mischlig | 17.01.2012 15:15 | otl log mit custom scan fix Code:
OTL logfile created on: 17.01.2012 14:59:51 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = G:\Apps\Tools\Secure
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
16,00 Gb Total Physical Memory | 13,26 Gb Available Physical Memory | 82,90% Memory free
32,00 Gb Paging File | 29,34 Gb Available in Paging File | 91,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,11 Gb Total Space | 70,28 Gb Free Space | 60,53% Space Free | Partition Type: NTFS
Drive D: | 116,67 Gb Total Space | 96,30 Gb Free Space | 82,54% Space Free | Partition Type: NTFS
Drive F: | 465,66 Gb Total Space | 311,02 Gb Free Space | 66,79% Space Free | Partition Type: NTFS
Drive G: | 149,05 Gb Total Space | 64,16 Gb Free Space | 43,04% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: USER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.01.16 15:34:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- G:\Apps\Tools\Secure\OTL.exe
PRC - [2012.01.16 04:00:58 | 000,281,880 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012.01.12 00:29:00 | 028,201,096 | ---- | M] (Electronic Arts) -- D:\Origin\Origin.exe
PRC - [2012.01.05 18:34:49 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.17 10:29:22 | 007,629,952 | ---- | M] (Winstep Software Technologies) -- C:\Program Files (x86)\Winstep\nextstart.exe
PRC - [2011.11.17 10:28:36 | 015,785,600 | ---- | M] (Winstep Software Technologies) -- C:\Program Files (x86)\Winstep\workshelf.exe
PRC - [2011.09.22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Programme\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.04.19 17:58:24 | 000,632,448 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AASP\1.01.12\aaCenter.exe
PRC - [2011.02.11 18:26:22 | 000,377,344 | ---- | M] (Winstep Software Technologies) -- C:\Program Files (x86)\Winstep\WsxService.exe
PRC - [2009.12.21 08:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
PRC - [2009.11.02 10:27:30 | 002,166,912 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\PC Probe II\Probe2.exe
========== Modules (No Company Name) ==========
MOD - [2011.12.02 19:01:24 | 016,827,392 | R--- | M] () -- D:\Origin\QtWebKit4.dll
MOD - [2011.12.02 18:59:12 | 000,312,320 | R--- | M] () -- D:\Origin\imageformats\qtiff4.dll
MOD - [2011.12.02 18:59:12 | 000,264,192 | R--- | M] () -- D:\Origin\imageformats\qmng4.dll
MOD - [2011.12.02 18:59:12 | 000,211,456 | R--- | M] () -- D:\Origin\imageformats\qjpeg4.dll
MOD - [2011.12.02 18:59:12 | 000,032,256 | R--- | M] () -- D:\Origin\imageformats\qico4.dll
MOD - [2011.12.02 18:59:12 | 000,028,672 | R--- | M] () -- D:\Origin\imageformats\qgif4.dll
MOD - [2011.12.02 18:59:10 | 000,172,544 | R--- | M] () -- D:\Origin\codecs\qjpcodecs4.dll
MOD - [2011.12.02 18:59:10 | 000,158,208 | R--- | M] () -- D:\Origin\codecs\qtwcodecs4.dll
MOD - [2011.12.02 18:59:10 | 000,143,872 | R--- | M] () -- D:\Origin\codecs\qcncodecs4.dll
MOD - [2011.12.02 18:59:10 | 000,079,872 | R--- | M] () -- D:\Origin\codecs\qkrcodecs4.dll
MOD - [2011.12.02 18:58:06 | 000,327,680 | R--- | M] () -- D:\Origin\phonon4.dll
MOD - [2011.12.02 18:58:04 | 000,413,184 | R--- | M] () -- D:\Origin\QtXml4.dll
MOD - [2011.12.02 18:58:02 | 001,152,512 | R--- | M] () -- D:\Origin\QtNetwork4.dll
MOD - [2011.12.02 18:58:00 | 009,440,256 | R--- | M] () -- D:\Origin\QtGui4.dll
MOD - [2011.12.02 18:57:58 | 002,694,144 | R--- | M] () -- D:\Origin\QtCore4.dll
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009.09.30 11:33:08 | 000,024,576 | ---- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009.04.13 10:37:34 | 000,188,928 | ---- | M] () -- C:\Program Files (x86)\ASUS\AASP\1.01.12\aasp.dll
MOD - [2009.04.07 09:25:44 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Probe II\vvc.dll
MOD - [2008.01.17 16:46:20 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Probe II\cpuutil.dll
MOD - [2008.01.17 16:46:20 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AASP\1.01.12\cpuutil.dll
MOD - [2005.10.24 16:02:46 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Probe II\AsMultiLang.dll
MOD - [2005.06.22 17:39:56 | 000,204,851 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Probe II\PowerDll.dll
MOD - [2005.06.22 17:39:56 | 000,204,851 | ---- | M] () -- C:\Program Files (x86)\ASUS\AASP\1.01.12\PowerDll.dll
MOD - [2004.12.14 10:08:44 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Probe II\AsHtmlEngine.dll
MOD - [2004.02.05 17:44:58 | 000,373,760 | ---- | M] () -- C:\Program Files (x86)\ASUS\PC Probe II\soundplay.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.11.10 04:11:32 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.11.09 22:08:52 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.09.22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.01.16 04:00:58 | 000,281,880 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.01.05 18:34:49 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.28 13:21:00 | 000,168,864 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\WireHelpSvc.exe -- (WireHelpSvc)
SRV - [2011.09.27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.02.11 18:26:22 | 000,377,344 | ---- | M] (Winstep Software Technologies) [Auto | Running] -- C:\Program Files (x86)\Winstep\WsxService.exe -- (Winstep Xtreme Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.01.14 14:00:45 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.11.28 13:20:48 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:64bit: - [2011.11.28 13:20:28 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1)
