jgswcrnk | 15.06.2012 22:16 | [code]
HiJackthis Logfile: Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:15:36, on 15.06.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Alex\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AdblockIE - {90EFF544-3981-4d46-85C9-C0361D0931D6} - mscoree.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-21-2380579043-224327424-4130863296-1022\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2380579043-224327424-4130863296-1022\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\npjpi160_29.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\npjpi160_29.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: E-MU Audio Service (emaudsv) - Unknown owner - C:\Windows\system32\emaudsv.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Synchro Arts License Manager - Synchro Arts Ltd - C:\Program Files (x86)\Common Files\Synchro Arts Shared\License.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Volumeschattenkopie (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12089 bytes --- --- ---
OTL Logfile: Code:
OTL logfile created on: 15.06.2012 22:16:56 - Run 8
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Alex\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 5,81 Gb Available Physical Memory | 72,59% Memory free
16,00 Gb Paging File | 13,73 Gb Available in Paging File | 85,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 55,97 Gb Free Space | 12,02% Space Free | Partition Type: NTFS
Drive F: | 3,78 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 372,61 Gb Total Space | 25,85 Gb Free Space | 6,94% Space Free | Partition Type: NTFS
Drive H: | 349,32 Gb Total Space | 27,26 Gb Free Space | 7,80% Space Free | Partition Type: NTFS
Drive I: | 349,32 Gb Total Space | 225,03 Gb Free Space | 64,42% Space Free | Partition Type: NTFS
Drive L: | 931,46 Gb Total Space | 260,38 Gb Free Space | 27,95% Space Free | Partition Type: NTFS
Computer Name: SHOGUN | User Name: Alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.14 20:33:28 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Users\Alex\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012.06.13 09:22:01 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
PRC - [2012.06.11 18:45:28 | 000,550,872 | ---- | M] (Binary Fortress Software) -- C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
PRC - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.04.04 07:53:56 | 000,815,512 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2012.03.13 09:47:52 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.10.17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.10.17 15:12:48 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.10.04 14:13:30 | 000,064,512 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.23 16:15:58 | 000,704,760 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
PRC - [2008.02.22 10:01:58 | 000,175,488 | ---- | M] (Synchro Arts Ltd) -- C:\Program Files (x86)\Common Files\Synchro Arts Shared\License.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.13 13:11:22 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.06.13 13:11:12 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.13 12:53:44 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0767c3bc7cd93daf38517843d29ce808\IAStorUtil.ni.dll
MOD - [2012.06.13 12:41:39 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.10 19:10:30 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.06.10 19:10:29 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.06.10 19:10:29 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\9eed0fcdc582550a65536d1150b49574\IAStorCommon.ni.dll
MOD - [2012.06.10 19:09:01 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.06.10 19:08:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.06.10 14:19:31 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.06.10 14:19:26 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 19:58:10 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.04.09 17:31:50 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010.12.28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2010.10.06 23:40:30 | 000,026,624 | ---- | M] (E-MU Systems) [Auto | Running] -- C:\Windows\SysNative\emaudsv.exe -- (emaudsv)
SRV:64bit: - [2010.05.02 17:44:30 | 000,039,424 | ---- | M] (KSE - Korndörfer Software Engineering) [Auto | Running] -- C:\Program Files\nHancer\nHancerService.exe -- (nHancer)
SRV:64bit: - [2009.07.17 15:31:34 | 004,948,992 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.06.15 00:32:44 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.03.13 09:47:52 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.02.09 13:13:24 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.10.17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011.09.19 17:59:40 | 000,278,336 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2011.03.01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.12.17 17:27:51 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2010.10.04 14:13:30 | 000,064,512 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010.03.23 16:15:58 | 000,704,760 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.16 15:10:16 | 000,332,720 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.02.22 10:01:58 | 000,175,488 | ---- | M] (Synchro Arts Ltd) [Auto | Running] -- C:\Program Files (x86)\Common Files\Synchro Arts Shared\License.exe -- (Synchro Arts License Manager)
SRV - [2007.08.23 14:53:42 | 000,571,160 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exe -- (AcrSch2Svc)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder iPod Edition x64\SysInfoX64.sys -- (CrystalSysInfo)
DRV:64bit: - [2012.05.29 14:15:30 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vncmirror.sys -- (vncmirror)
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.09 10:57:36 | 000,023,816 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.13 10:07:32 | 000,106,408 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2011.11.15 11:20:30 | 000,167,936 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2011.11.15 11:20:30 | 000,075,776 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2011.11.03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.10.17 14:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.09.02 08:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.09.02 08:30:02 | 000,032,536 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2011.08.01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.10.06 23:42:06 | 000,215,000 | ---- | M] (E-MU Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emusba10.sys -- (emusba10)
DRV:64bit: - [2010.09.21 10:07:08 | 000,312,184 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcSec.sys -- (ArcSec)
