bumbesberti | 17.02.2012 18:33 | Hier das OTL-Log:
OTL Logfile: Code:
OTL logfile created on: 17.02.2012 17:54:57 - Run 1
OTL by OldTimer - Version 3.2.32.0 Folder = C:\Users\Tobi\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,62% Memory free
6,00 Gb Paging File | 4,75 Gb Available in Paging File | 79,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 12,89 Gb Free Space | 5,54% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 16,10 Gb Free Space | 7,28% Space Free | Partition Type: NTFS
Drive G: | 3,69 Gb Total Space | 0,32 Gb Free Space | 8,71% Space Free | Partition Type: FAT32
Computer Name: PC-TOBI | User Name: Tobi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.02.17 17:52:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Tobi\Downloads\OTL.exe
PRC - [2012.02.17 09:40:13 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.10.07 10:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPointP\SetPoint.exe
PRC - [2011.09.27 20:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2011.07.14 18:17:00 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.28 12:06:28 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.15 20:20:34 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.20 04:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Programme\ASUS\ATK Media\DMedia.exe
PRC - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 10:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.08.12 22:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Programme\ASUS\ATK Hotkey\HControl.exe
PRC - [2009.08.11 22:36:30 | 000,236,160 | ---- | M] (ATK) -- C:\Programme\P4G\BatteryLife.exe
PRC - [2009.07.30 11:45:19 | 000,497,024 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Programme\Elantech\ETDCtrl.exe
PRC - [2009.07.24 18:32:50 | 001,593,344 | ---- | M] () -- C:\Programme\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.07.23 18:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Programme\ASUS\Splendid\ACMON.exe
PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.07.07 19:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009.06.29 18:39:50 | 000,157,752 | ---- | M] (ASUS) -- C:\Programme\ASUS\ASUS CopyProtect\ASPG.exe
PRC - [2009.06.19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Programme\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Programme\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.05.18 23:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Programme\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.04.09 14:17:07 | 000,237,568 | ---- | M] (AlcorMicro Co., Ltd.) -- C:\Programme\AmIcoSingLun\AmIcoSinglun.exe
PRC - [2008.12.23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Programme\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.10.25 10:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008.08.14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Programme\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Programme\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Programme\ATKGFNEX\GFNEXSrv.exe
PRC - [2005.07.06 23:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
========== Modules (No Company Name) ==========
MOD - [2012.02.17 09:40:13 | 001,911,768 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.10.07 10:41:16 | 000,879,896 | ---- | M] () -- C:\Programme\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2011.03.23 09:51:36 | 006,053,536 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2009.08.06 18:46:32 | 000,024,064 | ---- | M] () -- C:\Programme\P4G\OvrClk.dll
MOD - [2009.07.24 18:32:50 | 001,593,344 | ---- | M] () -- C:\Programme\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009.05.05 18:00:46 | 000,012,288 | ---- | M] () -- C:\Programme\P4G\DevMng.dll
MOD - [2008.10.01 07:02:44 | 000,009,216 | ---- | M] () -- C:\Programme\ASUS\Splendid\GLCDdll.dll
MOD - [2007.06.15 10:28:36 | 000,147,456 | ---- | M] () -- C:\Programme\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007.06.01 17:08:18 | 000,143,360 | ---- | M] () -- C:\Programme\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2007.03.10 00:16:52 | 000,106,496 | ---- | M] () -- C:\Programme\ATKGFNEX\AGFNEX.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.11.03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011.09.27 20:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.07.14 18:17:00 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.07.10 15:46:56 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.04.28 12:06:28 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.11.06 09:20:16 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Programme\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Programme\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
========== Driver Services (SafeList) ==========
DRV - [2011.11.03 12:06:56 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011.07.14 18:17:00 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.14 18:17:00 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.11.22 15:35:27 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2009.12.14 18:32:26 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.10.05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.27 08:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2009.07.20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.13 23:02:53 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2009.07.02 00:59:00 | 009,786,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.06.18 20:18:00 | 000,015,416 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)
