| JuppSchlupp | 02.07.2013 11:59 |
Wie diese kleinen Hilfsprogramme bei meiner masse an Datenmüll ackern müssen :P Aber sie sind endlich fertig.
FSS (....sieht irgendwie so leer jetzt aus oO) Code:
Farbar Service Scanner Version: 27-06-2013
Ran by Gast (administrator) on 02-07-2013 at 12:53:44
Running from "C:\Users\Gast\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-09-24 16:31] - [2009-04-11 09:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7
C:\Windows\System32\drivers\afd.sys
[2009-09-24 16:32] - [2009-04-11 07:44] - 0406016 ____A (Microsoft Corporation) 12415CCFD3E7CEC55B5184E67B039FE4
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2010-08-11 18:14] - [2010-06-16 19:14] - 1424264 ____A (Microsoft Corporation) 0011810B5211FDACD784DE585262ECFE
C:\Windows\System32\dnsrslvr.dll
[2009-09-24 16:31] - [2009-04-11 09:11] - 0117760 ____A (Microsoft Corporation) 21D16B37257370975C7457C3A5EFA530
C:\Windows\System32\mpssvc.dll
[2009-09-24 16:32] - [2009-04-11 09:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C
C:\Windows\System32\bfe.dll
[2009-09-24 16:31] - [2009-04-11 09:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-09-24 16:32] - [2009-04-11 09:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1
C:\Windows\System32\wscsvc.dll
[2009-09-24 16:31] - [2009-04-11 09:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A
C:\Windows\System32\wbem\WMIsvc.dll
[2009-09-24 16:31] - [2009-04-11 09:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02
C:\Windows\System32\wuaueng.dll
[2009-10-30 16:38] - [2009-08-07 04:24] - 2424024 ____A (Microsoft Corporation) FB3796754FE00F0BDC87A36F164A5F4D
C:\Windows\System32\qmgr.dll
[2009-09-24 16:32] - [2009-04-11 09:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C
C:\Windows\System32\es.dll
[2009-09-24 16:32] - [2009-04-11 09:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF
C:\Windows\System32\cryptsvc.dll
[2009-09-24 16:32] - [2009-04-11 09:11] - 0166912 ____A (Microsoft Corporation) 18918613E63F387CDE4D95CA7D49DCF7
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-09-24 16:32] - [2009-04-11 09:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF
**** End of log ****
und ne FRST
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-06-2013 03
Ran by Gast (administrator) on 02-07-2013 12:54:41
Running from C:\Users\Gast\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
(Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(KSE - Korndörfer Software Engineering) E:\Program Files\nHancer\nHancerService.exe
(Locktime Software) C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
(INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npkcmsvc.exe
(INCA Internet Co., Ltd.) C:\Windows\SysWOW64\INCAinternet\nProtect GameGuard Personal 3.0\nspsvc.exe
(INCA Internet Co.,Ltd.) C:\Windows\SysWOW64\INCAinternet\nProtect GameGuard Personal 3.0\nspupsvc.exe
(Locktime Software) C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(H+H Software GmbH) E:\Program Files (x86)\Virtual CD v9\System\VC9SecS.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
() C:\Windows\SysWOW64\BeepApp.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(H+H Software GmbH) E:\Program Files (x86)\Virtual CD v9\System\vc9play.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(H+H Software GmbH) E:\Program Files (x86)\Virtual CD v9\System\VC9Tray.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Adobe Systems Inc.) C:\Windows\TEMP\avast_ash\Adobe AIR\AdobeAIRInstaller.exe
(Adobe Systems Inc.) C:\Users\Gast\AppData\Local\Temp\AIRE4F1.tmp\Adobe AIR Installer.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [912688 2008-09-23] (Hewlett-Packard)
HKCU\...\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-10-17] (Hewlett-Packard)
HKCU\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [x]
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {139f4f8e-2e9f-11e0-b50d-002421172082} - L:\OblivionLauncher.exe
MountPoints2: {139f4f9c-2e9f-11e0-b50d-002421172082} - M:\setup.exe
MountPoints2: {164bed90-1e7b-11e0-aa79-002421172082} - L:\OblivionLauncher.exe
MountPoints2: {3f05954f-e5bd-11dd-9d91-806e6f6e6963} - F:\autorun.exe
MountPoints2: {e273aac0-cbc4-11de-ade2-002421172082} - K:\Autorun.exe
HKLM-x32\...\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [119296 2007-02-15] (OsdMaestro)
HKLM-x32\...\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [1148200 2008-09-26] (CyberLink Corp.)