DRV:64bit: - [2010.07.29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.06.16 22:33:40 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2010.05.05 07:33:00 | 000,811,520 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SmiUsbGrabber3C.sys -- (SMIGrabber3C)
DRV:64bit: - [2010.03.31 03:10:18 | 000,450,048 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187B.sys -- (RTL8187B)
DRV:64bit: - [2010.02.05 15:30:40 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2009.11.04 17:58:03 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.09.28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.09.23 10:42:58 | 000,033,856 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.09.16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009.09.11 12:49:18 | 000,076,552 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2009.09.11 12:49:08 | 000,015,880 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2009.09.11 12:48:46 | 000,041,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009.09.11 12:48:36 | 000,026,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2009.09.01 17:58:37 | 000,207,872 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\ithsgt.sys -- (ithsgt)
DRV:64bit: - [2009.09.01 17:58:37 | 000,021,504 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lilsgt.sys -- (lilsgt)
DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.29 21:02:42 | 000,031,744 | ---- | M] (hxxp://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009.07.14 02:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009.07.14 02:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.04.06 09:13:46 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2009.04.06 09:13:46 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2009.03.15 12:32:56 | 000,085,424 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009.02.09 04:29:00 | 000,176,680 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv61xx.sys -- (mv61xx)
DRV:64bit: - [2008.11.12 08:51:34 | 000,022,568 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mrdd.sys -- (mrdd)
DRV:64bit: - [2008.06.17 10:22:24 | 000,040,464 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcd10bus.sys -- (vcd10bus)
DRV:64bit: - [2008.01.27 19:31:00 | 000,013,824 | ---- | M] (nerds.de) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\loopbe1.sys -- (LoopBeMidi1) nerds.de LoopBe1 - Internal Midi Port SvcDesc(WDM)
DRV:64bit: - [2007.08.20 12:05:02 | 000,012,744 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV:64bit: - [2007.01.23 10:20:34 | 000,040,216 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcd9bus.sys -- (vcd9bus)
DRV:64bit: - [2006.11.16 16:58:46 | 000,031,248 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\synUSB64.sys -- (SynasUSB)
DRV:64bit: - [2006.10.31 17:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2005.10.28 11:38:12 | 000,493,440 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZD1211BU.sys -- (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS)
DRV:64bit: - [2005.10.04 15:38:50 | 000,354,048 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZD1211U.sys -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2011.12.12 18:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.09.01 17:58:41 | 000,162,432 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\ithsgt.sys -- (ithsgt)
DRV - [2009.09.01 17:58:41 | 000,012,032 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\lilsgt.sys -- (lilsgt)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.03.20 11:33:26 | 000,028,672 | ---- | M] (hxxp://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
DRV - [2005.08.02 14:10:14 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\npf.sys -- (NPF)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 21 99 0D 4A 4A CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\..\SearchScopes,DefaultScope = {F1BD4918-58B9-4A63-A5C3-A79303CD7BC8}
IE - HKCU\..\SearchScopes\{F1BD4918-58B9-4A63-A5C3-A79303CD7BC8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll (Microsoft Research)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alex\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alex\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Alex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 16.0a1\extensions\\Components: C:\PROGRAM FILES\NIGHTLY\COMPONENTS [2012.06.14 21:04:03 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 16.0a1\extensions\\Plugins: C:\PROGRAM FILES\NIGHTLY\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.06.06 14:09:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.17 01:08:38 | 000,000,000 | ---D | M]
[2012.06.15 17:19:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions
[2012.06.15 17:19:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions\celtx@celtx.com
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2012.06.14 18:16:59 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\npjpi160_29.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16:64bit: - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel64_4.5.5.0.cab (SysInfo Class)
O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F756BC0-FC3B-4212-935C-16D3A818833D}: DhcpNameServer = 192.168.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A89F0EFD-D773-491C-8FAA-CE1403EF6523}: DhcpNameServer = 192.168.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3431957-2AC6-4042-8CA0-D90B6DCAD96B}: DhcpNameServer = 192.168.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDDC5D82-0E67-4B39-8E8B-40B48E44AAAA}: DhcpNameServer = 192.168.2.2
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.15 22:12:10 | 000,000,084 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2004.09.22 04:35:20 | 000,000,061 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.06.15 21:29:00 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\LucasArts
[2012.06.15 21:28:59 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\LucasArts
[2012.06.15 19:15:03 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Star Wars - The Force Unleashed II
[2012.06.15 19:15:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
