OTL Logfile: Code:
OTL logfile created on: 21.12.2011 16:22:11 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Rambo\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,99 Gb Total Physical Memory | 6,44 Gb Available Physical Memory | 80,62% Memory free
15,98 Gb Paging File | 14,31 Gb Available in Paging File | 89,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 560,32 Gb Total Space | 249,07 Gb Free Space | 44,45% Space Free | Partition Type: NTFS
Drive D: | 371,09 Gb Total Space | 370,99 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Computer Name: RAMBO-PC | User Name: Rambo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.21 16:20:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rambo\Desktop\OTL.exe
PRC - [2011.12.09 12:40:08 | 000,047,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
PRC - [2011.12.09 12:40:07 | 000,577,488 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
PRC - [2011.12.09 12:40:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.09 12:39:54 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.12.09 12:39:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.04.22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
PRC - [2010.01.19 03:31:26 | 000,072,304 | ---- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe
PRC - [2009.12.01 14:13:08 | 000,035,880 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
PRC - [2009.10.21 05:12:50 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.10.15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.10.15 14:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
PRC - [2009.10.02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.10.02 13:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.06.17 16:13:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
PRC - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.02 07:39:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011.11.02 07:39:08 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.11.02 07:39:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.11.02 07:38:55 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011.11.02 07:38:50 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.11.02 07:38:48 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.11.02 07:38:47 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.11.02 07:38:41 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.12.01 14:13:08 | 000,035,880 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
MOD - [2009.06.27 10:11:12 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2009.06.10 16:28:56 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\DBIOS.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.12.09 12:40:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.09 12:39:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.04.26 22:30:00 | 004,213,816 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.19 03:31:26 | 000,072,304 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X)
SRV - [2009.10.15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009.10.02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009.06.17 16:13:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.12.09 12:40:20 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.12.09 12:40:20 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.12.09 12:40:19 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.09.14 23:09:02 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.08.02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.07.08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.04.27 11:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.03.04 14:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.01.27 09:58:38 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010.01.07 03:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTL8187)
DRV:64bit: - [2009.10.26 16:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009.10.26 16:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.10.02 12:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011.12.21 16:16:52 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011.07.19 18:58:05 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2011.02.01 22:41:54 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.04 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 94 95 EF F9 9E 33 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - user.js..browser.search.selectedEngine: "Google"
FF - user.js..browser.search.order.1: "Google"
FF - user.js..browser.search.defaultenginename: "Google"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Rambo\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Rambo\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.23 16:49:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.16 18:02:02 | 000,000,000 | ---D | M]