DRV - [2009.06.05 11:14:40 | 001,766,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009.05.13 02:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.05.08 11:15:27 | 000,025,600 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmUStor.sys -- (AmUStor)
DRV - [2009.05.01 03:13:33 | 000,064,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.05.24 01:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.07.24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Programme\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-926043760-3848155677-2089075538-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKU\S-1-5-21-926043760-3848155677-2089075538-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://stadium-live.com/Channel1.html
IE - HKU\S-1-5-21-926043760-3848155677-2089075538-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-926043760-3848155677-2089075538-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.449: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.11 21:19:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.17 09:40:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.11 21:19:04 | 000,000,000 | ---D | M]
[2011.12.12 21:44:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\Extensions
[2012.01.22 11:20:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\Firefox\Profiles\8c1cp6mx.default\extensions
[2012.01.02 18:29:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\TOBI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8C1CP6MX.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\TOBI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8C1CP6MX.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2012.02.17 09:40:13 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.01.02 18:29:21 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.02 18:29:21 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.01.02 18:29:21 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.02 18:29:21 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.02 18:29:21 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.02 18:29:21 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.05.17 14:38:54 | 000,434,037 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14940 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-926043760-3848155677-2089075538-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ADSMTray] C:\Programme\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [HControlUser] C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-926043760-3848155677-2089075538-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10o_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F6D8DC7-3477-4038-BAF7-8A15BC169DFD}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
MsConfig - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: MDS_Menu - hkey= - key= - C:\Program Files\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - StartUpReg: PDVD9LanguageShortcut - hkey= - key= - C:\Program Files\Cyberlink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
MsConfig - StartUpReg: RemoteControl9 - hkey= - key= - C:\Program Files\Cyberlink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
MsConfig - StartUpReg: UpdateLBPShortCut - hkey= - key= - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - StartUpReg: UpdateP2GoShortCut - hkey= - key= - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - StartUpReg: UpdatePDRShortCut - hkey= - key= - C:\Program Files\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - StartUpReg: UpdatePSTShortCut - hkey= - key= - C:\Program Files\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootNet: Messenger - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {47B3BDBB-F2AE-4B55-95C8-921C25DB3B76} - .NET Framework
ActiveX: {49C187D7-91E1-459E-9759-2925384BD397} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5A604D2C-E968-429B-8327-62B5CE52126D} - .NET Framework
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {BFA2E378-31D9-4595-AFA9-CA19E610DC0F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CE4BC71D-A88B-4943-BB3D-AF9C0E7D4387} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (hxxp://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.02.16 13:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.02.15 14:42:13 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.02.15 14:35:43 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Malwarebytes
[2012.02.15 14:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.15 14:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.15 14:35:32 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.15 14:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.11 21:20:40 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Local\DDMSettings
[2012.02.06 21:04:17 | 000,000,000 | ---D | C] -- C:\Users\Tobi\4.0
[2012.02.06 21:04:16 | 000,000,000 | ---D | C] -- C:\Users\Tobi\.tfo4
[2010.11.22 15:29:54 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[2008.08.12 05:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files\Common Files\MSIactionall.dll
========== Files - Modified Within 30 Days ==========