DRV:64bit: - [2011.11.10 04:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.11.10 03:12:44 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.10.17 18:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.09.02 07:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.08.09 14:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011.08.04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011.08.04 09:20:38 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2011.06.10 14:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.24 10:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.02.24 10:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.11.21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.09.30 20:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.09.30 20:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.04.27 16:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.27 16:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 14:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 14:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.08.24 06:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.07.16 11:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011.06.24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.11.14 02:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp_/www.dell.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2011.12.23 06:33:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.23 06:57:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.07 06:01:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.11 18:53:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.12.23 06:33:43 | 000,000,000 | ---D | M]
[2011.12.23 06:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Extensions
[2012.01.15 23:11:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\bmf6yrtu.default\extensions
[2012.01.13 14:18:05 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\bmf6yrtu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.15 23:11:36 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\bmf6yrtu.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2011.12.23 06:36:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BMF6YRTU.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BMF6YRTU.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BMF6YRTU.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2012.01.07 06:01:41 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.05 04:38:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.05 04:32:18 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.11.05 04:38:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.05 04:38:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.05 04:38:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.05 04:38:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Launch PC Probe II] File not found
O4 - HKLM..\Run: [NextSTART] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Workshelf] File not found
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Core Temp] G:\Apps\Tools\Hardware\CoreTemp_64bit_0.99.5.27_PCMASTERS.DE\Core Temp.exe ()
O4 - HKCU..\Run: [NextSTART] C:\Program Files (x86)\Winstep\nextstart.exe (Winstep Software Technologies)
O4 - HKCU..\Run: [Workshelf] C:\Program Files (x86)\Winstep\workshelf.exe (Winstep Software Technologies)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\FlyVPN\FlyVPNBind.dll (www.flyvpn.com)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp_/download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp_/fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15FEF7DD-D6A2-49BA-B4CE-6FB066D43440}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{232d7706-2d24-11e1-9edc-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{232d7706-2d24-11e1-9edc-806e6f6e6963}\Shell\AutoRun\command - "" = E:\wubi.exe --cdmenu
O33 - MountPoints2\{6994825e-3c7d-11e1-8dae-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{6994825e-3c7d-11e1-8dae-00ff01000001}\Shell\AutoRun\command - "" = H:\noautorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.01.17 12:48:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.01.17 10:30:51 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Malwarebytes
[2012.01.17 10:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.17 10:30:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.17 10:30:44 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.01.17 10:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.01.15 19:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\FlyVPN
[2012.01.15 19:15:47 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyVPN
[2012.01.15 19:15:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlyVPN
[2012.01.14 16:39:12 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Logitech
[2012.01.14 16:37:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2012.01.14 14:52:16 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\Command and Conquer Generals Data
[2012.01.14 14:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
[2012.01.14 14:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.01.14 14:00:45 | 000,279,616 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.01.14 14:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.01.14 14:00:16 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\DAEMON Tools Lite
[2012.01.14 14:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.01.13 14:18:05 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.01.13 14:17:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.01.13 14:17:43 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\DVDVideoSoft
[2012.01.13 14:17:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012.01.13 14:17:01 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\DVDVideoSoft
[2012.01.13 14:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012.01.10 20:48:47 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\ESL Match Media
[2012.01.10 20:39:04 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\ESL Wire Game Client
[2012.01.10 20:38:31 | 000,147,472 | ---- | C] (<Turtle Entertainment>) -- C:\Windows\SysNative\drivers\ESLWireACD.sys
[2012.01.10 20:38:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
