 000,051,576 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2011.06.29 13:23:11 | 000,031,448 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GdNetMon64.sys -- (GdNetMon)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.06.07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.04.30 13:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 13:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.11.20 15:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.08.11 08:10:06 | 000,138,256 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DefragFs.sys -- (DefragFS)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2009.12.06 12:24:22 | 000,224,920 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus)
DRV:64bit: - [2009.11.23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.09.30 16:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.23 10:42:58 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.10 12:14:36 | 000,043,264 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2009.06.10 12:14:36 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2009.02.03 17:37:50 | 000,075,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2007.05.01 16:48:56 | 000,171,144 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiH5F0D.sys -- (SaiH5F0D)
DRV:64bit: - [2007.05.01 16:48:56 | 000,034,304 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiU5F0D.sys -- (SaiU5F0D)
DRV:64bit: - [2007.02.08 19:47:24 | 000,107,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV:64bit: - [2007.01.26 10:04:36 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\whfltr2k.sys -- (whfltr2k)
DRV:64bit: - [2006.12.05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV:64bit: - [2006.11.10 15:08:58 | 000,030,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATITool64.sys -- (ATITool)
DRV:64bit: - [2006.08.25 14:36:52 | 000,039,208 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV:64bit: - [2006.07.10 18:21:22 | 000,022,936 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV:64bit: - [2006.06.14 16:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2011.06.25 15:08:55 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD)
DRV - [2010.12.18 14:50:08 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | Auto | Running] -- C:\Users\Admin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2010.11.29 20:27:40 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/hypercam/{30556029-374E-4F2E-890B-121038B58BE0}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof2.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof2.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.88.251:800
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6
FF - prefs.js..extensions.enabledItems: allglassv2@ambroos.neowin.net:2.1.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: info@djzig.com:1.2.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.6&q="
FF - prefs.js..network.proxy.ftp: "192.168.88.251"
FF - prefs.js..network.proxy.ftp_port: 800
FF - prefs.js..network.proxy.gopher: "192.168.88.251"
FF - prefs.js..network.proxy.gopher_port: 800
FF - prefs.js..network.proxy.http: "192.168.88.251"
FF - prefs.js..network.proxy.http_port: 800
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "192.168.88.251"
FF - prefs.js..network.proxy.socks_port: 800
FF - prefs.js..network.proxy.ssl: "192.168.88.251"
FF - prefs.js..network.proxy.ssl_port: 800
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://www.bigseekpro.com/search/toolbar/hypercam/{88ED4A72-8717-53BE-8E7E-30BA070DAF61}?q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Admin\Program Files (x86)\DNA\plugins\npbtdna.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Admin\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\components [2011.09.08 16:32:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Admin\Program Files (x86)\DNA
[2011.03.19 13:47:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2011.08.09 18:20:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\kr7kwnm2.default\extensions
[2011.08.09 18:20:19 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\kr7kwnm2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.03.19 13:43:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\kr7kwnm2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.09.08 15:09:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\o4751zle.default\extensions
[2011.08.09 18:20:19 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\o4751zle.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.06.23 10:58:39 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\o4751zle.default\extensions\battlefieldplay4free@ea.com
[2011.04.30 09:45:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.04.30 09:48:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2011.09.06 12:30:22 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2010.06.09 21:52:18 | 000,002,224 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\webblog.xml
O1 HOSTS File: ([2000.01.01 00:00:00 | 000,000,794 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 secure.disc-soft.com