[2011.01.06 18:22:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rambo\AppData\Roaming\mozilla\Extensions
[2011.11.12 17:56:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rambo\AppData\Roaming\mozilla\Firefox\Profiles\ts2hm3og.default\extensions
[2011.01.17 00:58:47 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Rambo\AppData\Roaming\mozilla\Firefox\Profiles\ts2hm3og.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.02 08:02:27 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Rambo\AppData\Roaming\mozilla\Firefox\Profiles\ts2hm3og.default\extensions\firefox@tvunetworks.com
[2011.12.15 19:44:06 | 000,001,052 | ---- | M] () -- C:\Users\Rambo\AppData\Roaming\Mozilla\Firefox\Profiles\ts2hm3og.default\searchplugins\icqplugin.xml
[2011.07.11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Rambo\AppData\Roaming\Mozilla\Firefox\Profiles\ts2hm3og.default\searchplugins\startsear.xml
[2011.07.08 16:01:21 | 000,003,930 | ---- | M] () -- C:\Users\Rambo\AppData\Roaming\Mozilla\Firefox\Profiles\ts2hm3og.default\searchplugins\sweetim.xml
[2011.11.23 16:49:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\RAMBO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TS2HM3OG.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2011.11.21 05:21:43 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.02.02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.02.25 13:16:46 | 002,409,984 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFp530.dll
[2011.02.25 13:21:50 | 001,467,904 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll
[2011.01.25 10:55:14 | 000,644,096 | ---- | M] (Synatix GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll
[2011.02.13 02:25:56 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\mozilla firefox\plugins\npPandoWebInst.dll
[2011.10.03 10:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2011.11.21 02:17:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.21 02:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.11.21 02:17:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.21 02:17:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.21 02:17:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.21 02:17:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Rambo\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Rambo\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Rambo\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Flatcast Producer Plugin 5.3.0.717 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NpFp530.dll
CHR - plugin: Flatcast Viewer Plugin 5.3.0.717 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv530.dll
CHR - plugin: Gutscheinmieze-Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll
CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Rambo\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google-Suche = C:\Users\Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_1\
CHR - Extension: Chuck Anderson = C:\Users\Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp\3_1\
CHR - Extension: Google Mail = C:\Users\Rambo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_1\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\RunOnce: [DES2] C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2.exe ()
O4 - HKLM..\RunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Rambo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rambo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Öffnen mit WordPerfect - C:\Program Files (x86)\WordPerfect Office X3\Programs\WPLauncher.hta ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Rambo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rambo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Program Files (x86)\WordPerfect Office X3\Programs\WPLauncher.hta ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6D8630A-1325-477B-A009-E2D357A534F7}: DhcpNameServer = 192.168.1.1 193.189.250.99 193.189.244.205
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D026880B-4607-49FD-B3BC-2D37E37C1833}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{294c0380-186d-11e0-9529-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{294c0380-186d-11e0-9529-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe
O33 - MountPoints2\{95032a01-1a7f-11e0-bdbb-1c6f6590ec65}\Shell - "" = AutoRun
O33 - MountPoints2\{95032a01-1a7f-11e0-bdbb-1c6f6590ec65}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Rambo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^0.32845481590782644.exe.lnk - C:\Windows\SysNative\rundll32.exe - (Microsoft Corporation)
MsConfig:64bit - StartUpFolder: C:^Users^Rambo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk - C:\PROGRA~2\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: GAINWARD - hkey= - key= - C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.)
