siggi123 | 29.12.2011 01:36 | Hier das Log vom OTL scan mit der Config
OTL Logfile: Code:
OTL logfile created on: 29.12.2011 01:27:09 - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,67 Gb Available Physical Memory | 66,76% Memory free
7,99 Gb Paging File | 6,19 Gb Available in Paging File | 77,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 37,32 Gb Free Space | 31,32% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 328,41 Gb Free Space | 70,51% Space Free | Partition Type: NTFS
Drive E: | 58,59 Gb Total Space | 58,50 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Drive F: | 220,86 Gb Total Space | 170,05 Gb Free Space | 76,99% Space Free | Partition Type: NTFS
Computer Name: SIGGI-PC | User Name: Siggi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - D:\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe (ASUSTeK Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\DAODx.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\ASUS\SmartDoctor\VOV32.dll ()
MOD - C:\Program Files (x86)\ASUS\SmartDoctor\aticlocklib.dll ()
MOD - C:\Windows\DAODx.exe ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (EIO64) -- C:\Windows\SysNative\drivers\EIO64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (IOMap) -- C:\Windows\SysNative\drivers\IOMap64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (Magic Tune) -- C:\Windows\SysNative\drivers\MTiCtwl.sys (Samsung Electronics, Inc. )
DRV - (AODDriver4.01) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (AODDriver2) -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys (Advanced Micro Devices)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0E 01 33 4A 37 BF CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\Reader10\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.04.26 22:09:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.04.26 22:09:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.21 19:36:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.21 19:36:42 | 000,000,000 | ---D | M]
[2010.12.01 20:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Siggi\AppData\Roaming\mozilla\Extensions
[2010.12.01 20:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Siggi\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.04.23 15:33:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Siggi\AppData\Roaming\mozilla\Firefox\Profiles\yv5k50de.default\extensions
[2011.12.28 18:04:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.12.02 11:36:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.12.02 12:41:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.15 14:45:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.23 15:23:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.27 11:25:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.04.26 22:09:52 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011.04.26 22:09:52 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.03.07 11:16:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.03.07 11:16:26 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.03.07 11:16:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.03.07 11:16:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.03.07 11:16:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.12.27 17:20:16 | 000,439,956 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15125 more lines...
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ASUS SmartDoctor] C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe (ASUSTeK Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O12 - Plugin for: .cdx - C:\Program Files (x86)\Internet Explorer\PLUGINS\Npcdp32.dll (CambridgeSoft.Com)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{549DBD61-C3E1-430C-AD3B-DBB6BA87D162}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e667fb04-fd6e-11df-8e62-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.12.28 12:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011.12.28 12:41:44 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Siggi\Desktop\esetsmartinstaller_enu.exe
[2011.12.28 12:17:02 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{984390CB-A92B-4D0E-AAFE-68677AE6C0A3}
[2011.12.28 12:16:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{676B0CB6-98BA-4F0E-B510-8BA268732F49}
[2011.12.27 18:19:59 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Roaming\Malwarebytes
[2011.12.27 18:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.27 18:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.27 18:19:50 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.27 13:25:33 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B328F867-5265-4669-8E3E-608B49A6D7EC}
[2011.12.27 13:25:11 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{5F25E6FC-1504-41BF-9B08-75C791069222}
[2011.12.26 13:34:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{76502099-7A10-4B7E-8A05-44F48802A1A1}
[2011.12.25 13:24:39 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{0E2CD1CA-3189-4210-9553-5CFC52C45480}
[2011.12.25 13:24:27 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{094C389D-BFFD-4D66-891E-8EDC56FAB003}
[2011.12.24 12:30:59 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{E8488BDE-FCF6-4361-9AE1-A75EC6A3592F}
[2011.12.24 00:34:28 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{58E1AC49-BB7A-457E-8DC2-B369D3F1C77B}