[2012.06.15 17:02:03 | 006,151,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.06.15 17:02:03 | 003,149,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.06.15 17:02:03 | 002,561,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.06.15 17:02:03 | 000,118,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.06.15 17:02:03 | 000,063,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.06.15 17:01:41 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.06.15 17:01:41 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.06.15 17:00:46 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.06.15 17:00:46 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.06.15 17:00:46 | 018,044,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.06.15 17:00:46 | 015,322,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.06.15 17:00:46 | 010,194,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.06.15 17:00:46 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.06.15 17:00:46 | 008,105,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.06.15 17:00:46 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.06.15 17:00:46 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.06.15 17:00:46 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.06.15 17:00:46 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.06.15 17:00:46 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.06.15 17:00:46 | 001,738,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.06.15 17:00:46 | 001,468,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012.06.15 17:00:46 | 000,949,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012.06.15 17:00:46 | 000,818,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012.06.15 17:00:46 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012.06.15 17:00:46 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012.06.15 17:00:46 | 000,246,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012.06.15 17:00:46 | 000,202,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012.06.15 17:00:45 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.06.15 17:00:45 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.06.15 17:00:45 | 002,741,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.06.15 17:00:45 | 002,368,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.06.15 16:18:45 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2012.06.15 13:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartFTP Client
[2012.06.15 13:18:33 | 000,000,000 | ---D | C] -- C:\Program Files\SmartFTP Client
[2012.06.15 10:26:12 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\SmartFTP
[2012.06.15 10:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartFTP Client 4.0 (x64) Setup Files
[2012.06.15 09:23:35 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
[2012.06.15 09:18:04 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\newpost_2
[2012.06.15 01:17:42 | 000,037,704 | ---- | C] (RealVNC Ltd) -- C:\Windows\SysNative\VNCpm.dll
[2012.06.15 01:17:15 | 000,026,112 | ---- | C] (RealVNC Ltd.) -- C:\Windows\SysNative\vncmirror.dll
[2012.06.15 01:17:15 | 000,004,608 | ---- | C] (RealVNC Ltd.) -- C:\Windows\SysNative\drivers\vncmirror.sys
[2012.06.14 21:49:17 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.06.14 21:20:44 | 000,000,000 | ---D | C] -- C:\Downloads
[2012.06.14 21:20:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)
[2012.06.14 21:20:38 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\BitComet
[2012.06.14 21:20:36 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2012.06.14 21:04:21 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\uTorrent
[2012.06.14 20:58:06 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Mozilla
[2012.06.14 20:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\Nightly
[2012.06.14 20:43:09 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Mozilla
[2012.06.14 20:35:41 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Opera
[2012.06.14 20:35:41 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Opera
[2012.06.14 20:35:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera x64
[2012.06.14 20:35:37 | 000,000,000 | ---D | C] -- C:\Program Files\Opera x64
[2012.06.14 20:08:42 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\trojanerboard
[2012.06.14 18:32:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.06.14 18:21:06 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.06.14 17:44:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.06.13 23:16:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012.06.13 13:55:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.06.13 11:09:46 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.06.13 11:09:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.06.13 11:09:44 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.06.13 11:09:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.06.13 11:09:41 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.06.13 11:09:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.06.13 11:09:41 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.06.13 11:09:41 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.06.13 11:09:37 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.06.13 11:09:37 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.06.13 11:09:36 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.06.13 11:09:35 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.06.13 11:09:35 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.06.13 09:34:18 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.06.13 09:34:18 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.13 09:34:18 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.06.13 09:34:13 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.06.13 09:34:09 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.06.13 09:34:09 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.06.13 09:34:07 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.06.13 09:34:02 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.06.13 09:33:57 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.06.13 09:33:55 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.06.13 09:26:26 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.06.13 00:09:10 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Malwarebytes
[2012.06.13 00:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.12 23:32:57 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2012.06.12 17:21:15 | 000,000,000 | ---D | C] -- C:\.fseventsd
[2012.06.12 10:21:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\af0.net
[2012.06.12 00:31:36 | 000,000,000 | ---D | C] -- C:\SMCLpav
[2012.06.11 19:30:40 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\PCPro
[2012.06.11 19:30:40 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\PC Cleaners
[2012.06.11 19:30:38 | 005,276,432 | ---- | C] (PC Cleaners) -- C:\Windows\uninst.exe
[2012.06.11 19:30:37 | 000,000,000 | ---D | C] -- C:\ProgramData\PC1Data