[2012.01.10 20:38:27 | 000,025,528 | ---- | C] (Turtle Entertainment GmbH) -- C:\Windows\SysNative\drivers\ESLvnic.sys
[2012.01.10 20:38:27 | 000,000,000 | ---D | C] -- C:\Program Files\EslWire
[2012.01.10 20:38:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ESL Wire
[2012.01.08 16:06:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winstep
[2012.01.08 16:05:48 | 000,798,208 | ---- | C] (Winstep Software Technologies) -- C:\Windows\SysWow64\NextControls.ocx
[2012.01.08 16:05:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Winstep
[2012.01.08 16:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winstep
[2012.01.08 15:56:43 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\ODUI
[2012.01.08 15:56:34 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Stardock
[2012.01.08 15:56:32 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\Stardock
[2012.01.08 15:56:31 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Stardock
[2012.01.08 15:56:15 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\PackageAware
[2012.01.04 15:38:41 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\ESN Sonar
[2012.01.03 09:55:13 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2012.01.03 09:55:13 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\IrfanView
[2012.01.03 09:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2012.01.03 09:04:51 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Realtime Soft
[2012.01.03 09:02:11 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Realtime Soft
[2012.01.03 09:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\UltraMon
[2012.01.03 09:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Realtime Soft
[2012.01.03 09:02:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Realtime Soft
[2012.01.02 06:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex-Editor MX
[2012.01.02 06:32:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hex-Editor MX
[2011.12.31 13:03:31 | 000,000,000 | ---D | C] -- C:\Microgaming
[2011.12.31 13:03:31 | 000,000,000 | ---D | C] -- C:\ProgramData\MGS
[2011.12.31 03:53:05 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Ashampoo Music Studio 3
[2011.12.28 13:19:14 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\ASCOMP Software
[2011.12.28 13:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software
[2011.12.28 13:19:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASCOMP Software
[2011.12.26 09:29:57 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Adobe
[2011.12.25 20:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2011.12.25 20:33:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2011.12.24 21:32:33 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Publish Providers
[2011.12.24 21:29:30 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Sony
[2011.12.24 21:20:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2011.12.24 21:20:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2011.12.24 21:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2011.12.24 21:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2011.12.24 21:20:08 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Sony
[2011.12.24 19:55:37 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\PunkBuster
[2011.12.24 19:55:35 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\Battlefield 3
[2011.12.24 16:45:58 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2011.12.24 13:47:45 | 000,000,000 | ---D | C] -- C:\Users\USER\riotsGamesLogs
[2011.12.24 13:47:21 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\LolClient
[2011.12.24 13:25:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011.12.24 12:46:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2011.12.24 12:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.12.24 12:45:06 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2011.12.24 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Origin
[2011.12.24 12:32:36 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Origin
[2011.12.24 12:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2011.12.24 12:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2011.12.24 12:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2011.12.24 12:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011.12.24 11:56:48 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\LogiShrd
[2011.12.24 11:56:39 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Leadertech
[2011.12.24 11:56:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2011.12.24 11:55:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2011.12.24 11:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011.12.24 11:55:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2011.12.24 11:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011.12.24 11:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2011.12.24 11:55:12 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Logitech
[2011.12.24 11:55:12 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Logishrd
[2011.12.24 09:52:51 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\GHISLER
[2011.12.23 15:07:42 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.12.23 15:07:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\OEM
[2011.12.23 15:07:12 | 000,000,000 | ---D | C] -- C:\Hotfix
[2011.12.23 15:07:12 | 000,000,000 | ---D | C] -- C:\Drivers
[2011.12.23 15:06:02 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2011.12.23 15:06:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2011.12.23 15:06:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2011.12.23 15:06:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2011.12.23 15:06:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2011.12.23 15:06:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2011.12.23 15:06:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2011.12.23 15:06:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2011.12.23 15:03:46 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2011.12.23 15:03:30 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2011.12.23 15:03:29 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2011.12.23 15:03:29 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2011.12.23 08:27:49 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\WinRAR