[2011.12.23 21:55:49 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{DC4B2874-5B18-4F9C-84C6-77040A826E90}
[2011.12.23 16:10:28 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3E94D341-2F61-42F9-95D3-0CA2406058B4}
[2011.12.23 11:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSDlife
[2011.12.23 11:50:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BinarySense
[2011.12.23 11:22:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{CEDE75BC-1BF9-4D0B-99DD-5F0E0EE7171E}
[2011.12.23 11:21:43 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{264A42BD-7FAB-4CAF-BEEB-6581E73A0E4D}
[2011.12.22 15:16:00 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{C7203CA9-DEFB-4A2F-BFD9-421DF24C1A11}
[2011.12.22 15:15:38 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{89378933-57A8-492A-85D4-D1C7C3819D25}
[2011.12.22 11:36:45 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{FEAB741E-40C5-4205-8339-D3CE31B3C182}
[2011.12.21 19:04:14 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BBA437C6-0C4D-48B4-BCF1-CEC5285EB99B}
[2011.12.21 19:03:52 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{80867720-C5B9-4A25-BFE5-6AF4624709E1}
[2011.12.20 17:45:18 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{0C3D28B7-CB7C-42A1-BA9A-222010480EE6}
[2011.12.20 17:44:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3AEEE537-730C-4DF8-9502-7F2BF9904D58}
[2011.12.19 17:28:52 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{570B13B9-E91F-4DFB-87EA-5E08C26D1F39}
[2011.12.19 17:28:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{5EF65840-CD8A-43A2-AFDA-523A39904A7B}
[2011.12.18 13:10:28 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{54FF3DD8-6B17-4FE1-8DA4-95B44D03DD16}
[2011.12.18 13:10:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3AEBEC6E-4E00-4DB0-84DF-70D9147B5A55}
[2011.12.17 11:52:41 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{398C19CB-3B92-436E-8A03-E06A028E863B}
[2011.12.17 11:52:30 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{A3A11522-3862-4DFC-9FB3-78F146D3987A}
[2011.12.16 18:14:50 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{CC5E390D-26C7-4358-A886-372798FCE332}
[2011.12.16 18:14:39 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{199B749F-7756-487A-8278-1985855CF8A1}
[2011.12.15 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F6C01BDA-EDEB-4139-B72E-5064D83D568C}
[2011.12.15 17:10:16 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{D9B8F578-113F-4667-A123-906C71E0D3B2}
[2011.12.14 18:55:31 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BBE00D8C-198E-435B-A910-CEB09FA8E0F4}
[2011.12.14 18:46:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F4C1E7D9-7875-4641-8638-6B0022242544}
[2011.12.14 18:04:02 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{8381431F-2926-4002-8117-C0BBD2AE04DE}
[2011.12.14 18:03:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{A630CC3F-B8B8-4C68-A3C4-0E124FA8EE40}
[2011.12.13 20:40:39 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{AFABC5BB-7715-4D39-AE32-90967BAFA398}
[2011.12.13 18:24:54 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F2A24672-1BE6-4A87-A9ED-E8245E95436B}
[2011.12.12 22:34:07 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{DFE55DBB-C4F2-4786-89A6-069471C180BE}
[2011.12.12 19:23:18 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{47231922-97E7-48FB-B016-634D2E0BA8A6}
[2011.12.12 18:33:01 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{EF42163C-EA3F-4F3A-AE7A-BBFBE784CF56}
[2011.12.11 13:06:47 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{008BD398-4823-48C5-9474-FCF702CBF847}
[2011.12.11 13:06:36 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{045A4CBA-072E-4317-9C8F-0EE288A9D7C4}
[2011.12.10 14:07:33 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3BEB0104-920A-4DD7-9A42-8C30B63737C3}
[2011.12.10 14:07:22 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B59B20B9-28BA-4533-87F5-17589F945BBC}
[2011.12.09 13:25:02 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{0F7830BA-5E7D-4036-BE56-F41080B26352}
[2011.12.09 13:24:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BDA098B2-66A2-4E18-A9A3-5C13F3C65FFC}
[2011.12.09 01:48:35 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{DACAD6F3-BB09-45A4-A791-0B094255113C}
[2011.12.08 12:52:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B5D8C887-3A0F-4775-8ED6-57B658622193}
[2011.12.08 12:51:44 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{629C6F96-C382-40EB-B347-6EA44A4C354D}
[2011.12.07 12:58:53 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{4A4A2C1A-6C8B-4ED2-BFF3-6E1EDF7A3C88}
[2011.12.06 12:45:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.12.06 12:45:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011.12.06 12:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011.12.06 12:34:41 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{F1800ADC-E24A-47C7-84B7-8A7F8254CD28}
[2011.12.06 12:34:26 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B308B0FE-80CA-4D07-ADB7-3F5D4801D61A}
[2011.12.05 12:32:35 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{2B7C27F0-7751-4D90-91A5-6B8A1DB76537}
[2011.12.05 12:32:19 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{BB44C220-DE19-40F1-B09B-22559D0EC202}
[2011.12.04 19:24:06 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{4177CEB6-685B-4CC5-B5DE-98C17599CC99}