[2012.02.17 15:30:49 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2012.02.17 15:30:49 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2012.02.17 14:56:11 | 000,010,896 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.17 14:56:11 | 000,010,896 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.17 14:48:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.17 14:48:38 | 2415,316,992 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.15 14:52:40 | 550,148,701 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.02.15 14:35:35 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.05 17:30:05 | 000,026,112 | ---- | M] () -- C:\Users\Tobi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.23 15:21:59 | 000,684,000 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2012.01.23 15:21:59 | 000,681,356 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2012.01.23 15:21:59 | 000,680,010 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2012.01.23 15:21:59 | 000,679,642 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012.01.23 15:21:59 | 000,670,084 | ---- | M] () -- C:\Windows\System32\prfh0816.dat
[2012.01.23 15:21:59 | 000,666,732 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2012.01.23 15:21:59 | 000,654,470 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2012.01.23 15:21:59 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.23 15:21:59 | 000,623,220 | ---- | M] () -- C:\Windows\System32\perfh00E.dat
[2012.01.23 15:21:59 | 000,614,512 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.01.23 15:21:59 | 000,609,266 | ---- | M] () -- C:\Windows\System32\perfh01D.dat
[2012.01.23 15:21:59 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.23 15:21:59 | 000,601,758 | ---- | M] () -- C:\Windows\System32\perfh01F.dat
[2012.01.23 15:21:59 | 000,440,052 | ---- | M] () -- C:\Windows\System32\perfh014.dat
[2012.01.23 15:21:59 | 000,394,978 | ---- | M] () -- C:\Windows\System32\perfh012.dat
[2012.01.23 15:21:59 | 000,383,546 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2012.01.23 15:21:59 | 000,346,674 | ---- | M] () -- C:\Windows\System32\perfh00D.dat
[2012.01.23 15:21:59 | 000,144,282 | ---- | M] () -- C:\Windows\System32\perfc00E.dat
[2012.01.23 15:21:59 | 000,133,704 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2012.01.23 15:21:59 | 000,131,232 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012.01.23 15:21:59 | 000,130,586 | ---- | M] () -- C:\Windows\System32\prfc0816.dat
[2012.01.23 15:21:59 | 000,129,608 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2012.01.23 15:21:59 | 000,128,892 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2012.01.23 15:21:59 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.23 15:21:59 | 000,124,922 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2012.01.23 15:21:59 | 000,124,006 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2012.01.23 15:21:59 | 000,120,648 | ---- | M] () -- C:\Windows\System32\perfc01D.dat
[2012.01.23 15:21:59 | 000,118,684 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.01.23 15:21:59 | 000,118,200 | ---- | M] () -- C:\Windows\System32\perfc01F.dat
[2012.01.23 15:21:59 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2012.01.23 15:21:59 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.23 15:21:59 | 000,101,856 | ---- | M] () -- C:\Windows\System32\perfc012.dat
[2012.01.23 15:21:59 | 000,074,002 | ---- | M] () -- C:\Windows\System32\perfc014.dat
[2012.01.23 15:21:59 | 000,066,274 | ---- | M] () -- C:\Windows\System32\perfc00D.dat
========== Files Created - No Company Name ==========
[2012.02.15 14:52:40 | 550,148,701 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.02.15 14:35:35 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011.12.13 17:46:17 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2011.05.17 14:35:11 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.05.17 14:35:11 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2010.11.22 15:29:37 | 001,766,592 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2010.11.22 15:29:37 | 000,035,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2010.11.05 20:13:51 | 000,000,093 | ---- | C] () -- C:\Windows\dinksmallwood.ini
[2010.08.22 16:14:04 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010.08.22 16:14:03 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010.08.22 16:14:03 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010.08.22 16:02:44 | 000,032,547 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2010.06.24 12:09:27 | 000,157,696 | ---- | C] () -- C:\Windows\System32\OggEnc.exe
[2010.06.24 12:09:27 | 000,145,408 | ---- | C] () -- C:\Windows\System32\Lame.exe
[2010.06.24 12:09:27 | 000,076,800 | ---- | C] () -- C:\Windows\System32\Faac.exe
[2010.02.24 14:59:22 | 000,137,960 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.02.24 14:50:52 | 000,235,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.02.24 14:50:51 | 002,373,712 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010.02.24 14:50:51 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.02.18 11:43:36 | 000,026,112 | ---- | C] () -- C:\Users\Tobi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.14 17:10:11 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2009.12.02 15:28:40 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.12.02 15:28:40 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009.12.02 15:28:38 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.12.02 15:28:37 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.12.02 15:28:36 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.11.21 12:53:51 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009.11.15 14:26:56 | 000,070,550 | ---- | C] () -- C:\Windows\War3Unin.dat
[2009.09.20 10:08:25 | 000,053,248 | ---- | C] () -- C:\Windows\System32\LogonStart.dll