HKLM-x32\...\Run: [VC9Player] "E:\Program Files (x86)\Virtual CD v9\System\VC9Play.exe" [x]
HKLM-x32\...\Run: [nProtect GameGuard Personal 3.0] "E:\Program Files (x86)\INCAInternet\nProtect GameGuard Personal 3.0\nProtect GameGuard Personal 3.0\nspmain.exe" -tray [x]
HKLM-x32\...\Run: [DivXMediaServer] "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [450560 2013-03-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263952 2013-02-13] ()
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [x]
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-10-17] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-10-17] (Hewlett-Packard)
HKU\UpdatusUser\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-10-17] (Hewlett-Packard)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
SearchScopes: HKLM - {79C90567-5C09-4507-9307-1B81999F79F7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM - {8C5BF184-BEAC-415C-8A6F-69F27A468C07} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {F62C4EF5-02A5-4118-BD59-A1C8D69F7CFD} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM-x32 - {79C90567-5C09-4507-9307-1B81999F79F7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
HKCU SearchScopes: DefaultScope {2592934B-F16C-4C06-B794-A59D7A79FDFF} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {2592934B-F16C-4C06-B794-A59D7A79FDFF} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {79C90567-5C09-4507-9307-1B81999F79F7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
DPF: HKLM-x32 {140E4DF8-9E14-4A34-9577-C77561ED7883} https://s3.amazonaws.com/content.systemrequirementslab.com/global/bin/srldetect_cyri_4.1.72.0_x.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} hxxp://update.nprotect.net/keycrypt/cabal/npkcx_inca.cab
DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.16.0.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [51656 2009-05-22] (EasyBits Software Corp.)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\hsomrsr5.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\12\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - E:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Gast\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: No Name - C:\Users\Gast\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\hsomrsr5.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: DownloadHelper - C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\hsomrsr5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: No Name - C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\hsomrsr5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR DefaultSearchURL: (facemoods) - hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
CHR DefaultSuggestURL: (facemoods) - "suggest_url": ""
CHR Extension: (Skype Click to Call) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
==================== Services (Whitelisted) =================
S4 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-05-09] (AVAST Software)
S4 DAUpdaterSvc; E:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
R2 HPBtnSrv; C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [192512 2008-09-30] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 nHancer; E:\Program Files\nHancer\nHancerService.exe [39424 2010-05-02] (KSE - Korndörfer Software Engineering)
R2 nlsvc; C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe [817152 2010-03-25] (Locktime Software)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [3813096 2010-06-20] (INCA Internet Co., Ltd.)
R2 npkcmsvc; C:\Windows\SysWOW64\npkcmsvc.exe [191008 2010-08-22] (INCA Internet Co., Ltd.)
R2 NSPService; C:\Windows\SysWOW64\INCAinternet\nProtect GameGuard Personal 3.0\nspsvc.exe [581248 2011-09-16] (INCA Internet Co., Ltd.)
R2 NSPUpdateService; C:\Windows\SysWOW64\INCAinternet\nProtect GameGuard Personal 3.0\nspupsvc.exe [1252840 2012-10-25] (INCA Internet Co.,Ltd.)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [276584 2010-03-22] (NVIDIA)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-11-30] ()
S2 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [160944 2012-07-03] (Skype Technologies)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [282728 2009-11-06] (NVIDIA)
R2 VC9SecS; E:\Program Files (x86)\Virtual CD v9\System\VC9SecS.exe [132424 2009-04-21] (H+H Software GmbH)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]
S3 wbengine; "%systemroot%\system32\wbengine.exe" [x]
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswFW; C:\Windows\system32\drivers\aswFW.sys [131232 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2013-03-13] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\drivers\aswNdis2.sys [270824 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [59144 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-01] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-01] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-01] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-01-12] ()
S3 CEDRIVER60; E:\Program Files (x86)\Cheat Engine 6.3\dbk64.sys [64480 2013-06-02] ()
S3 HH9Help.sys; C:\Windows\system32\drivers\HH9Help.sys [24344 2007-01-23] (H+H Software GmbH)
S3 HH9Help.sys; C:\Windows\system32\drivers\HH9Help.sys [24344 2007-01-23] (H+H Software GmbH)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-01-12] ()
R1 nltdi; C:\Windows\system32\drivers\nltdi.sys [89224 2010-03-25] (Locktime Software)
R1 nltdi; C:\Windows\system32\drivers\nltdi.sys [89224 2010-03-25] (Locktime Software)
S3 npkcft64; C:\Windows\SysWOW64\npkcft64.sys [45600 2010-08-22] (INCA Internet Co., Ltd.)
S3 npkcft64; C:\Windows\SysWOW64\npkcft64.sys [45600 2010-08-22] (INCA Internet Co., Ltd.)
S3 npkuft64; C:\Windows\SysWOW64\npkuft64.sys [40992 2010-08-22] (INCA Internet Co., Ltd.)
S3 npkuft64; C:\Windows\SysWOW64\npkuft64.sys [40992 2010-08-22] (INCA Internet Co., Ltd.)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce))
R0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [77952 2009-02-03] (Protection Technology (StarForce))
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-01-12] ()
S2 tandpl; C:\Windows\SysWow64\drivers\tandpl.sys [4736 2003-04-19] ()
R3 TKCtrl; C:\Windows\system32\TKCtrl2k64.sys [87872 2012-07-03] (INCA Internet Co., Ltd.)
