stanomaly | 24.09.2011 08:47 | OTL.txt: Code:
OTL logfile created on: 24.09.2011 09:08:47 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\XB\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8080.16413)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 70,65% Memory free
7,21 Gb Paging File | 6,10 Gb Available in Paging File | 84,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287,95 Gb Total Space | 137,93 Gb Free Space | 47,90% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,47 Gb Free Space | 54,69% Space Free | Partition Type: NTFS
Computer Name: XB-PC | User Name: XB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.09.24 09:07:31 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\XB\Desktop\OTL.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.07.21 12:08:02 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.21 07:53:10 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.21 07:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009.08.15 21:31:40 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.12.05 17:11:54 | 000,935,208 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.08.29 14:58:16 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2008.06.30 12:28:24 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\hidfind.exe
PRC - [2008.06.30 12:28:14 | 000,196,608 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\Apoint.exe
PRC - [2008.06.30 12:28:12 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApntEx.exe
PRC - [2008.06.30 12:28:12 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApMsgFwd.exe
PRC - [2008.06.26 13:10:06 | 000,442,467 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2008.06.26 13:10:00 | 000,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.exe
PRC - [2008.06.26 13:09:50 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.exe
PRC - [2008.04.28 16:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe
PRC - [2008.01.14 10:13:02 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Programme\Dell\MediaDirect\PCMService.exe
PRC - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.10.03 15:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
========== Modules (No Company Name) ==========
MOD - [2011.08.16 10:46:49 | 000,771,584 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\74b25c0069cb3a0441b0891ad204ea86\System.Runtime.Remoting.ni.dll
MOD - [2011.08.16 10:28:57 | 007,950,848 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll
MOD - [2011.06.15 09:53:59 | 011,490,816 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll
MOD - [2009.03.30 06:42:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.09.17 05:16:00 | 000,159,744 | -H-- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.05.02 06:15:37 | 000,010,240 | ---- | M] () -- C:\Programme\Unlocker\UnlockerCOM.dll
MOD - [2008.03.12 07:37:52 | 000,055,808 | -H-- | M] () -- C:\Windows\System32\bcmwlrmt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (wltrysvc)
SRV - File not found [Auto | Stopped] -- -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2011.09.02 15:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.21 12:08:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008.12.05 17:11:54 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.09.10 14:56:17 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008.08.29 14:58:16 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2008.06.26 13:10:00 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.exe -- (STacSV)
SRV - [2008.06.26 13:09:50 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.exe -- (AESTFilters)
SRV - [2008.04.28 16:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stop_Pending] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
========== Driver Services (SafeList) ==========
DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.07.21 12:11:12 | 000,138,192 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.21 12:11:11 | 000,066,616 | -H-- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.05.25 02:00:36 | 000,064,512 | -H-- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011.05.25 02:00:36 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010.01.21 18:40:57 | 000,271,360 | -H-- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.01.21 18:40:57 | 000,018,048 | -H-- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.10.08 17:55:33 | 000,028,520 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.07.29 02:55:38 | 000,005,120 | -H-- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2009.02.20 12:28:50 | 000,005,632 | -H-- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008.09.17 06:01:02 | 003,930,112 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008.09.17 06:01:02 | 003,930,112 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.09.14 16:32:10 | 000,717,296 | -H-- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.08.29 14:57:18 | 000,306,299 | -H-- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008.06.30 12:28:10 | 000,170,032 | -H-- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.06.26 13:10:08 | 000,380,928 | -H-- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.03.29 18:36:28 | 000,125,328 | -H-- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008.03.14 15:04:26 | 000,054,784 | -H-- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2008.03.12 07:37:46 | 000,018,424 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008.03.11 08:53:02 | 000,149,208 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008.03.11 08:53:00 | 000,277,624 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2008.03.11 08:42:24 | 000,203,264 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