MsConfig:64bit - StartUpReg: ICQ - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: ISUSPM Startup - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: KPeerNexonEU - hkey= - key= - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
MsConfig:64bit - StartUpReg: Malwarebytes' Anti-Malware (reboot) - hkey= - key= - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MsConfig:64bit - StartUpReg: QuickFinder Scheduler - hkey= - key= - C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: RGSC - hkey= - key= - C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll ()
Drivers32:64bit: vidc.mpeg - bdmpegv64.dll ()
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.12.21 16:20:22 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Rambo\Desktop\OTL.exe
[2011.12.20 21:55:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011.12.20 21:54:58 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Rambo\Desktop\esetsmartinstaller_enu.exe
[2011.12.20 19:13:55 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Roaming\Avira
[2011.12.20 19:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.12.20 19:08:18 | 000,130,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.12.20 19:08:18 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.12.20 19:08:18 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011.12.20 19:08:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.12.20 19:08:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.12.20 19:06:22 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{4EE07DE1-5F45-43A3-AC71-B842F348E519}
[2011.12.20 19:06:10 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{095996F7-E2EF-427B-A9A5-ADBD8FAC607A}
[2011.12.20 18:46:09 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.12.20 18:44:33 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\Google
[2011.12.20 15:45:48 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{35316C30-A55A-43BE-B4CE-CF18B867FC46}
[2011.12.20 02:48:34 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Roaming\Malwarebytes
[2011.12.20 02:48:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.20 02:48:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.20 02:48:24 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.20 02:48:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.12.20 02:13:56 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{CBB5335D-1610-4A85-8B0C-BB02A2A28032}
[2011.12.20 00:45:40 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{3BD5C8C6-22F4-43E9-80E4-E1073DEE692D}
[2011.12.19 23:37:39 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{89B606F5-CD36-418A-BE21-EB4F3BAB18E1}
[2011.12.19 23:37:28 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{BC7CF223-3F90-42B7-8713-2B4CFC488128}
[2011.12.19 19:41:30 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{CA8D8C93-FB75-44FA-B5B1-7EB399F0F804}
[2011.12.19 19:41:19 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{8F420AE7-6656-4864-B57B-66FE2C40B6B0}
[2011.12.19 19:39:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.12.19 15:32:25 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{A8AA975A-7271-4B1A-A678-579982398396}
[2011.12.19 15:32:14 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{A742976C-D652-4ABA-A682-241EC45C6A9A}
[2011.12.18 21:11:07 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{74C22AF2-4F84-4BAA-BF1D-BEF83327EF9B}
[2011.12.18 21:10:55 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{171E54D7-C145-4B8A-A81E-D54B0836CAF0}
[2011.12.16 15:16:37 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{FC771171-F8BA-436C-B808-43F3AB8F7BA3}
[2011.12.16 15:16:25 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{62E519EA-EC86-488E-9D74-9C03673735AB}
[2011.12.16 13:43:41 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{0203BD67-6A08-4661-B3D7-FBD0FCF3EA92}
[2011.12.16 13:43:29 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{94782109-4E98-4FBD-B8ED-BB1CCC408B0D}
[2011.12.15 18:44:06 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{7CE9E8D6-5501-4340-BA01-3299C1FAEE3E}
[2011.12.15 18:43:55 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{DD8942A1-4CC6-45BE-950E-CDC713E447B5}
[2011.12.15 15:12:41 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{2B67161A-C36D-4A13-9A17-2BC38C4023EF}
[2011.12.15 15:12:29 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{BECD5FAB-D702-4ACF-8AC5-4B969FF18E4F}
[2011.12.15 07:09:09 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{0CF471CC-4DEF-486C-9DEA-7968F06F79CD}
[2011.12.15 07:08:57 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{C37BA41F-4C66-423E-9AF3-C755CACC4EB3}
[2011.12.14 19:38:20 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{7726ED76-0371-43A2-AE4D-18BADAFD2960}
[2011.12.14 19:38:09 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{6BBADADA-C8CF-4D61-9110-A798874D5A0D}
[2011.12.13 22:14:20 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{6C936644-2CC5-41BD-A504-16B3ED26127B}