R3 TKCtrl; C:\Windows\system32\TKCtrl2k64.sys [87872 2012-07-03] (INCA Internet Co., Ltd.)
R3 TKFsAvM; C:\Windows\system32\TKFsAv64.sys [139136 2012-12-26] (INCA Internet Co., Ltd.)
R3 TKFsAvM; C:\Windows\system32\TKFsAv64.sys [139136 2012-12-26] (INCA Internet Co., Ltd.)
R3 TkFsFtM; C:\Windows\System32\TKFsFt64.sys [23392 2012-11-06] (INCA Internet Co., Ltd.)
R3 TkFsFtM; C:\Windows\SysWow64\TKFsFt64.sys [22848 2011-03-28] (INCA Internet Co., Ltd.)
R1 TKFWFV; C:\Windows\System32\TKFWFV64.sys [34400 2011-03-28] (INCA Internet Co., Ltd.)
R3 TKFWVT; C:\Windows\system32\TKFWVT64.sys [183112 2012-10-23] (INCA Internet Co.,Ltd.)
R3 TKFWVT; C:\Windows\system32\TKFWVT64.sys [183112 2012-10-23] (INCA Internet Co.,Ltd.)
R3 TkIdsVt; C:\Windows\system32\TkIdsVt64.sys [99168 2012-07-31] (INCA Internet Co.,Ltd.)
R3 TkIdsVt; C:\Windows\system32\TkIdsVt64.sys [99168 2012-07-31] (INCA Internet Co.,Ltd.)
R3 TKPcFt; C:\Windows\system32\TKPcFtCb64.sys [29024 2012-11-06] (INCA Internet Co., Ltd.)
R3 TKPcFt; C:\Windows\system32\TKPcFtCb64.sys [29024 2012-11-06] (INCA Internet Co., Ltd.)
R3 vcd9bus; C:\Windows\System32\DRIVERS\vcd9bus.sys [40216 2007-01-23] (H+H Software GmbH)
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [297496 2008-02-12] (Microsoft Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [27632 2008-09-26] (Cyberlink Corp.)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [27632 2008-09-26] (Cyberlink Corp.)
S3 dump_wmimmc; \??\E:\Program Files (x86)\Games-Masters.com\CABAL Online (Europe)\GameGuard\dump_wmimmc.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [x]
S2 tandpl; System32\drivers\tandpl.sys [x]
S3 X6va005; \??\C:\Users\Gast\AppData\Local\Temp\00539A5.tmp [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-02 12:54 - 2013-07-02 12:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-02 11:47 - 2013-07-02 11:47 - 00000207 ____A C:\Windows\tweaking.com-regbackup-GAST-PC-Microsoft®-Windows-Vista™-Home-Premium-(64-Bit).dat
2013-07-02 11:46 - 2013-07-02 11:46 - 00000000 ____D C:\RegBackup
2013-07-02 11:04 - 2013-07-02 12:35 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-02 10:54 - 2013-07-02 10:54 - 00000910 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-02 10:51 - 2013-07-02 10:52 - 00000000 ____D C:\Users\Gast\Desktop\Tweaking.com - Windows Repair
2013-07-02 10:32 - 2013-07-02 10:32 - 03517580 ____A C:\Users\Gast\Desktop\tweaking.com_windows_repair_aio.zip
2013-07-02 10:31 - 2013-07-02 10:31 - 00448512 ____A (OldTimer Tools) C:\Users\Gast\Desktop\TFC.exe
2013-07-01 19:42 - 2013-07-01 19:42 - 00890988 ____A C:\Users\Gast\Desktop\SecurityCheck.exe
2013-07-01 19:38 - 2013-07-01 19:38 - 02347384 ____A (ESET) C:\Users\Gast\Desktop\esetsmartinstaller_enu.exe
2013-07-01 19:37 - 2013-07-02 12:53 - 00003644 ____A C:\Users\Gast\Desktop\FSS.txt
2013-07-01 19:35 - 2013-07-01 19:35 - 00356397 ____A (Farbar) C:\Users\Gast\Desktop\FSS.exe
2013-07-01 17:28 - 2013-07-01 17:28 - 00000000 ____D C:\Windows\ERUNT
2013-07-01 17:28 - 2013-07-01 17:28 - 00000000 ____D C:\JRT
2013-07-01 17:27 - 2013-07-01 17:27 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Gast\Desktop\JRT.exe
2013-07-01 17:23 - 2013-07-01 17:23 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-01 17:23 - 2013-07-01 17:23 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-01 17:08 - 2013-07-01 17:08 - 00035782 ____A C:\AdwCleaner[S1].txt
2013-07-01 17:08 - 2013-07-01 17:08 - 00001656 ____A C:\Windows\DeleteOnReboot.bat
2013-07-01 17:07 - 2013-07-01 17:07 - 00648201 ____A C:\Users\Gast\Desktop\adwcleaner.exe
2013-07-01 14:45 - 2013-07-01 14:45 - 01933758 ____A (Farbar) C:\Users\Gast\Desktop\FRST64.exe
2013-07-01 14:45 - 2013-07-01 14:45 - 00000000 ____D C:\FRST
2013-07-01 13:17 - 2013-07-01 14:11 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-07-01 13:14 - 2013-07-01 13:14 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Gast\Desktop\tdsskiller.exe