DRV - [2008.03.11 08:24:46 | 000,038,400 | -H-- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008.03.11 08:24:44 | 000,046,592 | -H-- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008.03.11 08:24:42 | 000,043,008 | -H-- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.01.21 04:23:25 | 000,251,904 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2008.01.21 04:23:25 | 000,220,672 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2008.01.21 04:23:21 | 000,016,896 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007.05.02 11:11:18 | 000,109,704 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007.05.02 11:11:18 | 000,015,112 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007.05.02 11:11:16 | 000,083,592 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007.01.18 19:28:02 | 000,005,275 | -H-- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2003.04.29 13:10:40 | 000,004,448 | -H-- | M] (StarForce Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.04.28 12:12:21 | 000,094,464 | -H-- | M] (StarForce Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2003.04.28 11:16:07 | 000,050,816 | -H-- | M] (StarForce Technologies, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.04.04 09:41:46 | 000,006,848 | -H-- | M] (StarForce Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4080910
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4080910
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.4.14
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: {DB2EA31C-58F5-48b7-8D60-CB0739257904}:0.21
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {45d8ff86-d909-11db-9705-005056c00008}:1.0.5
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.21 17:16:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.09.21 18:33:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2011.09.21 17:16:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.09.21 17:16:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2011.05.17 18:09:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XB\AppData\Roaming\mozilla\Extensions
[2010.09.14 13:17:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XB\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.05.17 18:09:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XB\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2011.09.17 20:23:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XB\AppData\Roaming\mozilla\Firefox\Profiles\aou9vsu3.default\extensions
[2011.09.21 17:17:44 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\XB\AppData\Roaming\mozilla\Firefox\Profiles\aou9vsu3.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011.09.21 17:17:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\XB\AppData\Roaming\mozilla\Firefox\Profiles\aou9vsu3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.09.21 17:17:45 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\XB\AppData\Roaming\mozilla\Firefox\Profiles\aou9vsu3.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2011.09.21 17:17:45 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\XB\AppData\Roaming\mozilla\Firefox\Profiles\aou9vsu3.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.05.17 18:09:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XB\AppData\Roaming\mozilla\Sunbird\Profiles\qlosceo3.default\extensions
[2011.09.21 17:38:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.09.21 17:16:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.09.21 17:38:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\XB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AOU9VSU3.DEFAULT\EXTENSIONS\{45D8FF86-D909-11DB-9705-005056C00008}.XPI
() (No name found) -- C:\USERS\XB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AOU9VSU3.DEFAULT\EXTENSIONS\{DB2EA31C-58F5-48B7-8D60-CB0739257904}.XPI
[2011.09.07 18:26:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.05.31 20:20:41 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.31 20:20:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.05.31 20:20:41 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.31 20:20:41 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.05.31 20:20:41 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.31 20:20:41 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10v_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\XB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\XB\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D4AA4CE-FA5C-4D1D-8845-B69DCC52D969}: DhcpNameServer = 81.173.194.76 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AAEF5F1E-EDBC-4AE0-9A9A-3EA018D664A2}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Programme\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\XB\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\XB\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{14d5bf64-4c8d-11df-bfc8-0021707f0182}\Shell\AutoRun\command - "" = F:\PMB_P.exe
O33 - MountPoints2\{17a37849-826a-11dd-9f69-0021707f0182}\Shell - "" = AutoRun
O33 - MountPoints2\{17a37849-826a-11dd-9f69-0021707f0182}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{62fac7d5-ef23-11df-9caf-0021707f0182}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{7ac755be-ebe6-11dd-93be-0021707f0182}\Shell - "" = AutoRun
O33 - MountPoints2\{7ac755be-ebe6-11dd-93be-0021707f0182}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{d7f6ab8f-1a40-11df-ad57-0021707f0182}\Shell\AutoRun\command - "" = explorer .
O33 - MountPoints2\{d7f6ab8f-1a40-11df-ad57-0021707f0182}\Shell\mobile\command - "" = F:\MobileLaunch.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: 97776012.sys - Driver
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: 97776012.sys - Driver
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: hitmanpro35 - Reg Error: Value error.
SafeBootNet: hitmanpro35.sys - Reg Error: Value error.