O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AvkWebIEx64.dll (G Data Software AG)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AvkWebIE.dll (G Data Software AG)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof2.dll (Conduit Ltd.)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AvkWebIEx64.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AvkWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files (x86)\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.64.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.50.140.116 192.168.123.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD5AE1E4-714D-4E03-920D-ABE9EE787A4C}: DhcpNameServer = 195.50.140.116 192.168.123.254
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{14b1b4e4-e977-11de-9627-002511d83983}\Shell - "" = AutoRun
O33 - MountPoints2\{14b1b4e4-e977-11de-9627-002511d83983}\Shell\AutoRun\command - "" = V:\SETUP.EXE
O33 - MountPoints2\{14b1b4e4-e977-11de-9627-002511d83983}\Shell\configure\command - "" = V:\SETUP.EXE
O33 - MountPoints2\{14b1b4e4-e977-11de-9627-002511d83983}\Shell\install\command - "" = V:\SETUP.EXE
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\cdstart.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\cdstart.exe
O34 - HKLM BootExecute: (PDBoot.exe) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
MsConfig:64bit - StartUpFolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe - (Leader Technologies/Logitech)
MsConfig:64bit - StartUpReg: AlcoholAutomount - hkey= - key= - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
MsConfig:64bit - StartUpReg: AshSnap - hkey= - key= - C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe (ashampoo GmbH & Co. KG)
MsConfig:64bit - StartUpReg: DAEMON Tools Pro Agent - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: PlusService - hkey= - key= - C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
MsConfig:64bit - StartUpReg: RocketDock - hkey= - key= - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
MsConfig:64bit - StartUpReg: snpstd3 - hkey= - key= - C:\Windows\vsnpstd3.exe ()
MsConfig:64bit - StartUpReg: StartCCC - hkey= - key= - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig:64bit - StartUpReg: VirtualCloneDrive - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: XboxStat - hkey= - key= - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011.09.08 15:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011.09.08 15:36:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2011.09.08 15:05:46 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2011.09.08 13:05:13 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{172BF5AA-5ADB-47A8-8261-9440F4413DE3}
[2011.09.07 14:13:52 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{E82D38B0-A1C6-4FC1-A459-795D3DAF58FF}
[2011.09.07 14:13:23 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{83C7A11A-8EAA-41B2-8B7C-75C320DE0FFE}
[2011.09.06 22:10:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\FixItCenter
[2011.09.06 22:04:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2011.09.06 22:04:54 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2011.09.06 21:35:19 | 000,771,016 | ---- | C] (proDAD GmbH) -- C:\uninstall.exe
[2011.09.06 12:34:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.09.06 12:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\facemoods.com
[2011.09.06 12:29:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2011.09.06 12:06:30 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{14746336-DACA-441B-8C0E-5F1049B11284}
[2011.09.06 12:06:06 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{3D70A804-54FC-47ED-8AA6-A1698C4069A3}
[2011.09.05 21:24:52 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{C44B8BA1-1FB9-4E88-B8B9-A8725D62618A}
[2011.09.05 21:24:19 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{11A1E4A7-F635-462E-B944-BA3598A6256B}
[2011.09.04 23:33:22 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{7F2AA41F-D387-4510-81B4-DA6DC9273BDF}
[2011.09.04 23:32:52 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{55FCB4AB-E781-46E0-BE1E-30D2B9B41F40}
[2011.09.04 13:01:56 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{7B98AC6C-99FB-4F8A-8E14-C951129E7C6A}
[2011.09.03 11:32:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{5B1565BF-26B0-4CCC-86C8-654F2B6F89F0}
[2011.09.03 11:32:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{329CA473-720C-438B-8C4F-26E89AAC7666}
[2011.09.02 17:44:33 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{A47BB6AD-5FB2-4A4A-8865-EF2E815AF228}
[2011.09.02 17:44:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{ADD2BD61-D7C0-4E5B-A1EB-0C68931E9DF9}
[2011.09.02 00:28:23 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Heroglyph
[2011.09.02 00:24:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2011.09.02 00:24:06 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\SysWow64\nbDX.dll
[2011.09.02 00:24:05 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLOgg.ax
[2011.09.02 00:24:05 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\flvDX.dll
[2011.09.02 00:24:05 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLVorbisDec.ax
[2011.09.02 00:24:05 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSSplitter.ax
[2011.09.02 00:24:05 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSDecoder.ax
[2011.09.02 00:24:05 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\SysWow64\RLTheoraDec.ax
[2011.09.02 00:24:05 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\SysWow64\msfDX.dll
[2011.09.02 00:24:03 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\RealMediaDX.ax
[2011.09.02 00:24:02 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\MatroskaDX.ax
