Problem beim starten eines Prozesses (evtl. Trojaner, etc.)

OTL logfile created on: 01.08.2010 15:05:58 - Run 2
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Dizzy\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 37,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 92,62 Gb Free Space | 39,77% Space Free | Partition Type: NTFS
Drive D: | 153,38 Gb Total Space | 153,27 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
Drive E: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MAINS
Current User Name: Dizzy
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
 
========== Processes (SafeList) ==========
 
PRC - C:\Windows\SysWow64\PrintDisp.exe File not found
PRC - C:\Windows\SysWow64\PrintCtrl.exe File not found
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Users\Dizzy\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Games\League of Legends\game\League of Legends.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Games\League of Legends\air\LolClient.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Games\League of Legends\lol.launcher.exe (Solid State Networks)
PRC - C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe (Skype Technologies S.A.)
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Users\Dizzy\AppData\Local\Temp\Rar$EX00.869\pbsetup.exe ()
PRC - C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Dizzy\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Logitech\SetPoint\x86\GameHook.dll (Logitech, Inc.)
MOD - C:\Programme\Logitech\SetPoint\x86\lgscroll.dll (Logitech, Inc.)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrB) -- C:\Windows\SysNative\PnkBstrB.exe File not found
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (Printer Control) -- C:\Windows\SysNative\PrintCtrl.exe (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
SRV:64bit: - (LVPrcS64) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (WEBNTACCESS) -- C:\Windows\SysNative\NTACCESS.SYS File not found
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (LVUVC64) Logitech Webcam 250(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH)
DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV - (RivaTuner64) -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys ()
DRV - (WEBNTACCESS) -- C:\Windows\SysWOW64\Ntaccess.sys (Your Corporation)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8F 44 56 28 2B F5 CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {E4091D66-127C-11DB-903A-DE80D2EFDFE8}:1.6.4
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.5.7
FF - prefs.js..extensions.enabledItems: tabscroll@mthamil:20100626
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.24 09:54:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.24 09:54:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.03.17 10:56:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.02.28 20:18:43 | 000,000,000 | ---D | M]
 