[2009.09.20 09:58:19 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat
[2009.08.26 11:22:35 | 000,346,674 | ---- | C] () -- C:\Windows\System32\perfh00D.dat
[2009.08.26 11:22:35 | 000,229,316 | ---- | C] () -- C:\Windows\System32\perfi00D.dat
[2009.08.26 11:22:35 | 000,066,274 | ---- | C] () -- C:\Windows\System32\perfc00D.dat
[2009.08.26 11:22:35 | 000,032,166 | ---- | C] () -- C:\Windows\System32\perfd00D.dat
[2009.08.26 11:05:28 | 000,440,052 | ---- | C] () -- C:\Windows\System32\perfh014.dat
[2009.08.26 11:05:28 | 000,298,300 | ---- | C] () -- C:\Windows\System32\perfi014.dat
[2009.08.26 11:05:28 | 000,074,002 | ---- | C] () -- C:\Windows\System32\perfc014.dat
[2009.08.26 11:05:28 | 000,036,156 | ---- | C] () -- C:\Windows\System32\perfd014.dat
[2009.08.26 10:49:19 | 000,609,266 | ---- | C] () -- C:\Windows\System32\perfh01D.dat
[2009.08.26 10:49:19 | 000,294,764 | ---- | C] () -- C:\Windows\System32\perfi01D.dat
[2009.08.26 10:49:19 | 000,120,648 | ---- | C] () -- C:\Windows\System32\perfc01D.dat
[2009.08.26 10:49:19 | 000,037,052 | ---- | C] () -- C:\Windows\System32\perfd01D.dat
[2009.08.26 10:40:59 | 000,670,084 | ---- | C] () -- C:\Windows\System32\prfh0816.dat
[2009.08.26 10:40:59 | 000,336,656 | ---- | C] () -- C:\Windows\System32\prfi0816.dat
[2009.08.26 10:40:59 | 000,130,586 | ---- | C] () -- C:\Windows\System32\prfc0816.dat
[2009.08.26 10:40:59 | 000,040,548 | ---- | C] () -- C:\Windows\System32\prfd0816.dat
[2009.08.26 10:36:00 | 000,623,220 | ---- | C] () -- C:\Windows\System32\perfh00E.dat
[2009.08.26 10:36:00 | 000,287,518 | ---- | C] () -- C:\Windows\System32\perfi00E.dat
[2009.08.26 10:36:00 | 000,144,282 | ---- | C] () -- C:\Windows\System32\perfc00E.dat
[2009.08.26 10:36:00 | 000,048,094 | ---- | C] () -- C:\Windows\System32\perfd00E.dat
[2009.08.26 10:31:02 | 000,614,512 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.08.26 10:31:02 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.08.26 10:31:02 | 000,118,684 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.08.26 10:31:02 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.08.26 10:20:49 | 000,601,758 | ---- | C] () -- C:\Windows\System32\perfh01F.dat
[2009.08.26 10:20:49 | 000,285,034 | ---- | C] () -- C:\Windows\System32\perfi01F.dat
[2009.08.26 10:20:49 | 000,118,200 | ---- | C] () -- C:\Windows\System32\perfc01F.dat
[2009.08.26 10:20:49 | 000,037,160 | ---- | C] () -- C:\Windows\System32\perfd01F.dat
[2009.08.26 10:16:03 | 000,654,470 | ---- | C] () -- C:\Windows\System32\prfh0416.dat
[2009.08.26 10:16:03 | 000,323,154 | ---- | C] () -- C:\Windows\System32\prfi0416.dat
[2009.08.26 10:16:03 | 000,124,922 | ---- | C] () -- C:\Windows\System32\prfc0416.dat
[2009.08.26 10:16:03 | 000,038,536 | ---- | C] () -- C:\Windows\System32\prfd0416.dat
[2009.08.26 10:11:19 | 000,679,642 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2009.08.26 10:11:19 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2009.08.26 10:11:19 | 000,131,232 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2009.08.26 10:11:19 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2009.08.26 10:06:42 | 000,394,978 | ---- | C] () -- C:\Windows\System32\perfh012.dat
[2009.08.26 10:06:42 | 000,157,694 | ---- | C] () -- C:\Windows\System32\perfi012.dat
[2009.08.26 10:06:42 | 000,101,856 | ---- | C] () -- C:\Windows\System32\perfc012.dat
[2009.08.26 10:06:42 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd012.dat
[2009.08.26 09:57:01 | 000,666,732 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2009.08.26 09:57:01 | 000,336,704 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2009.08.26 09:57:01 | 000,128,892 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2009.08.26 09:57:01 | 000,039,446 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2009.08.26 09:52:12 | 000,681,356 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2009.08.26 09:52:12 | 000,341,322 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2009.08.26 09:52:12 | 000,129,608 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2009.08.26 09:52:12 | 000,043,068 | ---- | C] () -- C:\Windows\System32\perfd013.dat
[2009.08.26 09:47:39 | 000,680,010 | ---- | C] () -- C:\Windows\System32\perfh010.dat
[2009.08.26 09:47:39 | 000,335,478 | ---- | C] () -- C:\Windows\System32\perfi010.dat
[2009.08.26 09:47:39 | 000,124,006 | ---- | C] () -- C:\Windows\System32\perfc010.dat
[2009.08.26 09:47:39 | 000,037,534 | ---- | C] () -- C:\Windows\System32\perfd010.dat
[2009.08.26 09:43:06 | 000,383,546 | ---- | C] () -- C:\Windows\System32\perfh011.dat
[2009.08.26 09:43:06 | 000,141,988 | ---- | C] () -- C:\Windows\System32\perfi011.dat
[2009.08.26 09:43:06 | 000,103,568 | ---- | C] () -- C:\Windows\System32\perfc011.dat
[2009.08.26 09:43:06 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd011.dat
[2009.08.26 09:33:43 | 000,684,000 | ---- | C] () -- C:\Windows\System32\perfh00A.dat
[2009.08.26 09:33:43 | 000,341,432 | ---- | C] () -- C:\Windows\System32\perfi00A.dat
[2009.08.26 09:33:43 | 000,133,704 | ---- | C] () -- C:\Windows\System32\perfc00A.dat
[2009.08.26 09:33:43 | 000,041,390 | ---- | C] () -- C:\Windows\System32\perfd00A.dat