[2011.09.02 00:24:00 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\DiracSplitter.ax
[2011.09.02 00:24:00 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\SysWow64\AVCDX.ax
[2011.09.02 00:14:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AIM
[2011.09.01 23:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USM
[2011.09.01 23:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USM
[2011.09.01 15:53:57 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{4F10A6E8-1485-429F-9EB4-A39AE6D317AB}
[2011.09.01 15:53:22 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{FA1A7ED0-77A0-46BF-9E14-D47E02DA70E9}
[2011.08.31 21:05:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualCloneDrive
[2011.08.31 20:59:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Landwirtschafts Simulator 2011
[2011.08.31 20:44:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2011
[2011.08.31 13:51:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Rockstar Games
[2011.08.31 10:30:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Landwirtschafts Simulator 2011 old
[2011.08.30 17:25:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.08.30 17:25:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.08.30 17:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011.08.30 17:23:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.08.30 13:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Raxco
[2011.08.30 13:49:05 | 000,000,000 | ---D | C] -- C:\Program Files\Raxco
[2011.08.30 13:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raxco
[2011.08.30 13:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MARKEMENT
[2011.08.30 13:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MARKEMENT
[2011.08.30 13:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetObjects
[2011.08.30 13:44:50 | 001,056,768 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\SysWow64\ROBOEX32.DLL
[2011.08.30 13:44:50 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\SysWow64\INETWH32.DLL
[2011.08.30 13:43:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetObjects
[2011.08.30 13:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD
[2011.08.30 13:38:02 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\proDAD
[2011.08.30 13:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\proDAD
[2011.08.30 13:37:51 | 000,000,000 | ---D | C] -- C:\ProgramData\proDAD
[2011.08.30 13:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011.08.30 13:29:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2011.08.30 13:28:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Landwirtschafts-Simulator 2009
[2011.08.30 12:37:08 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{F55E9736-313E-40C0-BC6B-9CA6FEC825C5}
[2011.08.30 12:36:45 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{48EA303D-918E-4C32-9033-29E2CE6B0935}
[2011.08.30 00:36:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{5116F0B2-6235-42F0-8612-748BF908F93C}
[2011.08.30 00:35:55 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{BB40D063-E0F3-4038-BF3C-988F8C849EAD}
[2011.08.29 12:35:27 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{771406CF-9BEC-4961-BDB3-61A447D15B75}
[2011.08.29 12:34:53 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{633392F9-FDBA-4A38-9DA2-EF6118DA163B}
[2011.08.28 18:33:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{09F21C33-BB39-4DE5-890D-A98BDADDD95E}
[2011.08.28 18:33:00 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{F48C2731-4273-4342-B2CB-ED61E27BB434}
[2011.08.26 10:33:37 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{C3D444AD-8C01-4557-BE90-97C9C5EB2900}
[2011.08.26 10:32:52 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{0A10A479-5E02-46D9-BAFD-A177AA364A35}
[2011.08.25 19:40:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{E4670A46-F6FA-4BF6-9C9F-E03427DF4168}
[2011.08.25 19:40:17 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{EB8EAEFB-170C-4A3B-B6EA-529F9EF42D85}
[2011.08.22 22:52:25 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{0E59175E-0A07-4F91-813F-B358A25E5905}
[2011.08.22 22:52:02 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{4BA577DF-DAF8-43EA-A31D-34DF89156365}
[2011.08.21 22:51:30 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{49836AC0-1733-453D-90FA-E4AAAEC597EA}
[2011.08.21 22:51:07 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{463FE74F-D03C-42E3-B9FE-C9F149AAB57C}
[2011.08.21 16:17:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011.08.21 16:16:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Games for Windows - LIVE Demos
[2011.08.21 16:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.08.21 15:16:17 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{5BE79326-6376-4A8B-AE21-72EE39B8FA36}
[2011.08.21 01:02:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011.08.21 01:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011.08.20 12:56:17 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{890DE418-921E-4EF1-9AC2-5549BD8D5FAF}
[2011.08.20 12:55:50 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{FFEDC646-63BD-4E05-B3FA-5522DCCCB0A0}
[2011.08.19 15:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2011.08.19 15:32:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2011.08.19 15:26:56 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{72679341-0CEA-47D4-B1B3-6769388E5075}