[2012.06.10 23:37:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.10 23:10:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2012.06.10 23:10:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2012.06.10 18:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012.06.10 18:16:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012.06.10 16:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2012.06.09 15:35:10 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Max Payne Savegames
[2012.06.09 15:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne
[2012.06.07 14:02:26 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2012.06.07 14:02:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2012.06.06 19:12:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012.06.06 17:54:41 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\regbak
[2012.06.06 17:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012.06.06 14:44:16 | 000,046,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda32.sys
[2012.06.06 14:17:07 | 000,501,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvuhda6.exe
[2012.06.06 14:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.06.06 13:50:33 | 000,268,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.06.06 13:50:28 | 000,189,384 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.06.06 13:50:28 | 000,188,872 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.06.06 13:38:26 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012.06.06 13:37:47 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.06.06 13:37:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.06.06 13:37:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.06.06 10:17:26 | 000,023,816 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2012.06.06 10:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012.06.02 12:59:01 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012.06.01 23:48:17 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Samsung
[2012.06.01 23:48:10 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Samsung
[2012.06.01 23:48:08 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\samsung
[2012.06.01 23:25:26 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012.06.01 23:24:45 | 000,054,272 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\SysNative\libusb0.dll
[2012.06.01 23:24:45 | 000,042,496 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\SysWow64\libusb0.dll
[2012.06.01 23:24:45 | 000,031,744 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\SysNative\drivers\libusb0.sys
[2012.06.01 23:21:04 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2012.06.01 23:20:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2012.06.01 23:20:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012.06.01 22:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2012.05.30 10:01:27 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Greyfirst
[2012.05.30 10:01:27 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Greyfirst
[2012.05.30 10:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celtx
[2012.05.30 10:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Celtx
[2012.05.29 19:16:08 | 000,000,000 | ---D | C] -- C:\WMSDK
[2012.05.29 18:47:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\HDAudio
[2012.05.29 12:39:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.05.29 12:39:52 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision X
[2012.05.29 12:39:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EVGA Precision X
[2012.05.29 00:36:15 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\WB Games
[2012.05.27 17:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft KitSetup
[2012.05.27 16:33:23 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Visual Studio 2008
[2012.05.27 15:00:29 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Sony Corporation
[2012.05.27 15:00:29 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\PS Vita
[2012.05.27 12:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WunderWorks
[2012.05.27 12:05:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WunderWorks
[2012.05.27 11:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xpadder
[2012.05.26 11:42:15 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\VocALignVST3
[2012.05.25 17:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Blackmagic Design
[2012.05.25 17:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA GPU Computing Toolkit
[2012.05.23 22:00:38 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\XNote Stopwatch
[2012.05.23 22:00:35 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XNote Stopwatch
[2012.05.23 22:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XNote Stopwatch
[2012.05.23 22:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XNote Stopwatch
[2012.05.23 18:49:32 | 000,569,344 | ---- | C] ((c) MusicCity) -- C:\Windows\SysWow64\muzdecode.ax
[2012.05.23 18:49:32 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.dll
[2012.05.23 18:49:32 | 000,352,256 | ---- | C] (Sample Corporation) -- C:\Windows\SysWow64\MSLUR71.dll
[2012.05.23 18:49:32 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- C:\Windows\SysWow64\muzoggsp.ax
[2012.05.23 18:49:32 | 000,245,760 | ---- | C] (Teruten Inc.) -- C:\Windows\SysWow64\MSCLib.dll
[2012.05.23 18:49:32 | 000,200,704 | ---- | C] ( (c) MusicCity) -- C:\Windows\SysWow64\muzwmts.dll
[2012.05.23 18:49:32 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.exe
[2012.05.23 18:49:32 | 000,155,648 | ---- | C] (Teruten Inc.) -- C:\Windows\SysWow64\MSFLib.dll
[2012.05.23 18:49:32 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzaf1.dll
[2012.05.23 18:49:32 | 000,131,072 | ---- | C] ((c) MusicCity) -- C:\Windows\SysWow64\muzmpgsp.ax
[2012.05.23 18:49:32 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- C:\Windows\SysWow64\muzeffect.ax
[2012.05.23 18:49:32 | 000,118,784 | ---- | C] ((주)마크애니) -- C:\Windows\SysWow64\MaDRM.dll
[2012.05.23 18:49:32 | 000,110,592 | ---- | C] ((c) MusicCity) -- C:\Windows\SysWow64\muzmp4sp.ax
[2012.05.23 18:49:32 | 000,057,344 | ---- | C] (Marktek) -- C:\Windows\SysWow64\MK_Lyric.dll
[2012.05.23 18:49:32 | 000,057,344 | ---- | C] (Marktek Inc.) -- C:\Windows\SysWow64\MTXSYNCICON.dll
[2012.05.23 18:49:32 | 000,049,152 | ---- | C] ((주) 마크애니) -- C:\Windows\SysWow64\MaJGUILib.dll
[2012.05.23 18:49:32 | 000,045,320 | ---- | C] (MARKANY) -- C:\Windows\SysWow64\MAMACExtract.dll
[2012.05.23 18:49:32 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\SysWow64\MaXMLProto.dll
[2012.05.23 18:49:32 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\SysWow64\MACXMLProto.dll
[2012.05.23 18:49:32 | 000,040,960 | ---- | C] (Telechips Inc.,) -- C:\Windows\SysWow64\MTTELECHIP.dll
[2012.05.23 18:49:32 | 000,024,576 | ---- | C] ((주)마크애니) -- C:\Windows\SysWow64\MASetupCleaner.exe
[2012.05.23 16:54:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex\AppData\Roaming\Common