[2011.12.23 08:27:49 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.12.23 08:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.12.23 08:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011.12.23 08:12:40 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\vlc
[2011.12.23 08:07:28 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\QuickPar
[2011.12.23 08:06:38 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
[2011.12.23 08:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
[2011.12.23 08:06:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickPar
[2011.12.23 08:01:52 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\ScriptPower OHG
[2011.12.23 08:01:51 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\CrashRpt
[2011.12.23 08:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.12.23 08:01:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011.12.23 08:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLoad
[2011.12.23 08:01:41 | 000,000,000 | ---D | C] -- C:\Program Files\iLoad
[2011.12.23 08:01:06 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Paloma Networks, Inc
[2011.12.23 07:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2011.12.23 06:59:58 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\BitTorrent
[2011.12.23 06:59:58 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\BitTorrent
[2011.12.23 06:57:57 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\DDMSettings
[2011.12.23 06:57:12 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\DivX
[2011.12.23 06:57:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011.12.23 06:56:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.12.23 06:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011.12.23 06:56:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011.12.23 06:56:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011.12.23 06:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011.12.23 06:55:40 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Macromedia
[2011.12.23 06:55:40 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Adobe
[2011.12.23 06:55:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011.12.23 06:55:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.12.23 06:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.12.23 06:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.12.23 06:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.12.23 06:44:19 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\TS3Client
[2011.12.23 06:43:34 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2011.12.23 06:43:33 | 000,000,000 | ---D | C] -- C:\totalcmd
[2011.12.23 06:43:33 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\GHISLER
[2011.12.23 06:41:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.12.23 06:41:53 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2011.12.23 06:41:15 | 000,000,000 | ---D | C] -- C:\Fraps
[2011.12.23 06:36:34 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Mozilla
[2011.12.23 06:36:34 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Mozilla
[2011.12.23 06:36:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.12.23 06:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011.12.23 06:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011.12.23 06:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.12.23 06:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.12.23 06:31:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.12.23 06:30:07 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\AMD
[2011.12.23 06:29:53 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\ATI
[2011.12.23 06:29:53 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\ATI
[2011.12.23 06:29:53 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.12.23 06:28:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011.12.23 06:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011.12.23 06:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011.12.23 06:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011.12.23 06:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2011.12.23 06:27:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011.12.23 06:27:15 | 000,000,000 | ---D | C] -- C:\ATI
[2011.12.23 06:26:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
[2011.12.23 06:26:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2011.12.23 06:26:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.12.23 06:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011.12.23 06:25:55 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2011.12.23 06:25:55 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2011.12.23 06:25:55 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011.12.23 06:25:55 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011.12.23 06:25:55 | 000,603,472 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2011.12.23 06:25:55 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.12.23 06:25:55 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2011.12.23 06:25:55 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011.12.23 06:25:55 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2011.12.23 06:25:55 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2011.12.23 06:25:55 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011.12.23 06:25:55 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.12.23 06:25:55 