[2011.08.19 15:26:27 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{26A52CF0-5935-4284-826F-19B20352A8B1}
[2011.08.18 23:21:37 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{5B8B0B62-B541-431E-A5F3-51E27F806EC6}
[2011.08.18 23:21:12 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{316F0DD2-A4B8-48DF-9366-39567B99DACA}
[2011.08.18 11:20:42 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{D63FFDBA-1FF1-4491-BC70-12209157C7BC}
[2011.08.18 11:20:14 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{6DCA4F1B-1C23-422D-833D-7AF449267013}
[2011.08.17 20:01:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{3AF3FFA1-182D-476F-87DA-FFEEDAD68456}
[2011.08.17 20:01:27 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{822BC328-35D5-4D8C-B66A-B31F2163182E}
[2011.08.17 16:54:07 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{F7D3B46A-CF2E-46AD-ADB4-CE0435A6EEB3}
[2011.08.17 15:06:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\LogiShrd
[2011.08.17 00:31:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{1512B213-5DB2-4AD4-A508-0BCEF0A47D99}
[2011.08.17 00:31:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{4DA65401-F87A-477D-94CC-650F4E4449E8}
[2011.08.16 12:30:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{E278CF71-0AF9-4D6B-BBBC-E28E2D66CB0B}
[2011.08.16 12:30:38 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{77AA5B2D-3263-4AEE-9868-65DB7DFF7F8E}
[2011.08.15 20:33:38 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Leadertech
[2011.08.15 20:33:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2011.08.15 20:32:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2011.08.15 20:32:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SetPointG
[2011.08.15 20:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SetPointP
[2011.08.15 20:31:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2011.08.15 20:31:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Logitech
[2011.08.15 20:31:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Logishrd
[2011.08.15 13:54:27 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{95699DE0-1CB8-4A02-A770-8C798A5DEED6}
[2011.08.15 13:53:55 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{6ADFB87B-7BC9-471A-B118-C5F4EE421A98}
[2011.08.14 22:15:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{3C5D5897-4164-4D28-B1AA-8C4A61A342E8}
[2011.08.14 22:15:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{0319BB12-57BC-471F-A2A6-66C6A72CB9B4}
[2011.08.14 01:06:50 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{872383BC-F599-4C23-8E36-E563ADC1FBCD}
[2011.08.14 01:06:27 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{8E11992A-9555-4A10-BFC7-1E2817AFFF13}
[2011.08.13 13:05:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{4A96BF3F-4886-40DD-A397-45C796CFD460}
[2011.08.13 13:05:47 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{4C91BF1E-0B0F-47BB-AE11-B491C576907E}
[2011.08.12 22:00:52 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{44D524A1-7A06-4157-91A6-1A2B0D615DB9}
[2011.08.12 01:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.08.12 01:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2011.08.11 18:20:35 | 000,107,008 | ---- | C] (uc-forum.com) -- C:\Users\Admin\Desktop\BFP4F Loader.exe
[2011.08.11 13:07:47 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{4C3A4B98-3043-4CA9-B866-00DDEA32D31E}
[2011.08.11 13:07:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\{F65D0D17-2D06-4BA5-801F-2CEFDEB9DE39}
[2011.08.09 18:20:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.09 18:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.08.09 18:19:54 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoft
[2011.08.09 18:19:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\DVDVideoSoft
[2011.08.09 18:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010.04.29 19:06:43 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnpstd3.dll
[2010.04.29 19:06:43 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll
[2010.04.29 19:06:43 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.09.08 16:40:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.08 16:00:54 | 000,029,237 | ---- | M] () -- C:\Users\Admin\Desktop\Microsoft Windows.jpg
[2011.09.08 15:14:26 | 000,020,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.08 15:14:26 | 000,020,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.08 15:08:46 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.08 15:06:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.08 15:06:56 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.08 15:05:50 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2011.09.08 15:05:22 | 000,000,198 | ---- | M] () -- C:\Users\Admin\defogger_reenable
[2011.09.08 15:04:39 | 000,050,477 | ---- | M] () -- C:\Users\Admin\Desktop\Defogger.exe
[2011.09.08 13:02:49 | 000,401,659 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2011.09.08 13:02:49 | 000,032,535 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2011.09.06 21:58:30 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.09.06 21:58:30 | 000,655,802 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.09.06 21:58:30 | 000,616,348 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.09.06 21:58:30 | 000,130,434 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.09.06 21:58:30 | 000,106,728 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.09.06 17:32:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011.08.31 21:44:44 | 000,001,740 | ---- | M] () -- C:\Users\Admin\Desktop\Landwirtschafts Simulator 2011.lnk