[2011.12.03 18:47:32 | 000,000,000 | ---D | C] -- C:\Users\Siggi\Documents\Star Wars - The Old Republic
[2011.12.03 18:46:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\Documents\HeroBlade Logs
[2011.12.03 18:02:16 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{26C92C44-8AED-421D-9399-D778D2C47590}
[2011.12.03 18:02:05 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3BD14D84-7794-4420-8DFE-025684D83F24}
[2011.12.03 15:32:44 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{8A8B6D67-458A-4445-A872-577CB430EB1E}
[2011.12.03 12:49:56 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{3E722424-1373-4124-85B8-957F2B7FE695}
[2011.12.02 20:07:51 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{07057D14-E0A0-4912-A978-0EF57705289D}
[2011.12.02 20:07:40 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{D90226D1-A30D-41EC-9481-12F9B8FD6A63}
[2011.12.01 23:14:14 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{A6C2020C-BCC0-4049-8010-C33F60EF4876}
[2011.12.01 23:13:52 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{B78A5BE7-986F-4594-AF1A-3192548202DE}
[2011.11.30 11:26:09 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{42E7C10E-A073-4C05-BC5E-07A352E1DC5B}
[2011.11.30 11:25:58 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{1A9629BB-3343-49FA-AD14-0F572F09C17B}
[2011.11.30 11:23:49 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{AE452F27-33CA-480E-9EB4-0FD598752926}
[2011.11.30 11:23:37 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{73C546C9-B984-4C31-9F93-05F9622F9783}
[2011.11.29 11:08:57 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{2976766A-EAE8-4BB5-ABA7-E59C1B350C56}
[2011.11.29 11:08:42 | 000,000,000 | ---D | C] -- C:\Users\Siggi\AppData\Local\{59237F6F-3F79-407E-806D-8A1675A0CF0A}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.12.28 23:31:27 | 000,016,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.28 23:31:27 | 000,016,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.28 23:29:10 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.28 23:29:10 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.28 23:29:10 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.28 23:29:10 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.28 23:29:10 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.28 23:24:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.28 23:24:14 | 3219,763,200 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.28 21:57:03 | 000,000,721 | ---- | M] () -- C:\Users\Siggi\Desktop\World of Warcraft.lnk
[2011.12.28 12:41:48 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Siggi\Desktop\esetsmartinstaller_enu.exe
[2011.12.28 12:18:19 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011.12.27 17:38:35 | 000,000,000 | ---- | M] () -- C:\Users\Siggi\defogger_reenable
[2011.12.27 17:20:16 | 000,439,956 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.12.21 19:15:49 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.12.21 19:15:49 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.12.13 00:05:51 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.06 21:03:54 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2011.12.06 21:03:19 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.11.29 02:07:07 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.28 12:18:19 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011.12.27 17:38:35 | 000,000,000 | ---- | C] () -- C:\Users\Siggi\defogger_reenable
[2011.11.24 15:20:38 | 002,580,552 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.11.24 14:40:52 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.11.24 14:40:45 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.10.27 22:37:10 | 000,007,597 | ---- | C] () -- C:\Users\Siggi\AppData\Local\Resmon.ResmonCfg
[2011.10.26 02:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.10.26 02:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.10.25 21:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.10.03 11:53:16 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.09.05 23:01:06 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011.09.05 23:01:06 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011.09.05 23:01:06 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011.06.17 18:01:52 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.04.02 19:32:39 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011.02.27 15:18:33 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.01.10 11:59:27 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.13 11:53:46 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.12.10 17:15:41 | 000,259,302 | ---- | C] () -- C:\Windows\hpwins19.dat
[2010.12.10 17:15:41 | 000,000,673 | ---- | C] () -- C:\Windows\hpwmdl19.dat
[2010.12.06 20:25:44 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.12.03 20:58:54 | 000,000,000 | ---- | C] () -- C:\Windows\Bench32.INI
[2010.12.01 20:18:02 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.12.01 20:18:02 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.12.01 20:18:01 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.12.01 20:18:01 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.12.01 18:33:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.12.01 18:26:13 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.12.01 18:26:12 | 000,031,469 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.09.14 16:17:00 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\ASDR.exe