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {05466845-FF44-4671-92C1-A5FD0F9EEE1C} - Microsoft Reader
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.09.24 09:07:33 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\XB\Desktop\OTL.exe
[2011.09.22 18:38:34 | 000,000,000 | ---D | C] -- C:\Users\XB\Desktop\To Do Reinstall
[2011.09.22 18:28:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2011.09.22 18:28:39 | 000,000,000 | ---D | C] -- C:\Program Files\MozBackup
[2011.09.22 17:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.09.22 17:12:51 | 002,322,184 | ---- | C] (ESET) -- C:\Users\XB\Desktop\esetsmartinstaller_enu.exe
[2011.09.21 20:07:43 | 000,000,000 | ---D | C] -- C:\Users\XB\AppData\Roaming\Malwarebytes
[2011.09.21 20:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.09.21 20:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.09.21 20:07:25 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.09.21 20:07:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.09.21 20:06:40 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\XB\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.21 20:01:36 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011.09.21 19:21:10 | 000,000,000 | RH-D | C] -- C:\Users\XB\AppData\Roaming\SecuROM
[2011.09.21 18:49:07 | 001,403,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\XB\Desktop\tdsskiller.exe
[2011.09.21 18:41:24 | 003,313,664 | ---- | C] (Avira GmbH) -- C:\Users\XB\Desktop\bootwizard.exe
[2011.09.21 09:27:43 | 000,200,976 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2011.09.21 09:27:34 | 002,002,416 | ---- | C] (Trend Micro Inc.) -- C:\Users\XB\Desktop\HousecallLauncher.exe
[2011.09.21 09:07:20 | 000,000,000 | ---D | C] -- C:\Users\XB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery
[2011.09.21 08:49:56 | 000,000,000 | -HSD | C] -- C:\found.000
[2011.09.20 23:52:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2011.09.20 23:52:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2011.09.20 23:43:58 | 000,000,000 | ---D | C] -- C:\Users\XB\AppData\Roaming\Avira
[2011.09.20 23:38:56 | 000,028,520 | -H-- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.09.20 23:38:53 | 000,138,192 | -H-- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.09.20 23:38:53 | 000,066,616 | -H-- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.09.20 23:38:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\Avira
[2011.09.20 23:38:52 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.09.20 16:46:18 | 004,219,996 | ---- | C] (Swearware) -- C:\Users\XB\Desktop\ComboFix.exe
[2011.09.20 16:33:57 | 000,000,000 | -H-D | C] -- C:\ProgramData\Hitman Pro
[2011.09.20 16:33:53 | 006,394,688 | ---- | C] (SurfRight B.V.) -- C:\Users\XB\Desktop\HitmanPro359129.exe
[2011.09.17 12:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011.09.17 12:57:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.09.17 12:57:55 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2002.03.11 11:06:30 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsiw.exe
[2002.03.11 10:45:04 | 001,708,856 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsia.exe
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.09.24 09:07:31 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\XB\Desktop\OTL.exe
[2011.09.24 09:01:00 | 000,001,052 | -H-- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.09.24 08:27:00 | 000,001,098 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.24 08:21:59 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.24 08:21:59 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.23 22:27:01 | 000,001,094 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.23 16:24:56 | 002,322,184 | ---- | M] (ESET) -- C:\Users\XB\Desktop\esetsmartinstaller_enu.exe
[2011.09.23 16:20:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.23 16:20:18 | 3755,974,656 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.23 15:29:14 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.09.22 18:28:39 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2011.09.22 18:28:15 | 001,035,926 | ---- | M] () -- C:\Users\XB\Desktop\MozBackup-1.5.1-EN.exe
[2011.09.21 20:06:49 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\XB\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.21 18:49:05 | 001,403,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\XB\Desktop\tdsskiller.exe
[2011.09.21 18:41:22 | 003,313,664 | ---- | M] (Avira GmbH) -- C:\Users\XB\Desktop\bootwizard.exe
[2011.09.21 16:17:09 | 203,431,075 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.09.21 16:12:50 | 000,412,248 | -H-- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.21 09:34:57 | 000,102,400 | ---- | M] () -- C:\Windows\RegBootClean.exe
[2011.09.21 09:34:35 | 000,189,047 | ---- | M] () -- C:\Users\XB\AppData\Local\census.cache
[2011.09.21 09:34:30 | 000,157,845 | ---- | M] () -- C:\Users\XB\AppData\Local\ars.cache
[2011.09.21 09:27:39 | 000,000,036 | ---- | M] () -- C:\Users\XB\AppData\Local\housecall.guid.cache