2013-07-01 11:28 - 2013-07-01 11:28 - 00602112 ____A (OldTimer Tools) C:\Users\Gast\Desktop\OTL.exe
2013-07-01 11:25 - 2013-07-01 11:25 - 00001704 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2013-07-01 10:02 - 2013-07-02 11:35 - 00001064 ____A C:\Windows\System32\spsys.log
2013-07-01 00:42 - 2013-07-01 00:42 - 00378944 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-07-01 00:42 - 2013-07-01 00:42 - 00001787 ____A C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-07-01 00:42 - 2013-07-01 00:42 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum
2013-07-01 00:42 - 2013-07-01 00:42 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
2013-07-01 00:42 - 2013-07-01 00:42 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-07-01 00:42 - 2013-05-09 10:59 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-07-01 00:41 - 2013-07-01 00:42 - 01030952 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-07-01 00:41 - 2013-07-01 00:42 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-07-01 00:41 - 2013-07-01 00:41 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-07-01 00:41 - 2013-05-09 10:59 - 00270824 ____A (AVAST Software) C:\Windows\System32\Drivers\aswNdis2.sys
2013-07-01 00:41 - 2013-05-09 10:59 - 00131232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFW.sys
2013-07-01 00:41 - 2013-05-09 10:59 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-07-01 00:41 - 2013-05-09 10:59 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-07-01 00:41 - 2013-05-09 10:59 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-07-01 00:41 - 2013-05-09 10:59 - 00059144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr.sys
2013-07-01 00:41 - 2013-05-09 10:59 - 00022600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswKbd.sys
2013-07-01 00:41 - 2013-05-09 10:58 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-07-01 00:40 - 2013-07-01 00:40 - 00383868 ____A C:\Users\Gast\AppData\Local\dd_vcredistMSI165D.txt
2013-07-01 00:40 - 2013-07-01 00:40 - 00012410 ____A C:\Users\Gast\AppData\Local\dd_vcredistUI165D.txt
2013-07-01 00:40 - 2013-05-09 10:58 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-07-01 00:40 - 2013-03-13 19:01 - 00012368 ____A (ALWIL Software) C:\Windows\System32\Drivers\aswNdis.sys
2013-07-01 00:39 - 2013-07-01 00:39 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-01 00:39 - 2013-07-01 00:39 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-01 00:24 - 2013-07-01 00:24 - 00792160 ____A C:\Users\Gast\AppData\Local\census.cache
2013-07-01 00:24 - 2013-07-01 00:24 - 00205389 ____A C:\Users\Gast\AppData\Local\ars.cache
2013-07-01 00:10 - 2013-07-01 00:10 - 00000036 ____A C:\Users\Gast\AppData\Local\housecall.guid.cache
2013-06-30 20:54 - 2013-07-02 10:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-30 20:54 - 2013-06-30 20:54 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Malwarebytes
2013-06-30 20:54 - 2013-06-30 20:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-30 20:54 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-30 10:10 - 2013-06-30 10:10 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2013-06-29 23:28 - 2013-06-30 09:54 - 988293471 ____A C:\Users\Gast\Downloads\Zone Archive Pack.rar
2013-06-29 22:41 - 2013-06-29 22:41 - 00019442 ____A C:\Users\Gast\Downloads\(SUMOTorrent.com)_ZONE_ARCHIVE_Hentai-Key _SP5686432.torrent
2013-06-26 12:30 - 2013-06-26 12:31 - 00000759 ____A C:\Users\Gast\Desktop\daoloader - Verknüpfung.lnk
2013-06-26 09:24 - 2013-06-26 09:24 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Locktime
2013-06-25 21:08 - 2013-06-25 21:08 - 00093367 ____A C:\Users\Gast\Downloads\bws-0598 (1).rar
2013-06-25 21:05 - 2013-06-25 21:05 - 00446584 ____A C:\Users\Gast\Downloads\l4r-da104.rar
2013-06-25 21:01 - 2013-06-25 21:01 - 00084308 ____A C:\Users\Gast\Downloads\bws-0598.rar