[2012.05.23 14:41:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2012.05.22 23:06:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D565E85A-7602-4965-8B03-55D249C138D6}
[2012.05.22 23:05:20 | 000,000,000 | ---D | C] -- C:\ProgramData\{20EFD19B-675C-417B-A498-B0161D72FF88}
[2012.05.22 23:04:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F94F0CF6-942F-4A5D-BDAE-824B2EB35AD7}
[2012.05.22 17:18:21 | 000,000,000 | ---D | C] -- C:\Users\Alex\.MakeMKV
[2012.05.22 17:17:18 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
[2012.05.22 17:17:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MakeMKV
[2012.05.19 21:42:19 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Celemony
[2012.05.19 01:02:44 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\SPL Plug-Ins
[2012.05.19 01:02:43 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Plugin Alliance
[2012.05.19 00:32:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sound Performance Lab
[2012.05.19 00:32:52 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sound Performance Lab
[2012.05.18 23:46:54 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iZotope
[2012.05.18 23:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Celemony
[2012.05.18 23:35:33 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Celemony
[2012.05.18 23:35:33 | 000,000,000 | ---D | C] -- C:\Program Files\Celemony
[2012.05.18 03:52:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C2686527-0D57-4F0B-ADAB-EE203CA30FC6}
[2012.05.18 02:56:31 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
[2012.05.18 01:45:20 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Untitled
[2012.05.18 01:32:43 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Fragmente
[2012.05.17 20:12:03 | 000,000,000 | ---D | C] -- C:\Users\Alex\Adobe Flash Builder 4.6
[2012.05.17 20:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
[2012.05.17 19:12:33 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.05.17 18:55:26 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2012.05.17 18:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Support Advisor
[2012.05.17 17:33:28 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.05.17 17:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2011.05.20 07:26:24 | 170,063,832 | ---- | C] (Frictional Games ) -- C:\Users\Alex\AppData\Roaming\amnesia_tdd_1.2_update.exe
[28 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.06.15 21:39:58 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2380579043-224327424-4130863296-1000UA.job
[2012.06.15 21:32:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.15 21:10:07 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2380579043-224327424-4130863296-1000Core.job
[2012.06.15 21:10:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.15 17:51:33 | 012,127,714 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.15 17:51:33 | 004,061,574 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.15 17:51:33 | 003,734,808 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.15 17:51:33 | 003,345,760 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.15 17:51:33 | 000,007,118 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.15 17:25:04 | 000,013,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.15 17:25:04 | 000,013,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.15 17:16:20 | 2146,734,079 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.15 17:15:08 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012.06.15 11:50:55 | 000,000,132 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012.06.15 00:32:44 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.15 00:32:44 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.14 18:16:59 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.06.13 12:37:37 | 000,000,484 | RHS- | M] () -- C:\Users\Alex\ntuser.pol
[2012.06.13 12:36:56 | 005,120,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.13 09:26:27 | 000,003,003 | ---- | M] () -- C:\Users\Alex\Desktop\HiJackThis.lnk
[2012.06.13 09:22:01 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
[2012.06.12 23:37:47 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.06.11 19:30:15 | 005,276,432 | ---- | M] (PC Cleaners) -- C:\Windows\uninst.exe
[2012.06.10 18:16:59 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.06.10 18:16:06 | 000,007,020 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.10 12:35:01 | 000,000,550 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012.06.10 12:09:19 | 000,000,000 | ---- | M] () -- C:\netsh
[2012.06.10 12:08:45 | 000,000,000 | ---- | M] () -- C:\Users\Alex\netsh
[2012.06.10 10:43:38 | 001,666,641 | ---- | M] () -- C:\ProgramData\bdinstall.bin
[2012.06.10 01:57:09 | 000,381,062 | ---- | M] () -- C:\Users\Alex\Documents\bookmarks_10.06.12.html
[2012.06.10 01:49:21 | 000,076,522 | ---- | M] () -- C:\Users\Alex\Documents\bookmark_ie.htm
[2012.06.06 13:50:24 | 000,955,848 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll
[2012.06.06 13:50:24 | 000,839,112 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.06.06 13:50:24 | 000,268,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.06.06 13:50:24 | 000,189,384 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.06.06 13:50:24 | 000,188,872 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.06.06 13:38:20 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012.06.06 13:38:20 | 000,567,184 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.06.03 23:06:09 | 000,215,139 | ---- | M] () -- C:\Users\Alex\Documents\bookmarks_03.06.12.html
[2012.05.30 23:01:05 | 000,000,747 | ---- | M] () -- C:\Users\Alex\Documents\xiwnik_echo_haha.xps
[2012.05.29 14:15:30 | 000,037,704 | ---- | M] (RealVNC Ltd) -- C:\Windows\SysNative\VNCpm.dll
[2012.05.29 14:15:30 | 000,026,112 | ---- | M] (RealVNC Ltd.) -- C:\Windows\SysNative\vncmirror.dll
[2012.05.29 14:15:30 | 000,004,608 | ---- | M] (RealVNC Ltd.) -- C:\Windows\SysNative\drivers\vncmirror.sys
[2012.05.28 22:59:19 | 000,000,846 | ---- | M] () -- C:\Users\Alex\Documents\doublesrap_trueverb.xps
[2012.05.28 22:59:00 | 000,001,108 | ---- | M] () -- C:\Users\Alex\Documents\doublesrap_q10.xps
[2012.05.28 18:54:09 | 000,000,138 | ---- | M] () -- C:\Windows\VocALign.ini
[2012.05.26 00:07:37 | 000,005,632 | ---- | M] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.25 19:24:28 | 000,151,552 | ---- | M] () -- C:\Windows\SysWow64\nvRegDev.dll
[2012.05.25 19:24:28 | 000,040,960 | ---- | M] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2012.05.25 18:35:50 | 000,012,292 | ---- | M] () -- C:\Users\Alex\.DS_Store
[2012.05.25 18:35:43 | 000,015,364 | ---- | M] () -- C:\.DS_Store