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.12.23 06:25:55 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2011.12.23 06:25:55 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011.12.23 06:25:55 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011.12.23 06:25:55 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011.12.23 06:25:55 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.12.23 06:25:55 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2011.12.23 06:25:55 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2011.12.23 06:25:55 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011.12.23 06:25:55 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2011.12.23 06:25:55 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011.12.23 06:25:55 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2011.12.23 06:25:55 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2011.12.23 06:25:55 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2011.12.23 06:25:54 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011.12.23 06:25:54 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2011.12.23 06:25:54 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2011.12.23 06:25:54 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2011.12.23 06:25:54 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2011.12.23 06:25:54 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2011.12.23 06:25:54 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2011.12.23 06:25:54 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2011.12.23 06:25:54 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2011.12.23 06:25:54 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2011.12.23 06:25:54 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2011.12.23 06:25:54 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2011.12.23 06:25:54 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2011.12.23 06:25:53 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011.12.23 06:25:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.12.23 06:24:30 | 000,539,240 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011.12.23 06:24:25 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.12.23 06:24:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011.12.23 06:23:14 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.12.23 06:23:05 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011.12.23 06:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011.12.23 06:15:17 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.12.23 06:15:17 | 000,000,000 | R--D | C] -- C:\Users\USER\Searches
[2011.12.23 06:15:17 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.12.23 06:15:08 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Identities
[2011.12.23 06:15:04 | 000,000,000 | R--D | C] -- C:\Users\USER\Contacts
[2011.12.23 06:14:59 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\VirtualStore
[2011.12.23 06:14:46 | 000,000,000 | --SD | C] -- C:\Users\USER\AppData\Roaming\Microsoft
[2011.12.23 06:14:46 | 000,000,000 | R--D | C] -- C:\Users\USER\Videos
[2011.12.23 06:14:46 | 000,000,000 | R--D | C] -- C:\Users\USER\Saved Games
[2011.12.23 06:14:46 | 000,000,000 | R--D | C] -- C:\Users\USER\Pictures
[2011.12.23 06:14:46 | 000,000,000 | R--D | C] -- C:\Users\USER\Music
[2011.12.23 06:14:46 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.12.23 06:14:46 | 000,000,000 | R--D | C] -- C:\Users\USER\Links
[2011.12.23 06:14:46 | 000,000,000 | R--D | C] -- C:\Users\USER\Favorites
[2011.12.23 06:14:46 | 000,000,000 | R--D | C] -- C:\Users\USER\Downloads
[2011.12.23 06:14:46 | 000,000,000 | R--D | C] -- C:\Users\USER\Documents
[2011.12.23 06:14:46 | 000,000,000 | R--D | C] -- C:\Users\USER\Desktop
[2011.12.23 06:14:46 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Vorlagen
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\AppData\Local\Verlauf
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\AppData\Local\Temporary Internet Files
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Startmenü
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\SendTo
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Recent
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Netzwerkumgebung
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Lokale Einstellungen
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Documents\Eigene Videos
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Documents\Eigene Musik
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Eigene Dateien
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Documents\Eigene Bilder
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Druckumgebung
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Cookies
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\AppData\Local\Anwendungsdaten
[2011.12.23 06:14:46 | 000,000,000 | -HSD | C] -- C:\Users\USER\Anwendungsdaten
[2011.12.23 06:14:46 | 000,000,000 | -H-D | C] -- C:\Users\USER\AppData
[2011.12.23 06:14:46 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Temp
[2011.12.23 06:14:46 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Microsoft
[2011.12.23 06:14:46 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Media Center Programs
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.12.23 06:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.12.23 06:11:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.12.23 06:09:07 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.12.23 06:08:30 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2012.01.17 13:42:44 | 000,020,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.17 13:42:44 | 000,020,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.16 15:58:58 | 000,014,381 | ---- | M] () -- C:\Users\USER\Documents\OTL.zip
[2012.01.16 15:58:32 | 000,012,420 | ---- | M] () -- C:\Users\USER\Documents\OTL.rar