2013-06-25 19:42 - 2013-06-25 19:42 - 00071687 ____A C:\Users\Gast\Downloads\dragon_age_origins_plus_8_trainer.zip
2013-06-25 19:19 - 2013-06-25 19:19 - 00033117 ____A C:\Users\Gast\Downloads\daoloader.r4-TiLL.rar
2013-06-25 17:32 - 2013-06-25 17:32 - 00001736 ____A C:\Users\Public\Desktop\NetLimiter 2 Monitor.lnk
2013-06-25 17:32 - 2013-06-25 17:32 - 00000000 ____D C:\ProgramData\Locktime
2013-06-25 17:32 - 2013-06-25 17:32 - 00000000 ____D C:\Program Files\NetLimiter 2 Monitor
2013-06-25 17:31 - 2013-06-25 17:32 - 01827848 ____A C:\Users\Gast\Downloads\nl_2011_mon_64.exe
2013-06-25 16:51 - 2013-06-25 16:51 - 04689729 ____A C:\Users\Gast\Downloads\The LAST REMNANT Save Editor V4.2.rar
2013-06-25 13:38 - 2013-06-25 13:38 - 00000466 ____A C:\Users\Public\Desktop\Guild Wars 2.lnk
2013-06-23 11:30 - 2013-06-23 11:30 - 00000000 ____D C:\Users\Gast\Desktop\Unepic 1.43.1[Steam]
2013-06-23 11:26 - 2013-06-23 11:29 - 94994694 ____A C:\Users\Gast\Downloads\Unepic_1.43.1_Steam_.7z
2013-06-22 23:23 - 2013-06-22 23:23 - 08071400 ____A (Cheat Engine ) C:\Users\Gast\Downloads\CheatEngine63.exe
2013-06-22 21:50 - 2013-06-22 21:50 - 00153366 ____A C:\Users\Gast\Downloads\Unepic v1.0.30 Trainer +6 ~HoG.rar
2013-06-16 15:34 - 2013-06-16 15:34 - 00017477 ____A C:\Users\Gast\Downloads\Run For Your Lives-23906-1-2-2.7z
2013-06-16 15:33 - 2013-06-16 15:33 - 00018227 ____A C:\Users\Gast\Downloads\When Vampires Attack-28235-1-0-2.7z
2013-06-16 14:18 - 2013-06-16 14:18 - 04109361 ____A C:\Users\Gast\Downloads\UNP silverlight armor-37189-1-0.7z
2013-06-16 14:16 - 2013-06-16 14:17 - 17789249 ____A C:\Users\Gast\Downloads\Silverlight Armor 0992 no pauldrons CBBE-10251-0-992.7z
2013-06-16 13:59 - 2013-06-16 13:59 - 00007675 ____A C:\Users\Gast\Downloads\Sexlab_SimpleRape_05252013.zip
2013-06-16 13:16 - 2013-06-16 13:18 - 00457617 ____A C:\Users\Gast\Downloads\SexLab_LoversComfort_v20130604.zip
2013-06-16 13:15 - 2013-06-16 13:16 - 00097394 ____A C:\Users\Gast\Downloads\SexLab_LoversHook_v20130606.zip
2013-06-14 16:17 - 2013-06-16 19:10 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Awesomium
2013-06-14 16:17 - 2013-06-14 16:17 - 00363746 ____A C:\Users\Gast\AppData\Local\dd_vcredistMSI32F3.txt
2013-06-14 16:17 - 2013-06-14 16:17 - 00011942 ____A C:\Users\Gast\AppData\Local\dd_vcredistUI32F3.txt
2013-06-14 13:18 - 2013-06-14 13:18 - 00000222 ____A C:\Users\Gast\Desktop\Marvel Heroes.url
2013-06-09 00:04 - 2013-06-09 00:04 - 00038737 ____A C:\Users\Gast\Downloads\SC07SexLabRandomAttack.7z
2013-06-09 00:02 - 2013-06-09 00:05 - 68829391 ____A C:\Users\Gast\Downloads\SexLabFramework.v101b.zip
2013-06-08 19:15 - 2013-06-08 19:15 - 00000000 ____D C:\Users\Gast\AppData\Local\EdgeOfReality
2013-06-08 18:52 - 2013-06-08 18:52 - 00000222 ____A C:\Users\Gast\Desktop\Loadout.url
2013-06-08 13:42 - 2013-06-08 13:42 - 00064388 ____A C:\Users\Gast\Downloads\X-RayMod_v039.zip
2013-06-08 12:07 - 2013-06-08 12:07 - 00003673 ____A C:\Users\Gast\Downloads\Timber! (1.5.2).zip
2013-06-08 12:05 - 2013-06-08 12:06 - 00007834 ____A C:\Users\Gast\Downloads\Recipe Book.zip
2013-06-08 12:01 - 2013-06-08 12:01 - 00199825 ____A C:\Users\Gast\Downloads\ModLoader (2).zip
2013-06-08 12:01 - 2013-06-08 12:01 - 00199825 ____A C:\Users\Gast\Downloads\ModLoader (1).zip
==================== One Month Modified Files and Folders =======
2013-07-02 12:54 - 2013-07-02 12:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-02 12:54 - 2010-04-08 10:31 - 00000000 ____D C:\Users\Gast\AppData\Local\Adobe
2013-07-02 12:53 - 2013-07-01 19:37 - 00003644 ____A C:\Users\Gast\Desktop\FSS.txt
2013-07-02 12:51 - 2006-11-02 17:07 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-02 12:47 - 2009-01-08 03:28 - 16644252 ____A C:\Windows\System32\perfh007.dat
2013-07-02 12:47 - 2009-01-08 03:28 - 05444700 ____A C:\Windows\System32\perfc007.dat