[2011.08.30 20:44:54 | 396,636,636 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.08.30 17:27:15 | 000,002,020 | ---- | M] () -- C:\Users\Admin\Desktop\Catalyst Control Center.lnk
[2011.08.21 01:01:24 | 000,002,156 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2011.08.17 17:51:41 | 000,234,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.08.17 17:51:41 | 000,234,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.08.17 12:58:45 | 000,001,448 | ---- | M] () -- C:\Users\Admin\Desktop\Command Prompt.lnk
[2011.08.15 22:08:24 | 000,059,256 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2011.08.15 14:05:45 | 000,110,968 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2011.08.15 14:05:45 | 000,050,552 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2011.08.15 14:05:44 | 000,065,912 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2011.08.13 21:33:01 | 000,002,103 | ---- | M] () -- C:\Users\Admin\Desktop\Logitech G-series Key Profiler.lnk
[2011.08.11 22:29:16 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.08.10 15:32:14 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.08.10 15:23:44 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.08.10 15:23:40 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.08.10 15:23:36 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011.08.10 15:23:30 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.09.08 16:00:53 | 000,029,237 | ---- | C] () -- C:\Users\Admin\Desktop\Microsoft Windows.jpg
[2011.09.08 15:05:20 | 000,000,198 | ---- | C] () -- C:\Users\Admin\defogger_reenable
[2011.09.08 15:04:38 | 000,050,477 | ---- | C] () -- C:\Users\Admin\Desktop\Defogger.exe
[2011.09.06 22:04:56 | 000,000,959 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk
[2011.09.06 17:32:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011.09.02 00:24:05 | 000,121,344 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.ax
[2011.09.02 00:24:05 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011.09.02 00:24:05 | 000,051,712 | RHS- | C] () -- C:\Windows\SysWow64\RLSpeexDec.ax
[2011.09.02 00:24:04 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\RLMPCDec.ax
[2011.09.02 00:24:03 | 000,070,656 | RHS- | C] () -- C:\Windows\SysWow64\RLAPEDec.ax
[2011.09.02 00:24:02 | 000,120,832 | RHS- | C] () -- C:\Windows\SysWow64\MPCDx.ax
[2011.09.02 00:24:01 | 000,097,280 | RHS- | C] () -- C:\Windows\SysWow64\FLACDX.ax
[2011.09.02 00:24:00 | 000,227,328 | RHS- | C] () -- C:\Windows\SysWow64\ac3DX.ax
[2011.09.02 00:24:00 | 000,175,104 | RHS- | C] () -- C:\Windows\SysWow64\CoreAAC.ax
[2011.09.02 00:24:00 | 000,081,920 | RHS- | C] () -- C:\Windows\SysWow64\aac_parser.ax
[2011.09.02 00:14:33 | 000,000,696 | ---- | C] () -- C:\Windows\SysWow64\jetodbc.rsp
[2011.08.31 21:44:44 | 000,001,740 | ---- | C] () -- C:\Users\Admin\Desktop\Landwirtschafts Simulator 2011.lnk
[2011.08.30 20:44:54 | 396,636,636 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.08.30 17:27:15 | 000,002,020 | ---- | C] () -- C:\Users\Admin\Desktop\Catalyst Control Center.lnk
[2011.08.30 13:49:07 | 000,002,781 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerfectDisk 11.lnk
[2011.08.30 13:44:50 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\nnr.dll
[2011.08.21 01:01:24 | 000,002,156 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2011.08.13 21:33:01 | 000,002,103 | ---- | C] () -- C:\Users\Admin\Desktop\Logitech G-series Key Profiler.lnk
[2011.08.13 20:43:32 | 000,234,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.08.11 22:29:15 | 002,484,592 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_p4f.exe
[2011.07.17 23:54:02 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.06.30 15:52:19 | 000,401,659 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2011.06.29 19:32:19 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.09 13:52:22 | 000,000,000 | ---- | C] () -- C:\Users\Admin\AppData\Local\{E40E4B56-8C05-487F-A732-9A2EC3768E9C}
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.02.11 19:15:08 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2011.02.11 19:15:08 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2011.02.11 19:15:08 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2011.01.28 21:19:44 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.12.12 14:43:42 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.11.29 21:35:57 | 000,000,008 | -HS- | C] () -- C:\ProgramData\CCDD932493.sys
[2010.11.29 21:35:56 | 000,005,018 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.09.25 18:53:24 | 000,013,312 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.15 19:34:41 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\H@tKeysH@@k.DLL
[2010.05.18 16:21:13 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.05.07 16:31:06 | 000,196,096 | ---- | C] () -- C:\Windows\SysWow64\nY.exe
[2010.04.29 19:06:44 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2010.04.29 19:06:44 | 000,356,352 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2010.04.29 19:06:44 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2010.04.29 19:06:44 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2010.04.22 17:21:16 | 000,000,000 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\FileOut.cns