[2011.09.21 09:27:32 | 002,002,416 | ---- | M] (Trend Micro Inc.) -- C:\Users\XB\Desktop\HousecallLauncher.exe
[2011.09.21 09:17:43 | 000,007,512 | ---- | M] () -- C:\Users\XB\AppData\Local\d3d9caps.dat
[2011.09.21 09:17:17 | 010,268,672 | ---- | M] () -- C:\Users\XB\Desktop\Ad-Aware95Install.msi
[2011.09.21 09:08:27 | 000,000,456 | ---- | M] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.09.21 09:07:21 | 000,000,208 | ---- | M] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.09.21 09:07:21 | 000,000,160 | ---- | M] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.09.20 23:52:43 | 001,339,288 | ---- | M] () -- C:\Users\XB\Desktop\sar_15_sfx.exe
[2011.09.20 23:50:32 | 013,679,328 | ---- | M] () -- C:\Users\XB\Desktop\vipre-de-setup.exe
[2011.09.20 23:37:07 | 067,980,144 | ---- | M] () -- C:\Users\XB\Desktop\avira_antivir_personal_de.exe
[2011.09.20 16:46:35 | 004,219,996 | ---- | M] (Swearware) -- C:\Users\XB\Desktop\ComboFix.exe
[2011.09.20 16:34:26 | 000,023,624 | -H-- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011.09.20 16:32:30 | 006,394,688 | ---- | M] (SurfRight B.V.) -- C:\Users\XB\Desktop\HitmanPro359129.exe
[2011.09.18 16:56:42 | 000,000,064 | -H-- | M] () -- C:\Windows\System32\rp_stats.dat
[2011.09.18 16:56:42 | 000,000,044 | -H-- | M] () -- C:\Windows\System32\rp_rules.dat
[2011.09.18 16:37:54 | 000,000,000 | -H-- | M] () -- C:\ProgramData\LauncherAccess.dt
[2011.09.14 20:09:40 | 000,116,224 | ---- | M] () -- C:\Users\XB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.08.29 11:49:41 | 000,618,442 | -H-- | M] () -- C:\Windows\System32\perfh007.dat
[2011.08.29 11:49:41 | 000,587,178 | -H-- | M] () -- C:\Windows\System32\perfh009.dat
[2011.08.29 11:49:41 | 000,122,842 | -H-- | M] () -- C:\Windows\System32\perfc007.dat
[2011.08.29 11:49:41 | 000,101,250 | -H-- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.09.22 18:28:39 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2011.09.22 18:28:28 | 001,035,926 | ---- | C] () -- C:\Users\XB\Desktop\MozBackup-1.5.1-EN.exe
[2011.09.21 16:12:32 | 3755,974,656 | -HS- | C] () -- C:\hiberfil.sys
[2011.09.21 09:34:54 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe
[2011.09.21 09:34:35 | 000,189,047 | ---- | C] () -- C:\Users\XB\AppData\Local\census.cache
[2011.09.21 09:34:30 | 000,157,845 | ---- | C] () -- C:\Users\XB\AppData\Local\ars.cache
[2011.09.21 09:27:39 | 000,000,036 | ---- | C] () -- C:\Users\XB\AppData\Local\housecall.guid.cache
[2011.09.21 09:17:10 | 010,268,672 | ---- | C] () -- C:\Users\XB\Desktop\Ad-Aware95Install.msi
[2011.09.21 09:07:21 | 000,000,208 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.09.21 09:07:21 | 000,000,160 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.09.21 09:07:20 | 000,000,456 | ---- | C] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.09.20 23:52:44 | 001,339,288 | ---- | C] () -- C:\Users\XB\Desktop\sar_15_sfx.exe
[2011.09.20 23:35:35 | 067,980,144 | ---- | C] () -- C:\Users\XB\Desktop\avira_antivir_personal_de.exe
[2011.09.20 23:17:58 | 013,679,328 | ---- | C] () -- C:\Users\XB\Desktop\vipre-de-setup.exe
[2011.09.20 16:34:26 | 000,023,624 | -H-- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011.06.19 16:57:12 | 000,000,064 | -H-- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.06.19 16:57:12 | 000,000,044 | -H-- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.06.15 11:07:40 | 000,000,416 | -H-- | C] () -- C:\Windows\BRWMARK.INI
[2011.06.15 11:07:40 | 000,000,034 | -H-- | C] () -- C:\Windows\System32\BD7440N.DAT
[2010.09.14 13:17:37 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2010.02.27 21:54:02 | 000,017,408 | ---- | C] () -- C:\Users\XB\AppData\Local\WebpageIcons.db
[2010.01.22 16:21:59 | 000,000,040 | -H-- | C] () -- C:\Windows\RUNAWAY.INI
[2010.01.22 16:09:02 | 000,176,214 | -H-- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.01.22 16:09:02 | 000,090,112 | -H-- | C] () -- C:\Windows\System32\atibrtmon.exe
[2010.01.21 18:40:57 | 000,271,360 | -H-- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.01.21 18:40:57 | 000,018,048 | -H-- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.12.24 17:02:40 | 000,000,206 | -H-- | C] () -- C:\Windows\System32\srcr.dat
[2009.10.15 16:59:44 | 000,000,000 | -H-- | C] () -- C:\Windows\OPPRIN~1.INI
[2009.05.28 20:41:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.28 20:41:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.05.28 20:40:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.05.10 23:27:54 | 000,000,528 | -H-- | C] () -- C:\Windows\eReg.dat
[2009.04.24 17:02:14 | 000,451,928 | ---- | C] () -- C:\Program Files\setup.exe
[2009.04.24 17:01:52 | 140,387,071 | ---- | C] () -- C:\Program Files\openofficeorg1.cab
[2009.04.24 17:01:34 | 009,819,136 | ---- | C] () -- C:\Program Files\openofficeorg31.msi
[2009.04.23 18:29:54 | 000,000,336 | ---- | C] () -- C:\Program Files\setup.ini
[2009.01.26 13:38:12 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2008.12.25 00:34:32 | 000,004,767 | -H-- | C] () -- C:\Windows\Irremote.ini