2013-07-02 12:47 - 2006-11-02 14:46 - 00006896 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-02 12:44 - 2010-07-10 20:06 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-02 12:44 - 2010-07-10 20:06 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-02 12:41 - 2008-09-19 04:55 - 00014466 ____A C:\Windows\SysWOW64\NapaSet.txt
2013-07-02 12:40 - 2009-04-23 16:33 - 00083808 ____A C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-02 12:38 - 2006-11-02 17:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-02 12:38 - 2006-11-02 17:22 - 00003616 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:38 - 2006-11-02 17:22 - 00003616 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:37 - 2010-12-17 20:20 - 00057822 ____A C:\Windows\PFRO.log
2013-07-02 12:37 - 2006-11-02 17:21 - 00350136 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-02 12:36 - 2006-11-02 17:42 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-02 12:35 - 2013-07-02 11:04 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-02 12:30 - 2006-11-02 14:34 - 00000258 ____A C:\Windows\win.ini
2013-07-02 12:21 - 2012-08-22 17:22 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-02 11:47 - 2013-07-02 11:47 - 00000207 ____A C:\Windows\tweaking.com-regbackup-GAST-PC-Microsoft®-Windows-Vista™-Home-Premium-(64-Bit).dat
2013-07-02 11:46 - 2013-07-02 11:46 - 00000000 ____D C:\RegBackup
2013-07-02 11:35 - 2013-07-01 10:02 - 00001064 ____A C:\Windows\System32\spsys.log
2013-07-02 10:54 - 2013-07-02 10:54 - 00000910 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-02 10:54 - 2013-06-30 20:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-02 10:52 - 2013-07-02 10:51 - 00000000 ____D C:\Users\Gast\Desktop\Tweaking.com - Windows Repair
2013-07-02 10:32 - 2013-07-02 10:32 - 03517580 ____A C:\Users\Gast\Desktop\tweaking.com_windows_repair_aio.zip
2013-07-02 10:31 - 2013-07-02 10:31 - 00448512 ____A (OldTimer Tools) C:\Users\Gast\Desktop\TFC.exe
2013-07-02 02:13 - 2009-01-19 02:16 - 01704278 ____A C:\Windows\WindowsUpdate.log
2013-07-01 19:42 - 2013-07-01 19:42 - 00890988 ____A C:\Users\Gast\Desktop\SecurityCheck.exe
2013-07-01 19:38 - 2013-07-01 19:38 - 02347384 ____A (ESET) C:\Users\Gast\Desktop\esetsmartinstaller_enu.exe
2013-07-01 19:35 - 2013-07-01 19:35 - 00356397 ____A (Farbar) C:\Users\Gast\Desktop\FSS.exe
2013-07-01 17:28 - 2013-07-01 17:28 - 00000000 ____D C:\Windows\ERUNT
2013-07-01 17:28 - 2013-07-01 17:28 - 00000000 ____D C:\JRT
2013-07-01 17:27 - 2013-07-01 17:27 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Gast\Desktop\JRT.exe
2013-07-01 17:23 - 2013-07-01 17:23 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-01 17:23 - 2013-07-01 17:23 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-01 17:23 - 2013-05-02 19:41 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-01 17:23 - 2013-05-02 19:41 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-01 17:23 - 2012-09-03 23:49 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-01 17:23 - 2010-04-29 17:17 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-01 17:23 - 2009-01-07 19:49 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-01 17:16 - 2010-11-12 20:03 - 00000000 ____D C:\Users\Gast\AppData\Local\Deployment
2013-07-01 17:08 - 2013-07-01 17:08 - 00035782 ____A C:\AdwCleaner[S1].txt
2013-07-01 17:08 - 2013-07-01 17:08 - 00001656 ____A C:\Windows\DeleteOnReboot.bat
2013-07-01 17:07 - 2013-07-01 17:07 - 00648201 ____A C:\Users\Gast\Desktop\adwcleaner.exe
2013-07-01 14:45 - 2013-07-01 14:45 - 01933758 ____A (Farbar) C:\Users\Gast\Desktop\FRST64.exe
2013-07-01 14:45 - 2013-07-01 14:45 - 00000000 ____D C:\FRST
2013-07-01 14:11 - 2013-07-01 13:17 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-07-01 13:14 - 2013-07-01 13:14 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Gast\Desktop\tdsskiller.exe
2013-07-01 11:28 - 2013-07-01 11:28 - 00602112 ____A (OldTimer Tools) C:\Users\Gast\Desktop\OTL.exe