[2011.12.13 22:14:09 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{84F7C21F-C6DA-48BC-9B62-82936FA6AFF1}
[2011.12.13 18:15:54 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{E1EECA4A-AD5C-4D7E-A01D-5AE6B8BF8311}
[2011.12.13 18:15:42 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{7716FD1E-D4FC-435E-A52C-2635B58176F7}
[2011.12.12 17:34:49 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{6C5F8C6E-C191-4C29-900B-6222FAFF4B82}
[2011.12.12 17:34:37 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{1741313D-72EB-4190-AC5F-2285A096E1B9}
[2011.12.12 15:16:12 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{248DBDC1-ECF3-498C-84A4-CE72F29FE5EC}
[2011.12.12 15:16:01 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{B49A44AB-64E3-4B1A-BC63-44AD19148B9D}
[2011.12.12 12:11:39 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{4AFC9339-2B95-48C6-993B-2BF1883E01C9}
[2011.12.12 12:11:28 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{EF8AEBCD-D092-4CDA-B7CB-D62335216147}
[2011.12.11 23:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2011.12.11 23:14:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ
[2011.12.11 13:23:46 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{A8B5DF0D-BAAA-49CB-AF8C-45F59C332B65}
[2011.12.11 13:23:34 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{5AB9515D-18E4-4844-8209-AE142038AB9E}
[2011.12.08 21:10:46 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{70759B8E-CDC3-488A-9606-DE7A6F822161}
[2011.12.08 21:10:35 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{954FFC7E-3592-4731-9801-B1CE7F192440}
[2011.12.07 20:53:49 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{F6D8EF02-351E-45B5-8FF7-1243A912358E}
[2011.12.07 20:53:28 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{AB32AA3B-2F87-4C83-AE5B-1E429DF42460}
[2011.12.07 15:28:30 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{8E205421-458A-453E-9985-180D0FE7FEE0}
[2011.12.07 15:28:19 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{92B4FABC-1DC6-4799-B3EA-8E63522D7D5B}
[2011.12.06 14:40:45 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{B7177CD1-7002-4E77-8126-A1BFA52FDFC7}
[2011.12.06 14:40:34 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{DC2517CD-4BC0-4740-AE1B-072F450CC580}
[2011.12.05 10:12:16 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{34C86A36-635D-495B-AF47-F5F76914CDEE}
[2011.12.05 10:12:05 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{3E606C8F-9471-49FB-9C8C-DD27BD218B06}
[2011.12.04 17:13:32 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{0178E64A-5F3E-481F-9179-12FADC0E6EF8}
[2011.12.04 17:13:21 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{C497CD4F-8564-4E9A-8240-7BC11AFCB7AB}
[2011.12.04 12:15:55 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{C5E7FFC0-D3C3-4789-993B-0034755FA269}
[2011.12.04 12:15:44 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{10B8F5C8-A5A3-4B48-AC03-E74CFC344740}
[2011.12.03 19:04:34 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{AB74ED35-C7CF-41CE-8AC4-EE9C3397455B}
[2011.12.03 19:04:23 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{22D76FCE-93F3-4035-B6BA-61FEE24CDE45}
[2011.12.03 13:30:06 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{690FE88E-6911-4A80-96DC-4ED35ACE0DF8}
[2011.12.03 13:29:55 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{14538A51-F455-4A10-A91C-0C3B5660A693}
[2011.12.02 23:49:20 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{442D96A2-64CC-47B7-ACCA-87F31BC2CF7C}
[2011.12.02 23:49:09 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{263FD923-9C34-44BA-99C1-40C6EC88758D}
[2011.12.02 17:20:50 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{7BD731E4-2871-4727-BA3F-A70B78DC6109}
[2011.12.02 17:20:39 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{C9079060-B69C-4E87-A521-DC88DD7745C6}
[2011.12.01 14:21:04 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{A34B06D4-5BE7-44A0-8546-7F3EC842DE15}
[2011.12.01 14:20:53 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{2FF6DC2E-60A7-49A0-AB5D-849CCD881342}
[2011.11.30 16:27:39 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{509863D9-A032-4209-A68E-836861B739E0}
[2011.11.30 16:27:27 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{BDDDE4AD-AC5E-4BE3-AFE3-6E72C3E31B03}
[2011.11.29 22:13:30 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{D8B8565D-8836-468E-B870-BE744D1DBE0E}
[2011.11.29 22:13:18 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{4E98CA36-47EA-40C5-B050-A8E24F14497E}
[2011.11.29 18:53:09 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{8B7AC40E-A7B4-4A01-A905-4A37B1616EC9}
[2011.11.29 18:52:58 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{813A3D31-85EB-49CD-835D-ED95A4D3504C}
[2011.11.29 15:32:42 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{5464647D-94A6-4289-A1C0-A59FD31E111F}