[2012.05.25 18:15:52 | 000,012,292 | ---- | M] () -- C:\Users\Alex\Documents\.DS_Store
[2012.05.25 06:54:04 | 000,006,148 | ---- | M] () -- C:\Program Files\Common Files\.DS_Store
[2012.05.25 06:53:54 | 000,006,148 | ---- | M] () -- C:\Program Files\.DS_Store
[2012.05.23 18:50:06 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2012.05.23 18:49:32 | 000,974,848 | ---- | M] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.05.23 18:49:32 | 000,569,344 | ---- | M] ((c) MusicCity) -- C:\Windows\SysWow64\muzdecode.ax
[2012.05.23 18:49:32 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.dll
[2012.05.23 18:49:32 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\SysWow64\MSLUR71.dll
[2012.05.23 18:49:32 | 000,258,048 | ---- | M] ((c) PeeringPortal) -- C:\Windows\SysWow64\muzoggsp.ax
[2012.05.23 18:49:32 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\SysWow64\MSCLib.dll
[2012.05.23 18:49:32 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\SysWow64\muzwmts.dll
[2012.05.23 18:49:32 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzapp.exe
[2012.05.23 18:49:32 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\SysWow64\MSFLib.dll
[2012.05.23 18:49:32 | 000,143,360 | ---- | M] () -- C:\Windows\SysWow64\3DAudio.ax
[2012.05.23 18:49:32 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\SysWow64\muzaf1.dll
[2012.05.23 18:49:32 | 000,131,072 | ---- | M] ((c) MusicCity) -- C:\Windows\SysWow64\muzmpgsp.ax
[2012.05.23 18:49:32 | 000,122,880 | ---- | M] ((c) MUSICCITY) -- C:\Windows\SysWow64\muzeffect.ax
[2012.05.23 18:49:32 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\SysWow64\MaDRM.dll
[2012.05.23 18:49:32 | 000,110,592 | ---- | M] ((c) MusicCity) -- C:\Windows\SysWow64\muzmp4sp.ax
[2012.05.23 18:49:32 | 000,081,920 | ---- | M] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.05.23 18:49:32 | 000,065,536 | ---- | M] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.05.23 18:49:32 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\SysWow64\MK_Lyric.dll
[2012.05.23 18:49:32 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\SysWow64\MTXSYNCICON.dll
[2012.05.23 18:49:32 | 000,057,344 | ---- | M] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.05.23 18:49:32 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWow64\MaJGUILib.dll
[2012.05.23 18:49:32 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\SysWow64\MAMACExtract.dll
[2012.05.23 18:49:32 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWow64\MaXMLProto.dll
[2012.05.23 18:49:32 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\SysWow64\MACXMLProto.dll
[2012.05.23 18:49:32 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\SysWow64\MTTELECHIP.dll
[2012.05.23 18:49:32 | 000,024,576 | ---- | M] ((주)마크애니) -- C:\Windows\SysWow64\MASetupCleaner.exe
[2012.05.18 23:50:05 | 000,000,016 | ---- | M] () -- C:\Windows\SysWow64\w3data.vss
[2012.05.18 23:50:05 | 000,000,016 | ---- | M] () -- C:\Windows\msocreg32.dat
[2012.05.18 04:06:48 | 002,311,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.05.18 03:58:39 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.05.18 03:58:15 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.05.18 03:55:22 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.05.18 03:55:06 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.05.18 03:51:49 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.05.18 03:47:42 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.05.18 01:45:20 | 000,005,077 | ---- | M] () -- C:\Users\Alex\Documents\Untitled.ncor
[2012.05.18 01:37:47 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI
[2012.05.18 00:35:39 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.05.18 00:33:08 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.05.18 00:29:45 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.05.18 00:29:30 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.05.18 00:25:17 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.05.18 00:20:42 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.05.17 18:00:18 | 000,002,368 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\bak\hosts
========== Files Created - No Company Name ==========
[2012.06.15 17:02:03 | 002,621,723 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012.06.15 17:00:46 | 000,014,324 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.06.14 20:58:03 | 000,000,817 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nightly.lnk
[2012.06.14 20:35:39 | 000,001,787 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012.06.14 20:33:31 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2380579043-224327424-4130863296-1000UA.job
[2012.06.14 20:33:30 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2380579043-224327424-4130863296-1000Core.job
[2012.06.13 09:26:27 | 000,003,003 | ---- | C] () -- C:\Users\Alex\Desktop\HiJackThis.lnk
[2012.06.12 23:37:47 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.06.10 18:16:59 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012.06.10 18:16:09 | 000,001,891 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.06.10 12:09:19 | 000,000,000 | ---- | C] () -- C:\netsh
[2012.06.10 12:08:35 | 000,000,000 | ---- | C] () -- C:\Users\Alex\netsh
[2012.06.10 01:49:21 | 000,076,522 | ---- | C] () -- C:\Users\Alex\Documents\bookmark_ie.htm
[2012.06.10 01:42:04 | 000,381,062 | ---- | C] () -- C:\Users\Alex\Documents\bookmarks_10.06.12.html
[2012.06.06 11:29:43 | 000,002,053 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4.1 64-Bit.lnk
[2012.06.03 23:06:09 | 000,215,139 | ---- | C] () -- C:\Users\Alex\Documents\bookmarks_03.06.12.html
[2012.05.30 23:01:03 | 000,000,747 | ---- | C] () -- C:\Users\Alex\Documents\xiwnik_echo_haha.xps
[2012.05.28 22:59:18 | 000,000,846 | ---- | C] () -- C:\Users\Alex\Documents\doublesrap_trueverb.xps
[2012.05.28 22:58:58 | 000,001,108 | ---- | C] () -- C:\Users\Alex\Documents\doublesrap_q10.xps
[2012.05.25 19:24:45 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2012.05.25 19:24:29 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2012.05.25 06:53:54 | 000,006,148 | ---- | C] () -- C:\Program Files\Common Files\.DS_Store
[2012.05.25 06:53:54 | 000,006,148 | ---- | C] () -- C:\Program Files\.DS_Store
[2012.05.23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.05.23 18:49:32 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\3DAudio.ax
[2012.05.23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.05.23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.05.23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.05.22 19:34:30 | 000,000,986 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live 8.lnk