[2010.04.22 17:21:16 | 000,000,000 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\FileIn.cns
[2010.03.17 19:29:35 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\GkSui18.EXE
[2010.02.19 21:18:20 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2010.02.19 21:18:20 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll
[2010.02.19 21:18:20 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll
[2010.02.14 20:52:39 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2010.01.02 17:37:17 | 000,001,015 | ---- | C] () -- C:\Windows\disney.ini
[2009.12.22 22:21:05 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2009.12.04 01:19:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2007.04.27 11:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SP207.INI
[2005.01.25 15:15:42 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\PA207USD.DLL
[2003.05.18 18:23:35 | 000,045,056 | ---- | C] () -- C:\Program Files (x86)\fraps.dll
========== LOP Check ==========
[2009.12.22 22:24:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Atari
[2011.04.30 09:48:41 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Babylon
[2011.04.03 16:23:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Bioshock
[2010.09.03 19:48:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\bizarre creations
[2010.02.06 00:59:15 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Blender Foundation
[2010.02.21 14:02:41 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\concept design
[2010.04.14 19:47:14 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Cuttermaran
[2010.12.06 14:28:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2011.04.30 10:54:52 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Pro
[2010.01.02 17:50:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Disney Interactive Studios
[2010.02.28 12:25:52 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DNA
[2011.08.22 01:44:31 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoft
[2011.08.09 18:20:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.08.15 20:11:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Engelmann Media
[2009.12.30 17:12:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FarmingSimulator2008
[2010.05.08 12:02:00 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\gtk-2.0
[2011.04.29 18:54:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ImTOO
[2011.08.15 20:33:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Leadertech
[2010.12.20 16:20:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MAGIX
[2010.02.21 13:53:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\NCH Swift Sound
[2010.11.02 17:36:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Need for Speed World
[2011.09.08 17:34:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\NetSpeedMonitor
[2010.02.28 12:25:21 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Notepad++
[2010.07.11 13:52:14 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Panasonic
[2011.09.06 21:35:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\proDAD
[2010.09.26 09:24:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ProtectDisc
[2011.09.02 14:01:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Sony
[2010.11.06 22:26:19 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TeamViewer
[2011.09.02 18:15:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TS3Client
[2010.12.19 15:35:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2010.11.06 21:39:24 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ubisoft
[2011.09.06 19:52:57 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2011.01.07 18:43:04 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\wbtooltb
[2010.12.29 13:07:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Windows Live Writer
[2011.04.30 09:45:04 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\WinPump
[2011.08.30 20:38:04 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.07.01 22:27:06 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010.11.08 16:58:56 | 000,000,000 | ---D | M] -- C:\Advanced Wheel Mouse
[2011.01.03 15:26:36 | 000,000,000 | ---D | M] -- C:\AMD
[2009.12.04 01:17:12 | 000,000,000 | ---D | M] -- C:\ATI
[2011.09.06 22:04:57 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.12.04 01:12:37 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.05.28 13:24:14 | 000,000,000 | ---D | M] -- C:\Graphics
[2011.08.08 18:59:59 | 000,000,000 | ---D | M] -- C:\Intel
[2010.07.11 13:52:08 | 000,000,000 | ---D | M] -- C:\MC_TMP
[2009.12.15 14:45:31 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.09.06 22:04:54 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.09.08 15:36:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2011.09.06 12:34:13 | 000,000,000 | ---D | M] -- C:\ProgramData
[2009.12.04 01:12:37 | 000,000,000 | -HSD | M] -- C:\Programme
[2009.12.04 01:12:37 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.04.12 16:26:36 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.07.01 22:26:54 | 000,000,000 | R--D | M] -- C:\Users
[2011.09.06 22:04:54 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.manifest /3 >
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: REGEDIT.EXE >
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< >
< End of report >
--- --- --- |