[2011.11.29 15:32:31 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{9EBB26C7-7E74-48BA-ADC3-4F269E3312E4}
[2011.11.29 14:47:44 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{DCA25978-5609-400A-AFFA-FF6228267698}
[2011.11.29 14:47:33 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{2A2E6537-9B31-46C3-AF3C-8D7BD1453105}
[2011.11.29 10:03:13 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{1725965A-5E4B-478F-BC10-CB2CD03217A8}
[2011.11.29 10:03:01 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{CED33FFA-D025-422B-988F-AAF45A5C6FDD}
[2011.11.28 17:47:52 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Roaming\vlc
[2011.11.28 17:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.11.28 16:29:06 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{FF3BBD32-2898-46C8-8DEF-D2B5BD204AD3}
[2011.11.28 16:28:54 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{DBBAD3B4-9EA3-4CB0-8A84-956D20A33B99}
[2011.11.27 13:58:52 | 000,000,000 | ---D | C] -- C:\Users\Rambo\Documents\Assassin's Creed Revelations
[2011.11.26 23:27:18 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2011.11.26 23:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2011.11.26 23:27:12 | 000,000,000 | ---D | C] -- C:\Users\Rambo\Documents\VirtualDJ
[2011.11.26 10:30:14 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{6673048C-702C-4DE6-8F41-687335503F40}
[2011.11.26 10:30:02 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{81A5166D-95E4-4308-8B3F-0C115F381AC8}
[2011.11.25 20:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.11.25 20:13:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.11.25 20:09:48 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{D7ADA500-ECE6-465E-BF64-6F8EAF421078}
[2011.11.25 20:06:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.11.25 20:06:23 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.11.25 20:06:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.11.25 17:44:44 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{D55929D7-92FB-4FBD-A5B3-769270B0EE01}
[2011.11.25 17:44:33 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{5E57868A-246C-49FC-9365-598CD174AEEB}
[2011.11.25 13:35:02 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{6133694F-5388-4D78-9653-9F6B7BE1E7A6}
[2011.11.25 00:53:14 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{7C781908-2063-4B2A-9407-CF183098ED30}
[2011.11.25 00:53:03 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{EE8C8B73-027D-4B55-82DE-06DD7327EEBF}
[2011.11.24 17:58:38 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{BCB5C562-6754-4B21-9C1A-B506BF8FEECF}
[2011.11.24 17:58:27 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{3423836E-F9F1-4FDC-8516-23671E64E1F2}
[2011.11.24 15:29:06 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{A49CEE66-EA3C-4E65-A921-BC7FC7AEA563}
[2011.11.24 15:28:54 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{FCD45803-87AC-41B0-9080-DA415FB27FFF}
[2011.11.23 16:42:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.11.23 16:15:31 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{43747F8A-E708-46AE-8427-C2F544514A44}
[2011.11.23 16:15:19 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{D6DA9891-4CBB-497B-859A-60303B65844C}
[2011.11.23 00:08:26 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{C94F4D6E-80D5-4DCE-9ED5-68743FB59586}
[2011.11.23 00:08:15 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{6390E8A4-F95F-4788-B3F5-E95A6CCD436D}
[2011.11.22 20:53:34 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{CCC78BE0-F80B-4CCC-803A-17153C81D583}
[2011.11.22 20:53:22 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{39C1B0F6-179C-49A3-84A7-C18E846184CC}
[2011.11.22 14:39:54 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{77135A6E-DE8C-4BA1-96E3-FCD652F177BB}
[2011.11.22 14:39:43 | 000,000,000 | ---D | C] -- C:\Users\Rambo\AppData\Local\{451F7E57-7949-4F2A-AE96-EA973EA13BF2}
========== Files - Modified Within 30 Days ==========
[2011.12.21 16:24:58 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.21 16:24:57 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.21 16:20:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rambo\Desktop\OTL.exe
[2011.12.21 16:16:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.21 16:16:20 | 2140,737,535 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.21 01:49:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1108714154-2074935787-2652410400-1000UA.job
[2011.12.20 21:55:01 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Rambo\Desktop\esetsmartinstaller_enu.exe
[2011.12.20 19:08:33 | 000,002,000 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.20 18:59:29 | 000,000,848 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2011.12.20 18:49:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1108714154-2074935787-2652410400-1000Core.job