[2012.01.16 15:33:29 | 000,000,000 | ---- | M] () -- C:\Users\USER\defogger_reenable
[2012.01.16 04:00:58 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.01.16 04:00:58 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.01.16 04:00:45 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.01.15 23:44:28 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.15 23:44:28 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.15 23:44:28 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.15 23:44:28 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.15 23:44:28 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.15 23:40:01 | 000,281,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.01.15 23:40:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.15 23:39:51 | 4294,266,878 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.15 19:58:46 | 000,000,529 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012.01.15 19:15:47 | 000,001,001 | ---- | M] () -- C:\Users\USER\Desktop\FlyVPN.lnk
[2012.01.14 14:50:00 | 000,000,618 | ---- | M] () -- C:\Windows\eReg.dat
[2012.01.14 14:00:45 | 000,279,616 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.01.14 06:31:15 | 000,003,584 | ---- | M] () -- C:\Users\USER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.13 14:17:59 | 000,001,245 | ---- | M] () -- C:\Users\USER\Desktop\DVDVideoSoft Free Studio.lnk
[2012.01.10 20:38:30 | 000,000,785 | ---- | M] () -- C:\Users\Public\Desktop\ESL Wire.lnk
[2012.01.08 16:06:04 | 000,001,055 | ---- | M] () -- C:\Users\USER\Documents\Winstep.lnk
[2012.01.08 15:56:32 | 000,002,090 | ---- | M] () -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2012.01.05 18:34:49 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.01.03 09:02:08 | 000,002,585 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2011.12.30 00:09:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.12.25 21:13:16 | 000,095,239 | ---- | M] () -- C:\Users\USER\Documents\prime95.PNG
[2011.12.25 20:52:41 | 000,012,162 | ---- | M] () -- C:\Users\USER\Documents\probeII_temp.PNG
[2011.12.25 20:42:22 | 000,087,072 | ---- | M] () -- C:\Users\USER\Documents\asus_stresstest.PNG
[2011.12.24 21:32:16 | 000,002,688 | ---- | M] () -- C:\Users\USER\Documents\Vegas Pro registrieren.htm
[2011.12.24 18:55:35 | 000,001,367 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2011.12.24 16:29:11 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.12.24 16:29:10 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.12.23 15:05:54 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2011.12.23 15:05:54 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2011.12.23 06:29:23 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011.12.23 06:25:50 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2011.12.23 06:12:33 | 000,054,725 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.12.23 06:12:33 | 000,054,725 | ---- | M] () -- C:\Windows\SysNative\license.rtf
========== Files Created - No Company Name ==========
[2012.01.16 15:58:58 | 000,014,381 | ---- | C] () -- C:\Users\USER\Documents\OTL.zip
[2012.01.16 15:58:32 | 000,012,420 | ---- | C] () -- C:\Users\USER\Documents\OTL.rar
[2012.01.16 15:33:29 | 000,000,000 | ---- | C] () -- C:\Users\USER\defogger_reenable
[2012.01.15 19:58:46 | 000,000,529 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012.01.15 19:15:47 | 000,001,001 | ---- | C] () -- C:\Users\USER\Desktop\FlyVPN.lnk
[2012.01.14 14:50:00 | 000,000,618 | ---- | C] () -- C:\Windows\eReg.dat
[2012.01.14 06:25:32 | 000,003,584 | ---- | C] () -- C:\Users\USER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.13 14:17:59 | 000,001,245 | ---- | C] () -- C:\Users\USER\Desktop\DVDVideoSoft Free Studio.lnk
[2012.01.10 20:38:34 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2012.01.10 20:38:30 | 000,000,785 | ---- | C] () -- C:\Users\Public\Desktop\ESL Wire.lnk
[2012.01.08 16:06:04 | 000,001,055 | ---- | C] () -- C:\Users\USER\Documents\Winstep.lnk
[2012.01.08 15:56:32 | 000,002,090 | ---- | C] () -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2012.01.03 11:21:05 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012.01.03 11:21:05 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.01.03 11:21:03 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.01.03 11:21:03 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012.01.03 11:20:46 | 000,015,416 | ---- | C] () -- C:\Windows\SysNative\drivers\ASACPI.sys
[2012.01.03 09:02:08 | 000,002,585 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2012.01.03 09:02:08 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMon.lnk
[2011.12.30 00:09:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.12.25 21:11:06 | 000,095,239 | ---- | C] () -- C:\Users\USER\Documents\prime95.PNG
[2011.12.25 20:52:41 | 000,012,162 | ---- | C] () -- C:\Users\USER\Documents\probeII_temp.PNG
[2011.12.25 20:42:22 | 000,087,072 | ---- | C] () -- C:\Users\USER\Documents\asus_stresstest.PNG
[2011.12.24 21:32:16 | 000,002,688 | ---- | C] () -- C:\Users\USER\Documents\Vegas Pro registrieren.htm
[2011.12.24 20:01:22 | 000,281,880 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.12.24 19:56:43 | 000,281,880 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.12.24 19:56:43 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.12.24 19:56:42 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.12.24 19:56:41 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.12.24 18:55:35 | 000,001,367 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2011.12.24 18:55:34 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk
[2011.12.24 18:55:34 | 000,001,173 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk
[2011.12.24 16:29:11 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.12.24 16:29:10 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.12.23 15:07:13 | 000,000,025 | RH-- | C] () -- C:\Windows\version