[2008.10.19 22:54:43 | 000,000,000 | -H-- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008.10.19 22:49:47 | 000,000,059 | -H-- | C] () -- C:\Windows\wininit.ini
[2008.10.19 22:47:51 | 000,005,632 | -H-- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008.09.30 17:48:38 | 009,776,640 | ---- | C] () -- C:\Program Files\openofficeorg30.msi
[2008.09.20 18:41:11 | 000,755,027 | -H-- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.09.20 18:41:11 | 000,164,352 | -H-- | C] () -- C:\Windows\System32\unrar.dll
[2008.09.17 17:21:11 | 000,007,512 | ---- | C] () -- C:\Users\XB\AppData\Local\d3d9caps.dat
[2008.09.13 17:00:15 | 000,116,224 | ---- | C] () -- C:\Users\XB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.11 00:21:57 | 003,107,788 | -H-- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.09.11 00:21:57 | 000,159,744 | -H-- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.09.10 16:28:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.09.10 14:53:33 | 000,000,074 | -HS- | C] () -- C:\Windows\CT4CET.bin
[2008.09.10 14:48:44 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.09.10 14:45:35 | 000,055,808 | -H-- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008.08.29 14:58:26 | 000,197,408 | -H-- | C] () -- C:\Windows\System32\vpnapi.dll
[2008.06.04 10:23:14 | 000,026,624 | -H-- | C] () -- C:\Windows\System32\ssp7ml3.dll
[2008.01.21 09:15:58 | 000,618,442 | -H-- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | -H-- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,122,842 | -H-- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | -H-- | C] () -- C:\Windows\System32\perfd007.dat
[2007.04.16 02:24:16 | 000,023,752 | -H-- | C] () -- C:\Windows\System32\providers.bin
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,412,248 | -H-- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,587,178 | -H-- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | -H-- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,101,250 | -H-- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | -H-- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:26 | 000,557,568 | -H-- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 12:23:21 | 000,215,943 | -H-- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | -H-- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | -H-- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | -H-- | C] () -- C:\Windows\System32\mlang.dat
[2005.01.17 07:10:16 | 000,045,056 | -H-- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2004.08.09 07:00:42 | 000,000,114 | -H-- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2001.11.14 12:56:00 | 001,802,240 | -H-- | C] () -- C:\Windows\System32\lcppn21.dll
========== LOP Check ==========
[2011.09.21 17:17:43 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Azureus
[2011.09.21 17:17:43 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\DAEMON Tools
[2010.08.24 22:49:24 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Doctor Who
[2011.09.23 16:22:53 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Dropbox
[2011.04.20 13:50:47 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\gnupg
[2009.01.26 15:20:11 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\OpenOffice.org
[2011.03.06 19:19:36 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\PCDr
[2011.08.06 13:40:00 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\RDecke
[2008.10.19 22:55:31 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Samsung
[2011.09.21 17:17:47 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Stellarium
[2011.09.21 17:17:47 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Thunderbird
[2010.02.11 16:18:58 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Uniblue
[2011.09.23 15:29:15 | 000,032,582 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.09.14 15:30:43 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Adobe
[2008.09.12 19:12:05 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\ATI
[2011.09.20 23:43:58 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Avira
[2011.09.21 17:17:43 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Azureus
[2009.02.01 18:47:42 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Creative
[2011.09.21 17:17:43 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\DAEMON Tools
[2008.09.12 19:10:29 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Dell
[2009.01.30 23:20:10 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\DivX
[2010.08.24 22:49:24 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Doctor Who
[2011.09.23 16:22:53 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Dropbox
[2011.09.21 17:17:43 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\dvdcss
[2011.04.20 13:50:47 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\gnupg
[2008.11.21 14:15:09 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Google
[2008.09.12 19:11:14 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Identities