[2011.12.20 18:46:14 | 000,002,318 | ---- | M] () -- C:\Users\Rambo\Desktop\Google Chrome.lnk
[2011.12.20 02:48:28 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.12.18 14:19:13 | 375,403,873 | ---- | M] () -- C:\Users\Rambo\Desktop\[Dango]Mashiro-Iro Symphony 11 (ger sub) [x264, AAC] [AD2B8B4E].mkv
[2011.12.12 00:12:51 | 375,302,845 | ---- | M] () -- C:\Users\Rambo\Desktop\[Dango]Mashiro-Iro Symphony 10 (ger sub) [x264, AAC] [9E25A1D0].mkv
[2011.12.11 23:29:35 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\Saints Row The Third.lnk
[2011.12.11 14:20:36 | 000,017,200 | ---- | M] () -- C:\Users\Rambo\Desktop\vagigidihe.dlc
[2011.12.09 12:40:20 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.12.09 12:40:20 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011.12.09 12:40:19 | 000,097,312 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.12.03 19:09:51 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.03 19:09:51 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.03 19:09:51 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.03 19:09:51 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.03 19:09:51 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.28 16:27:49 | 004,882,992 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.11.26 23:27:18 | 000,001,056 | ---- | M] () -- C:\Users\Rambo\Desktop\VirtualDJ Home FREE.lnk
[2011.11.24 20:16:23 | 000,164,267 | ---- | M] () -- C:\Users\Rambo\Desktop\One_Piece.jpg
[2011.11.23 16:49:14 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
========== Files Created - No Company Name ==========
[2011.12.20 19:08:33 | 000,002,000 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.20 18:46:14 | 000,002,318 | ---- | C] () -- C:\Users\Rambo\Desktop\Google Chrome.lnk
[2011.12.20 18:45:37 | 375,403,873 | ---- | C] () -- C:\Users\Rambo\Desktop\[Dango]Mashiro-Iro Symphony 11 (ger sub) [x264, AAC] [AD2B8B4E].mkv
[2011.12.20 18:44:34 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1108714154-2074935787-2652410400-1000UA.job
[2011.12.20 18:44:33 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1108714154-2074935787-2652410400-1000Core.job
[2011.12.20 02:48:28 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.12.20 00:07:16 | 375,302,845 | ---- | C] () -- C:\Users\Rambo\Desktop\[Dango]Mashiro-Iro Symphony 10 (ger sub) [x264, AAC] [9E25A1D0].mkv
[2011.12.11 23:29:35 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\Saints Row The Third.lnk
[2011.12.11 14:20:36 | 000,017,200 | ---- | C] () -- C:\Users\Rambo\Desktop\vagigidihe.dlc
[2011.11.26 23:27:18 | 000,001,056 | ---- | C] () -- C:\Users\Rambo\Desktop\VirtualDJ Home FREE.lnk
[2011.11.24 20:16:23 | 000,164,267 | ---- | C] () -- C:\Users\Rambo\Desktop\One_Piece.jpg
[2011.11.23 16:49:14 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.11.23 16:49:14 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.11.20 05:18:24 | 000,000,130 | ---- | C] () -- C:\Windows\Wininit.INI
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011.04.10 00:54:44 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.02.14 03:11:30 | 000,128,023 | ---- | C] () -- C:\Windows\hpwins27.dat
[2011.02.14 03:11:30 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat
[2011.01.15 19:41:38 | 000,007,605 | ---- | C] () -- C:\Users\Rambo\AppData\Local\Resmon.ResmonCfg
[2011.01.15 18:22:08 | 000,000,132 | ---- | C] () -- C:\Users\Rambo\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011.01.14 17:02:35 | 000,000,848 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2011.01.08 01:57:24 | 000,000,000 | ---- | C] () -- C:\Users\Rambo\AppData\Roaming\chrtmp
[2011.01.06 16:15:14 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011.01.06 16:12:09 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\CommCmd.dll
[2011.01.05 19:57:31 | 000,072,304 | ---- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2011.01.05 19:53:32 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010.05.06 11:26:23 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini
[2009.08.27 08:04:14 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 20:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\SysWow64\PSIService.exe
========== LOP Check ==========
[2011.08.17 16:07:09 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\.minecraft
[2011.04.25 16:24:09 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Ashampoo
[2011.01.07 00:33:25 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\DAEMON Tools Lite
[2011.07.22 16:04:34 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Day 1 Studios
[2011.08.01 23:27:14 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\DVDVideoSoft
[2011.06.07 01:10:17 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.20 19:01:21 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\GameRanger
[2011.08.16 22:02:26 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Gutscheinmieze