[2009.08.03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009.03.30 07:32:40 | 000,032,768 | R--- | C] () -- C:\Windows\DAODx.exe
========== LOP Check ==========
[2010.12.01 19:54:10 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Canneverbe Limited
[2011.09.09 22:53:46 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Hi-Rez Studios
[2011.10.19 18:10:19 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\ICQ
[2010.12.01 22:37:25 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Leadertech
[2011.05.27 17:24:33 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\LolClient
[2010.12.02 11:37:43 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\OpenOffice.org
[2011.10.26 17:19:13 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Origin
[2010.12.01 20:03:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Thunderbird
[2011.03.22 20:59:19 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\TuneUp Software
[2011.11.23 00:22:37 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Ubisoft
[2011.03.24 01:09:36 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\wargaming.net
[2010.12.16 22:51:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Windows Live Writer
[2011.09.28 11:06:21 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\WordToPDF
[2011.11.29 16:32:15 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.12.02 13:30:56 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Adobe
[2010.12.06 20:36:33 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Apple Computer
[2010.12.01 18:34:04 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\ATI
[2010.12.01 23:51:01 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Avira
[2010.12.01 19:54:10 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Canneverbe Limited
[2011.01.28 17:06:35 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\DivX
[2011.09.09 22:53:46 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Hi-Rez Studios
[2010.12.10 17:21:53 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\HP
[2011.10.19 18:10:19 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\ICQ
[2010.12.01 18:24:01 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Identities
[2011.04.21 18:16:26 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\InstallShield
[2010.12.01 22:37:25 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Leadertech
[2010.12.01 22:36:41 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Logishrd
[2010.12.01 22:37:27 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Logitech
[2011.05.27 17:24:33 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\LolClient
[2010.12.01 20:20:50 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Macromedia
[2011.12.27 18:19:59 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Malwarebytes
[2009.07.14 19:18:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Media Center Programs
[2011.12.27 17:16:57 | 000,000,000 | --SD | M] -- C:\Users\Siggi\AppData\Roaming\Microsoft
[2011.05.28 10:38:18 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\mIRC
[2010.12.01 18:36:20 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Mozilla
[2010.12.02 11:37:43 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\OpenOffice.org
[2011.10.26 17:19:13 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Origin
[2010.12.01 20:03:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Thunderbird
[2011.03.22 20:59:19 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\TuneUp Software
[2011.11.23 00:22:37 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Ubisoft
[2011.04.02 19:34:38 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Ventrilo
[2011.09.16 15:40:59 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\vlc
[2011.03.24 01:09:36 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\wargaming.net
[2010.12.16 22:51:34 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\Windows Live Writer
[2010.12.03 20:57:18 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\WinRAR
[2011.09.28 11:06:21 | 000,000,000 | ---D | M] -- C:\Users\Siggi\AppData\Roaming\WordToPDF
< %APPDATA%\*.exe /s >
[2010.12.01 22:37:25 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2010.12.01 23:19:28 | 000,046,488 | R--- | M] (Acresso Software Inc.) -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}\ARPPRODUCTICON.exe
[2010.12.01 23:19:28 | 000,079,256 | R--- | M] (Acresso Software Inc.) -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}\NewShortcut1_63DEE96284054F8694636FE381A5574C.exe
[2010.12.01 23:19:28 | 000,079,256 | R--- | M] (Acresso Software Inc.) -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}\NewShortcut2_F1AD8C9A37F84A18ADCD99FB67588A13.exe
[2010.12.01 23:19:28 | 000,079,256 | R--- | M] (Acresso Software Inc.) -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}\UsersGuide_CAFE62D54E534DE1A75D0E8D057FA709.exe
[2011.10.31 16:59:44 | 000,007,902 | R--- | M] () -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{B1C145A4-E36E-4ABB-A8FA-EBD5168AFB45}\ARPIcon.exe
[2011.10.31 16:59:44 | 000,069,632 | R--- | M] () -- C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{B1C145A4-E36E-4ABB-A8FA-EBD5168AFB45}\_F2475BE884FE_4D10_8135_47C85E4D7080.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4FC01C57
< End of report > --- --- --- |