2013-07-01 11:25 - 2013-07-01 11:25 - 00001704 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2013-07-01 11:25 - 2009-12-12 15:40 - 00000000 ____D C:\ProgramData\Adobe
2013-07-01 10:59 - 2010-12-22 15:04 - 00000000 ____D C:\Users\Gast\Desktop\Trainer
2013-07-01 10:58 - 2011-08-13 15:12 - 00000368 ____A C:\Windows\SysWOW64\nspgpinf.nsx
2013-07-01 00:42 - 2013-07-01 00:42 - 00378944 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-07-01 00:42 - 2013-07-01 00:42 - 00001787 ____A C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-07-01 00:42 - 2013-07-01 00:42 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum
2013-07-01 00:42 - 2013-07-01 00:42 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
2013-07-01 00:42 - 2013-07-01 00:42 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-07-01 00:42 - 2013-07-01 00:41 - 01030952 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-07-01 00:42 - 2013-07-01 00:41 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-07-01 00:41 - 2013-07-01 00:41 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-07-01 00:41 - 2009-04-23 15:22 - 00000000 ____D C:\users\Gast
2013-07-01 00:40 - 2013-07-01 00:40 - 00383868 ____A C:\Users\Gast\AppData\Local\dd_vcredistMSI165D.txt
2013-07-01 00:40 - 2013-07-01 00:40 - 00012410 ____A C:\Users\Gast\AppData\Local\dd_vcredistUI165D.txt
2013-07-01 00:39 - 2013-07-01 00:39 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-01 00:39 - 2013-07-01 00:39 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-01 00:24 - 2013-07-01 00:24 - 00792160 ____A C:\Users\Gast\AppData\Local\census.cache
2013-07-01 00:24 - 2013-07-01 00:24 - 00205389 ____A C:\Users\Gast\AppData\Local\ars.cache
2013-07-01 00:10 - 2013-07-01 00:10 - 00000036 ____A C:\Users\Gast\AppData\Local\housecall.guid.cache
2013-06-30 20:54 - 2013-06-30 20:54 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Malwarebytes
2013-06-30 20:54 - 2013-06-30 20:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-30 20:40 - 2011-05-20 23:52 - 00001987 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-30 14:31 - 2009-08-14 19:34 - 00044032 ____A C:\Users\Gast\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-30 14:29 - 2010-03-20 09:42 - 00000000 ____D C:\Users\Gast\AppData\Roaming\vlc
2013-06-30 10:10 - 2013-06-30 10:10 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2013-06-30 09:57 - 2009-09-26 23:38 - 00000000 ____D C:\Users\Gast\AppData\Roaming\BitTorrent
2013-06-30 09:54 - 2013-06-29 23:28 - 988293471 ____A C:\Users\Gast\Downloads\Zone Archive Pack.rar
2013-06-29 22:41 - 2013-06-29 22:41 - 00019442 ____A C:\Users\Gast\Downloads\(SUMOTorrent.com)_ZONE_ARCHIVE_Hentai-Key _SP5686432.torrent
2013-06-28 23:23 - 2012-04-28 22:06 - 00000000 ____D C:\Users\Gast\AppData\Local\PMB Files
2013-06-28 23:23 - 2012-04-28 22:06 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-27 09:22 - 2011-12-07 22:21 - 00000000 ____D C:\Users\Gast\AppData\Local\Skyrim
2013-06-26 12:31 - 2013-06-26 12:30 - 00000759 ____A C:\Users\Gast\Desktop\daoloader - Verknüpfung.lnk
2013-06-26 09:24 - 2013-06-26 09:24 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Locktime
2013-06-25 21:08 - 2013-06-25 21:08 - 00093367 ____A C:\Users\Gast\Downloads\bws-0598 (1).rar
2013-06-25 21:05 - 2013-06-25 21:05 - 00446584 ____A C:\Users\Gast\Downloads\l4r-da104.rar
2013-06-25 21:01 - 2013-06-25 21:01 - 00084308 ____A C:\Users\Gast\Downloads\bws-0598.rar
2013-06-25 19:42 - 2013-06-25 19:42 - 00071687 ____A C:\Users\Gast\Downloads\dragon_age_origins_plus_8_trainer.zip
2013-06-25 19:19 - 2013-06-25 19:19 - 00033117 ____A C:\Users\Gast\Downloads\daoloader.r4-TiLL.rar
2013-06-25 17:32 - 2013-06-25 17:32 - 00001736 ____A C:\Users\Public\Desktop\NetLimiter 2 Monitor.lnk
2013-06-25 17:32 - 2013-06-25 17:32 - 00000000 ____D C:\ProgramData\Locktime
2013-06-25 17:32 - 2013-06-25 17:32 - 00000000 ____D C:\Program Files\NetLimiter 2 Monitor