[2011.07.22 23:36:52 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\ICQ
[2011.01.27 07:30:33 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Leadertech
[2011.01.16 21:12:45 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\mp3DirectCut
[2011.05.07 14:02:23 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\OpenOffice.org
[2011.04.20 14:52:03 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\PunkBuster
[2011.04.10 02:57:17 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Software4u
[2011.01.15 18:20:15 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.07.08 16:36:22 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\TS3Client
[2011.04.15 15:37:44 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Ubisoft
[2011.07.24 23:50:24 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Utherverse
[2011.10.14 15:38:12 | 000,032,764 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.08.17 16:07:09 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\.minecraft
[2011.09.28 14:04:05 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Adobe
[2011.01.15 18:20:15 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Adobe Mini Bridge CS5
[2011.01.14 14:25:04 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Apple Computer
[2011.04.25 16:24:09 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Ashampoo
[2011.12.20 19:13:55 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Avira
[2011.04.15 13:22:54 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Corel
[2011.01.07 00:33:25 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\DAEMON Tools Lite
[2011.07.22 16:04:34 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Day 1 Studios
[2011.08.01 23:27:14 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\DVDVideoSoft
[2011.06.07 01:10:17 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.20 19:01:21 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\GameRanger
[2011.12.20 03:51:28 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Google
[2011.08.16 22:02:26 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Gutscheinmieze
[2011.02.14 03:14:03 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\HP
[2011.07.22 23:36:52 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\ICQ
[2011.01.05 19:51:56 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Identities
[2011.01.05 19:56:57 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\InstallShield
[2011.01.05 20:25:29 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Intel Corporation
[2011.01.27 07:30:33 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Leadertech
[2011.01.06 18:21:44 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Macromedia
[2011.12.20 02:48:34 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Malwarebytes
[2009.07.14 19:18:19 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Media Center Programs
[2011.08.29 03:45:47 | 000,000,000 | --SD | M] -- C:\Users\Rambo\AppData\Roaming\Microsoft
[2011.11.02 07:24:18 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Mozilla
[2011.01.16 21:12:45 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\mp3DirectCut
[2011.11.10 05:21:15 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\NVIDIA
[2011.05.07 14:02:23 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\OpenOffice.org
[2011.04.20 14:52:03 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\PunkBuster
[2011.01.09 18:23:08 | 000,000,000 | RH-D | M] -- C:\Users\Rambo\AppData\Roaming\SecuROM
[2011.04.10 02:57:17 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Software4u
[2011.01.15 18:20:15 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.07.08 16:36:22 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\TS3Client
[2011.04.15 15:37:44 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Ubisoft
[2011.07.24 23:50:24 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\Utherverse
[2011.11.28 18:09:05 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\vlc
[2011.01.06 20:59:34 | 000,000,000 | ---D | M] -- C:\Users\Rambo\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2011.01.31 10:41:54 | 000,810,496 | ---- | M] (Synatix GmbH) -- C:\Users\Rambo\AppData\Roaming\Gutscheinmieze\uninstall.exe
[2011.01.27 16:29:20 | 001,020,928 | ---- | M] (Synatix GmbH) -- C:\Users\Rambo\AppData\Roaming\Gutscheinmieze\ytdl.exe
[2011.08.29 03:45:47 | 000,010,134 | R--- | M] () -- C:\Users\Rambo\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.02.24 16:07:45 | 000,835,440 | R--- | M] () -- C:\Users\Rambo\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2009.10.02 12:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\SysNative\drivers\iaStor.sys
[2009.10.02 12:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b03f80929ac23556\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< >
< End of report >
--- --- --- |