[2012.05.22 17:58:22 | 000,000,809 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 8.lnk
[2012.05.18 18:16:40 | 000,000,132 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012.05.18 01:45:19 | 000,005,077 | ---- | C] () -- C:\Users\Alex\Documents\Untitled.ncor
[2012.05.17 17:33:26 | 000,001,035 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.03.15 16:29:54 | 000,000,073 | ---- | C] () -- C:\Windows\EurekaLog.ini
[2012.02.24 17:50:50 | 000,000,112 | ---- | C] () -- C:\ProgramData\mjIt036C.dat
[2012.01.24 21:29:07 | 000,000,038 | ---- | C] () -- C:\Windows\osAviSplitter.INI
[2012.01.06 17:49:53 | 000,173,492 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.01.03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe
[2011.12.28 16:39:36 | 000,000,125 | ---- | C] () -- C:\Windows\FlashDecompiler.INI
[2011.11.23 03:24:27 | 001,989,419 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\Creative.rar
[2011.10.15 00:20:01 | 000,000,132 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.09.20 12:21:20 | 000,000,132 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011.09.19 15:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2011.09.15 21:47:20 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.09.15 21:46:54 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.07.27 15:03:57 | 000,005,632 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.15 16:32:25 | 001,666,641 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011.05.13 17:10:43 | 000,000,047 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.04.03 11:40:57 | 000,000,166 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.01.30 23:52:04 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.01.27 01:32:15 | 000,000,064 | RHS- | C] () -- C:\Windows\A531272465C931BE.bin
[2011.01.05 22:11:31 | 000,098,344 | ---- | C] () -- C:\Windows\unTMV.exe
[2011.01.04 18:00:26 | 000,695,642 | ---- | C] () -- C:\Windows\unins001.exe
[2011.01.04 18:00:26 | 000,121,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011.01.04 18:00:26 | 000,003,428 | ---- | C] () -- C:\Windows\unins001.dat
[2010.10.21 17:28:34 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\minimp3.exe
[2010.09.21 14:00:34 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
[2010.09.21 13:59:53 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg
[2010.09.21 13:59:52 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe
[2010.09.20 00:53:46 | 000,001,363 | ---- | C] () -- C:\Windows\emasio.dat
[2010.08.29 00:53:30 | 000,000,838 | ---- | C] () -- C:\Windows\Spiderman.INI
[2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010.06.17 11:41:39 | 000,000,550 | RHS- | C] () -- C:\ProgramData\ntuser.pol
========== LOP Check ==========
[2012.06.10 02:57:59 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\abgx360
[2012.05.22 19:30:19 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Ableton
[2009.11.04 15:01:17 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Activision
[2012.01.18 19:16:44 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\aicon
[2012.01.11 15:48:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\AimOne
[2010.07.05 22:18:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Aleo Software
[2010.02.17 22:49:06 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Antares
[2011.07.27 15:03:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Any Video Editor
[2012.04.08 02:55:25 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ASK Video
[2011.01.16 13:10:20 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Athentech
[2009.11.19 15:08:15 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\AudioZoneTrigger
[2012.04.09 17:42:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Autodesk
[2011.09.28 16:13:50 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Babylon
[2010.02.14 17:38:25 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Bioshock2
[2012.06.15 18:46:01 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BitComet
[2010.05.27 14:28:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\bizarre creations
[2010.03.14 18:23:13 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BOM
[2012.02.09 13:47:59 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Broad Intelligence
[2009.11.04 15:01:33 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Cakewalk
[2010.10.16 18:46:05 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\calibre
[2010.05.26 11:58:20 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Canneverbe Limited
[2011.02.20 15:44:29 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Canon
[2012.06.12 15:48:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Celemony Software GmbH
[2011.01.08 13:14:40 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.02.20 03:06:13 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Codemasters
[2012.05.17 19:12:33 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.08.09 12:56:45 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\com.adobe.dmp.contentviewer
[2012.05.17 17:33:28 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2009.11.04 15:01:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.10.28 18:42:51 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\com.prezi.PreziDesktop
[2012.05.23 16:54:28 | 000,000,000 | -HSD | M] -- C:\Users\Alex\AppData\Roaming\Common
[2012.01.11 14:55:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Complitly
[2009.11.04 15:01:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2010.07.23 00:24:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Datel
[2011.01.09 15:31:53 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DeepBurner
[2010.01.12 16:22:16 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DigitalJuice
[2012.04.27 15:39:30 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DiskAid
[2010.05.31 12:41:06 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Disney Interactive Studios
[2012.06.12 16:23:42 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DisplayFusion
[2012.06.07 20:36:05 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Dropbox
[2011.02.10 10:53:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.06.15 10:20:57 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\FileZilla
[2012.02.14 18:38:12 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\fltk.org
[2009.11.04 15:01:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Folding@home-gpu
[2012.06.15 17:36:28 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\foobar2000
[2010.06.10 14:30:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\GameTuts
[2011.04.24 15:29:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\GetRightToGo
[2009.11.04 15:01:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\GHISLER