[2010.12.07 21:34:59 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Macromedia
[2011.09.21 20:07:43 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Media Center Programs
[2009.03.06 23:33:30 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Media Player Classic
[2011.06.07 11:50:24 | 000,000,000 | --SD | M] -- C:\Users\XB\AppData\Roaming\Microsoft
[2011.05.17 18:09:21 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Mozilla
[2008.12.28 21:43:47 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Nero
[2009.01.26 15:20:11 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\OpenOffice.org
[2009.01.26 15:14:16 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\OpenOffice.org2
[2011.03.06 19:19:36 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\PCDr
[2011.08.06 13:40:00 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\RDecke
[2009.08.15 21:31:55 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Real
[2008.10.19 22:55:31 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Samsung
[2011.09.21 19:21:10 | 000,000,000 | RH-D | M] -- C:\Users\XB\AppData\Roaming\SecuROM
[2011.09.23 16:23:22 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Skype
[2011.07.16 03:30:38 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\skypePM
[2011.09.21 17:17:47 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Stellarium
[2011.09.21 17:17:47 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Thunderbird
[2010.02.11 16:18:58 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\Uniblue
[2008.09.13 18:12:37 | 000,000,000 | ---D | M] -- C:\Users\XB\AppData\Roaming\vlc
< %APPDATA%\*.exe /s >
[2011.05.25 22:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\XB\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2011.05.25 22:07:42 | 000,174,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\XB\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2011.06.06 17:58:44 | 003,120,288 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\XB\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2011.05.25 10:33:47 | 051,021,472 | ---- | M] (Dell Inc) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Binaries\full_dsc_5830_10_32_01.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\0a58ebe8-5880-4eba-999a-97d144d9f9d1\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\0aacd27e-241a-49b8-ad83-76a6af250838\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\0bdb0ac7-5fd7-4328-a8de-adcc25c013aa\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\107f3d74-2918-4a31-a289-64116284eb99\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\1d44e7ee-874a-4b2c-9234-c31465b3451a\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\4323305a-d284-4c43-8d43-26387cdfcab8\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\438f97e0-24cb-44ea-b69a-48dabe4bc268\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\447c3751-bdba-44cd-9902-75b696878626\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\50be6b4d-9022-43a1-9a80-a21a80399e95\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\6a8231fc-3373-4b23-9a38-3880095b5f3f\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\6d0fd0f5-0cc6-4146-8c55-9e7fcdd71884\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\XB\AppData\Roaming\PCDr\Update\Rules\91d93da8-4e8f-4016-b59b-add099e35d75\DellSignedAppUpdaterRules\AddCertificate.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | -H-- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.09.11 00:18:04 | 000,021,560 | -H-- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys
[2008.09.11 00:18:04 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.09.11 00:18:04 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.09.11 00:18:04 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2007.09.29 23:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2008.03.11 08:44:12 | 000,305,176 | -H-- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Drivers\storage\R180982\iastor.sys
[2008.03.11 08:44:12 | 000,305,176 | -H-- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\drivers\iaStor.sys
[2008.03.11 08:44:12 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_cfa1dde4\iaStor.sys
[2008.03.11 08:44:12 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_ec8a8d1b\iaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | -H-- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | -H-- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.09.14 16:32:10 | 000,717,296 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | -H-- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | -H-- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | -H-- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | -H-- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | -H-- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.03.12 07:37:52 | 000,055,808 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\bcmwlrmt.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< >
< End of report > |