[2011.12.23 15:06:25 | 000,643,628 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.23 15:06:25 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2011.12.23 15:06:25 | 000,126,188 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.23 15:06:25 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2011.12.23 06:51:33 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.12.23 06:43:33 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2011.12.23 06:43:33 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2011.12.23 06:43:33 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2011.12.23 06:43:33 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2011.12.23 06:43:33 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2011.12.23 06:43:33 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2011.12.23 06:43:33 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2011.12.23 06:36:31 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.12.23 06:29:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.12.23 06:24:30 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011.12.23 06:22:44 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.12.23 06:15:22 | 000,001,411 | ---- | C] () -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.12.23 06:15:18 | 000,001,445 | ---- | C] () -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.12.23 06:12:22 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.12.23 06:12:13 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.12.23 06:08:30 | 4294,266,878 | -HS- | C] () -- C:\hiberfil.sys
[2011.11.10 03:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.11.10 03:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.11.09 22:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.11.09 22:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011.12.28 13:19:14 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ASCOMP Software
[2012.01.11 18:39:42 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\BitTorrent
[2012.01.15 23:42:45 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DAEMON Tools Lite
[2012.01.13 14:18:31 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DVDVideoSoft
[2012.01.13 14:18:05 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.23 06:43:33 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\GHISLER
[2012.01.03 09:56:40 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\IrfanView
[2011.12.24 11:56:39 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Leadertech
[2011.12.24 13:47:21 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\LolClient
[2011.12.24 12:33:05 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Origin
[2011.12.23 08:01:06 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Paloma Networks, Inc
[2011.12.24 21:32:33 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Publish Providers
[2011.12.24 21:32:32 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Sony
[2012.01.08 15:56:34 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Stardock
[2012.01.15 23:42:53 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\TS3Client
[2009.07.14 06:08:49 | 000,008,190 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.12.26 09:29:57 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Adobe
[2011.12.28 13:19:14 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ASCOMP Software
[2011.12.23 06:29:53 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\ATI
[2012.01.11 18:39:42 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\BitTorrent
[2012.01.15 23:42:45 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DAEMON Tools Lite
[2011.12.25 20:36:18 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DivX
[2012.01.13 14:18:31 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DVDVideoSoft
[2012.01.13 14:18:05 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.23 06:43:33 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\GHISLER
[2011.12.23 06:15:08 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Identities
[2012.01.03 09:56:40 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\IrfanView
[2011.12.24 11:56:39 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Leadertech
[2011.12.24 11:55:26 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Logishrd
[2011.12.24 11:56:48 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Logitech
[2011.12.24 13:47:21 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\LolClient
[2011.12.23 06:55:40 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Macromedia
[2012.01.17 10:30:51 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Malwarebytes
[2010.11.21 08:16:46 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Media Center Programs
[2012.01.08 15:58:12 | 000,000,000 | --SD | M] -- C:\Users\USER\AppData\Roaming\Microsoft
[2011.12.23 06:36:38 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Mozilla
[2011.12.24 12:33:05 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Origin
[2011.12.23 08:01:06 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Paloma Networks, Inc
[2011.12.24 21:32:33 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Publish Providers
[2012.01.03 09:02:11 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Realtime Soft
[2011.12.24 21:32:32 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Sony
[2012.01.08 15:56:34 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Stardock
[2012.01.15 23:42:53 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\TS3Client
[2012.01.16 16:31:25 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\vlc
[2011.12.23 08:27:54 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2011.12.24 11:56:39 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\USER\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1997.07.19 15:55:40 | 001,347,344 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msvbvm50.dll
< End of report > |