[2009.08.26 09:29:24 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.08.26 09:29:23 | 000,643,866 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.08.26 09:29:23 | 000,126,394 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.08.26 09:29:23 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.08.20 06:47:58 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,420,368 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,607,190 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,103,568 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.04.08 18:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.12.02 02:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2008.05.22 16:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
[2007.04.17 15:34:40 | 000,135,716 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
========== LOP Check ==========
[2011.11.16 23:03:14 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\AnvSoft
[2010.01.20 21:06:44 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\BITS
[2011.12.12 17:23:39 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\DAEMON Tools Lite
[2009.12.06 19:03:31 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\EDuke32 Settings
[2011.12.12 14:44:13 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\IrfanView
[2010.04.22 12:36:50 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Leadertech
[2010.12.09 18:22:30 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Meltdown
[2010.12.09 18:23:02 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\yang
[2012.01.09 22:14:22 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.12.14 16:55:41 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Adobe
[2011.11.16 23:03:14 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\AnvSoft
[2010.03.27 17:59:42 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Avira
[2010.01.20 21:06:44 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\BITS
[2010.08.04 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\CyberLink
[2011.12.12 17:23:39 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\DAEMON Tools Lite
[2010.05.06 13:33:40 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\DivX
[2009.12.06 19:03:31 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\EDuke32 Settings
[2009.12.14 16:55:41 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Identities
[2011.12.12 14:44:13 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\IrfanView
[2010.04.22 12:36:50 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Leadertech
[2012.01.12 16:15:28 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Logishrd
[2010.04.22 12:37:53 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Logitech
[2011.12.15 20:39:39 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Macromedia
[2012.02.15 14:35:43 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Malwarebytes
[2009.07.14 08:48:18 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Media Center Programs
[2012.01.30 09:29:42 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Media Player Classic
[2010.12.09 18:22:30 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Meltdown
[2012.02.12 15:00:55 | 000,000,000 | --SD | M] -- C:\Users\Tobi\AppData\Roaming\Microsoft
[2010.11.15 22:44:37 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Microsoft Game Studios
[2011.12.12 21:44:30 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Mozilla
[2009.12.14 16:55:58 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Real
[2010.05.24 21:41:43 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\TVU Networks
[2011.12.23 18:27:42 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Winamp
[2009.12.14 16:55:58 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\WinRAR
[2010.12.09 18:23:02 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\yang
< %APPDATA%\*.exe /s >
[2010.12.09 17:04:36 | 001,833,056 | ---- | M] (Lindersoft ) -- C:\Users\Tobi\AppData\Roaming\Meltdown\update.exe
[2009.12.06 23:43:16 | 002,723,264 | ---- | M] (Microsoft Corporation) -- C:\Users\Tobi\AppData\Roaming\Meltdown\vcredist_x862.exe
[2009.12.06 23:43:15 | 000,131,072 | ---- | M] (Mozilla Foundation) -- C:\Users\Tobi\AppData\Roaming\Meltdown\xr\updater.exe
[2009.12.06 23:43:15 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Users\Tobi\AppData\Roaming\Meltdown\xr\xpicleanup.exe
[2009.12.06 23:43:15 | 000,024,576 | ---- | M] (Mozilla Foundation) -- C:\Users\Tobi\AppData\Roaming\Meltdown\xr\xulrunner-stub.exe
[2009.12.06 23:43:15 | 000,094,208 | ---- | M] (Mozilla Foundation) -- C:\Users\Tobi\AppData\Roaming\Meltdown\xr\xulrunner.exe
[2010.04.22 12:36:50 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Tobi\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2010.12.21 17:46:04 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Tobi\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
[2010.12.21 17:46:04 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Tobi\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
[2010.12.21 17:46:04 | 000,008,854 | R--- | M] () -- C:\Users\Tobi\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2007.05.18 05:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
< MD5 for: IASTOR.SYS >
[2009.08.06 22:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Windows\System32\drivers\iaStor.sys
[2009.08.06 22:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_1f2a8fa4448bd5bf\iaStor.sys
[2009.06.04 11:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys
[2009.06.04 11:43:15 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_x86_neutral_10aa509d6843c6fc\iaStor.sys
< MD5 for: IASTORV.SYS >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.14 18:32:26 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
========== Alternate Data Streams ==========
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report > --- --- --- |