[2012.05.30 10:01:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Greyfirst
[2012.06.15 00:53:59 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ICQ
[2012.04.01 23:59:28 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ICQ Search
[2011.11.03 23:00:45 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ImgBurn
[2012.05.19 00:46:30 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\iZotope
[2010.03.03 18:28:28 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Leadertech
[2010.05.27 20:53:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\MusicLab
[2010.08.24 16:01:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Need for Speed World
[2010.01.09 02:22:32 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\nHancer
[2012.02.03 01:39:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\OnLive App
[2012.06.14 20:35:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Opera
[2012.05.18 01:31:42 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PACE Anti-Piracy
[2012.01.22 23:46:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Party Buffalo Drive Explorer
[2012.06.11 19:30:40 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PC Cleaners
[2012.06.11 19:37:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PCPro
[2012.02.24 19:30:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PgcEdit
[2012.05.19 01:02:43 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Plugin Alliance
[2011.02.02 16:57:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Promixis
[2012.06.14 18:00:07 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Propellerhead Software
[2011.07.23 03:23:12 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PTGui
[2011.01.27 01:17:26 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Publish Providers
[2012.03.13 09:47:49 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PunkBuster
[2010.05.13 12:40:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Quake3
[2011.06.15 16:41:40 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\QuickScan
[2009.11.04 15:02:11 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\REAPER64
[2012.04.22 16:39:09 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\redsn0w
[2010.02.18 09:10:57 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Resource Tuner
[2011.04.29 21:39:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2012.06.01 23:48:10 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Samsung
[2011.06.25 20:15:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sierra Entertainment
[2012.02.24 13:29:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Simply Super Software
[2012.04.15 17:36:32 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Softland
[2011.01.05 22:12:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SoftMaker
[2011.08.25 16:32:15 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony
[2011.01.27 01:18:59 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony Creative Software Inc
[2012.05.19 01:02:44 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SPL Plug-Ins
[2010.12.30 21:16:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.06.15 19:15:03 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Star Wars - The Force Unleashed II
[2012.04.01 04:17:51 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Steinberg
[2009.11.21 14:48:54 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Stereoscopic Player
[2011.11.13 22:20:13 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Subversion
[2012.01.11 19:41:29 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\sylteditor
[2010.03.06 16:59:15 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Synthesia
[2011.01.01 03:32:49 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Teeworlds
[2012.03.13 00:26:11 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Thinstall
[2011.07.19 18:23:28 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ToMMTi-Systems
[2010.03.19 22:57:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Transcend
[2012.06.11 21:28:38 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TuneUp Software
[2010.05.14 21:11:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Tunngle
[2010.03.14 17:14:43 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Ubisoft
[2011.01.26 23:01:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Ulead Systems
[2010.03.11 00:55:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Unity
[2012.06.14 21:04:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\uTorrent
[2010.05.29 23:37:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Video DVD Maker FREE
[2012.01.14 14:07:45 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\VOS
[2011.06.26 02:32:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Voxengo
[2012.05.19 01:02:43 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\VST3 Presets
[2012.04.01 02:47:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Waves Audio
[2011.04.29 12:30:58 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Waves Preferences
[2011.12.13 19:52:08 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\www.adobe.com.Wallaby
[2012.02.07 20:56:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Xilisoft
[2010.08.11 13:16:33 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\XLink Kai
[2012.06.12 18:53:07 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\XNote Stopwatch
[2011.07.27 15:00:40 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Yamb
[2011.06.10 11:42:38 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Youtube Downloader HD
[2012.06.10 14:01:57 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2012.06.10 10:43:38 | 000,000,000 | ---- | M] ()(C:\Windows\SysNative\?????) -- C:\Windows\SysNative\獷楬汢捯污
[2011.06.15 17:08:54 | 000,000,000 | ---- | C] ()(C:\Windows\SysNative\?????) -- C:\Windows\SysNative\獷楬汢捯污
[2010.04.02 10:53:10 | 000,000,000 | ---D | M](C:\Users\Alex\Documents\??? ????) -- C:\Users\Alex\Documents\Мои игры
[2009.12.01 19:12:29 | 000,000,000 | ---D | C](C:\Users\Alex\Documents\??? ????) -- C:\Users\Alex\Documents\Мои игры
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\system64] -> \systemroot\system32 -> Mount Point
========== Alternate Data Streams ==========
@Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:21654C57
@Alternate Data Stream - 1279 bytes -> C:\Users\Alex\Lokale Einstellungen:B0xyyiG2RxmoreZXbFFv0gy
@Alternate Data Stream - 1279 bytes -> C:\Users\Alex\AppData\Local\Anwendungsdaten:B0xyyiG2RxmoreZXbFFv0gy
@Alternate Data Stream - 1268 bytes -> C:\Users\Alex\Lokale Einstellungen:MHeC10heAPZBZsxVeee5s9
@Alternate Data Stream - 1268 bytes -> C:\Users\Alex\AppData\Local\Anwendungsdaten:MHeC10heAPZBZsxVeee5s9
< End of report > --- --- --- |