2013-06-25 17:32 - 2013-06-25 17:31 - 01827848 ____A C:\Users\Gast\Downloads\nl_2011_mon_64.exe
2013-06-25 16:51 - 2013-06-25 16:51 - 04689729 ____A C:\Users\Gast\Downloads\The LAST REMNANT Save Editor V4.2.rar
2013-06-25 13:38 - 2013-06-25 13:38 - 00000466 ____A C:\Users\Public\Desktop\Guild Wars 2.lnk
2013-06-25 11:34 - 2012-02-02 19:46 - 00000000 ____D C:\Users\Gast\AppData\Roaming\.minecraft
2013-06-24 10:01 - 2009-04-24 10:08 - 00000456 ____A C:\Windows\Tasks\PCDRScheduledMaintenance.job
2013-06-23 11:30 - 2013-06-23 11:30 - 00000000 ____D C:\Users\Gast\Desktop\Unepic 1.43.1[Steam]
2013-06-23 11:29 - 2013-06-23 11:26 - 94994694 ____A C:\Users\Gast\Downloads\Unepic_1.43.1_Steam_.7z
2013-06-23 11:26 - 2010-12-22 15:03 - 00000000 ____D C:\Users\Gast\Desktop\Spiele
2013-06-22 23:23 - 2013-06-22 23:23 - 08071400 ____A (Cheat Engine ) C:\Users\Gast\Downloads\CheatEngine63.exe
2013-06-22 21:50 - 2013-06-22 21:50 - 00153366 ____A C:\Users\Gast\Downloads\Unepic v1.0.30 Trainer +6 ~HoG.rar
2013-06-21 08:48 - 2012-05-19 08:10 - 00007916 ____A C:\Users\Gast\AppData\Local\d3d9caps.dat
2013-06-20 11:10 - 2009-04-30 12:10 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2013-06-18 11:40 - 2010-12-10 13:19 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2013-06-16 19:10 - 2013-06-14 16:17 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Awesomium
2013-06-16 15:34 - 2013-06-16 15:34 - 00017477 ____A C:\Users\Gast\Downloads\Run For Your Lives-23906-1-2-2.7z
2013-06-16 15:33 - 2013-06-16 15:33 - 00018227 ____A C:\Users\Gast\Downloads\When Vampires Attack-28235-1-0-2.7z
2013-06-16 14:18 - 2013-06-16 14:18 - 04109361 ____A C:\Users\Gast\Downloads\UNP silverlight armor-37189-1-0.7z
2013-06-16 14:17 - 2013-06-16 14:16 - 17789249 ____A C:\Users\Gast\Downloads\Silverlight Armor 0992 no pauldrons CBBE-10251-0-992.7z
2013-06-16 13:59 - 2013-06-16 13:59 - 00007675 ____A C:\Users\Gast\Downloads\Sexlab_SimpleRape_05252013.zip
2013-06-16 13:18 - 2013-06-16 13:16 - 00457617 ____A C:\Users\Gast\Downloads\SexLab_LoversComfort_v20130604.zip
2013-06-16 13:16 - 2013-06-16 13:15 - 00097394 ____A C:\Users\Gast\Downloads\SexLab_LoversHook_v20130606.zip
2013-06-14 16:29 - 2011-01-12 20:45 - 00566636 ____A C:\Windows\DirectX.log
2013-06-14 16:17 - 2013-06-14 16:17 - 00363746 ____A C:\Users\Gast\AppData\Local\dd_vcredistMSI32F3.txt
2013-06-14 16:17 - 2013-06-14 16:17 - 00011942 ____A C:\Users\Gast\AppData\Local\dd_vcredistUI32F3.txt
2013-06-14 16:17 - 2009-10-25 08:56 - 00000000 ____D C:\Users\Gast\Documents\My Games
2013-06-14 13:18 - 2013-06-14 13:18 - 00000222 ____A C:\Users\Gast\Desktop\Marvel Heroes.url
2013-06-12 17:21 - 2012-04-09 09:56 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 17:21 - 2011-06-01 07:03 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-09 00:05 - 2013-06-09 00:02 - 68829391 ____A C:\Users\Gast\Downloads\SexLabFramework.v101b.zip
2013-06-09 00:04 - 2013-06-09 00:04 - 00038737 ____A C:\Users\Gast\Downloads\SC07SexLabRandomAttack.7z
2013-06-08 19:15 - 2013-06-08 19:15 - 00000000 ____D C:\Users\Gast\AppData\Local\EdgeOfReality
2013-06-08 18:52 - 2013-06-08 18:52 - 00000222 ____A C:\Users\Gast\Desktop\Loadout.url
2013-06-08 13:42 - 2013-06-08 13:42 - 00064388 ____A C:\Users\Gast\Downloads\X-RayMod_v039.zip
2013-06-08 12:07 - 2013-06-08 12:07 - 00003673 ____A C:\Users\Gast\Downloads\Timber! (1.5.2).zip
2013-06-08 12:06 - 2013-06-08 12:05 - 00007834 ____A C:\Users\Gast\Downloads\Recipe Book.zip
2013-06-08 12:01 - 2013-06-08 12:01 - 00199825 ____A C:\Users\Gast\Downloads\ModLoader (2).zip
2013-06-08 12:01 - 2013-06-08 12:01 - 00199825 ____A C:\Users\Gast\Downloads\ModLoader (1).zip
2013-06-05 19:24 - 2012-07-06 22:17 - 00000000 ____D C:\Users\Gast\AppData\Local\Origin
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-02 12:52
==================== End Of Log ============================
--- --- --- |