[2009.10.29 12:22:39 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\mozilla\Extensions
[2010.08.01 09:49:19 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\mozilla\Firefox\Profiles\jiekbg54.default\extensions
[2010.04.13 20:08:56 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Users\Dizzy\AppData\Roaming\mozilla\Firefox\Profiles\jiekbg54.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2010.07.22 08:46:39 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Dizzy\AppData\Roaming\mozilla\Firefox\Profiles\jiekbg54.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.29 22:42:20 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Dizzy\AppData\Roaming\mozilla\Firefox\Profiles\jiekbg54.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.05.27 08:49:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dizzy\AppData\Roaming\mozilla\Firefox\Profiles\jiekbg54.default\extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8}
[2009.10.29 12:24:22 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\mozilla\Firefox\Profiles\jiekbg54.default\extensions\anycolor.pavlos256@gmail.com
[2010.04.17 14:23:28 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\mozilla\Firefox\Profiles\jiekbg54.default\extensions\firegestures@xuldev.org
[2010.07.01 12:29:54 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\mozilla\Firefox\Profiles\jiekbg54.default\extensions\tabscroll@mthamil
[2010.08.01 09:49:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.02.25 18:08:05 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.04.19 09:18:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npyaxmpb.dll
[2010.03.16 12:43:10 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.03.16 12:43:10 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.03.16 12:43:10 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.03.16 12:43:10 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.03.16 12:43:10 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.07.28 23:25:09 | 000,415,700 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 14347 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
O4:64bit: - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKCU..\Run: [EPSON Stylus DX7400 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_IATICDE.EXE File not found
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Dizzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk = C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 [2010.05.05 09:43:35 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 [2010.05.05 09:43:35 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2010.05.05 09:43:35 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2010.05.05 09:43:35 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2010.05.05 09:43:35 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2010.05.05 09:43:35 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2010.05.05 09:43:35 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1 [2010.05.05 09:43:35 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2010.05.05 09:43:35 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2010.06.25 09:30:02 | 000,000,000 | ---D | M]
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([www.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.02.10 03:55:59 | 000,423,304 | R--- | M] (Electronic Arts) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 08:21:09 | 000,000,000 | ---D | M] - E:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2010.01.31 10:21:13 | 000,367,686 | R--- | M] () - E:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:55:03 | 009,965,568 | R--- | M] () - E:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:54:55 | 000,000,155 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{198c4d4f-c221-11de-b138-00040ecc8efb}\Shell - "" = AutoRun
O33 - MountPoints2\{198c4d4f-c221-11de-b138-00040ecc8efb}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{38da3731-c20a-11de-80ad-0024211dabfd}\Shell - "" = AutoRun
O33 - MountPoints2\{38da3731-c20a-11de-80ad-0024211dabfd}\Shell\AutoRun\command - "" = G:\pushinst.exe -- File not found
O33 - MountPoints2\{85f41f1d-c209-11de-ad50-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{85f41f1d-c209-11de-ad50-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.02.10 03:55:59 | 000,423,304 | R--- | M] (Electronic Arts)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010.02.10 03:55:59 | 000,423,304 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010.08.01 12:51:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2010.08.01 12:38:46 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\AppData\Local\PunkBuster
[2010.08.01 10:50:21 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\AppData\Roaming\Malwarebytes
[2010.08.01 10:50:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.08.01 10:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.01 10:50:13 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.08.01 10:50:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.07.31 09:35:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.07.29 18:25:59 | 000,000,000 | ---D | C] -- C:\Games
[2010.07.29 18:24:43 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\Desktop\LoL Stand
[2010.07.28 23:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.07.28 23:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.07.27 19:53:47 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\AppData\Local\76561197964233719
[2010.07.27 19:53:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2010.07.26 13:08:11 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\Desktop\Gamunex
[2010.07.26 11:21:28 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\Documents\BFBC2
[2010.07.26 09:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2010.07.26 09:48:51 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\Desktop\Gamunex C4D Mail
[2010.07.12 23:02:17 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\Documents\Wizards of the Coast
[2010.07.12 12:40:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010.07.12 12:39:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2010.07.10 09:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\KingsIsle Entertainment
[2010.07.08 13:04:57 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\AppData\Roaming\Wizards of the Coast
[2010.07.08 13:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wizards of the Coast
[2010.06.26 12:46:47 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\AppData\Local\Ascaron Entertainment
[2010.06.26 12:45:08 | 000,000,000 | ---D | C] -- C:\Windows\506DDFBE983F4BC384B865F423B2D798.TMP
[2010.06.26 11:30:52 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.06.26 11:30:52 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.06.26 11:30:52 | 000,122,904 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.06.26 11:30:52 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.06.26 11:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ascaron Entertainment
[2010.06.26 11:00:05 | 000,000,000 | ---D | C] -- C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
[2010.06.26 10:57:11 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\Desktop\S2
[2010.06.23 16:39:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2010.06.23 15:32:26 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\RebusManagerProjects
[2010.06.23 15:27:43 | 000,000,000 | ---D | C] -- C:\Rebus
[2010.06.20 10:13:26 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\AppData\Roaming\Facebook
[2010.06.10 12:06:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Firefly Studios
[2010.06.10 11:59:46 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\Documents\Stronghold 2
[2010.06.10 11:59:34 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010.06.10 11:48:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefly Studios
[2010.06.04 12:43:51 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\Documents\SightSpeed Recordings
[2010.06.04 12:37:17 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\AppData\Local\LogiShrd
[2010.06.04 12:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2010.06.02 15:55:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2010.06.02 11:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.06.02 11:26:28 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\AppData\Roaming\ooVoo Details
[2010.06.02 11:26:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ooVoo
[2010.06.02 11:15:12 | 000,897,024 | ---- | C] (ActMask hxxp://www.all2pdf.com) -- C:\Windows\SysWow64\SaveTo.dll
[2010.06.02 11:15:01 | 002,535,424 | ---- | C] (DynaForms GmbH) -- C:\Windows\SysWow64\CPDF.dll
[2010.06.02 11:15:01 | 000,883,200 | ---- | C] (ActMask Co.,Ltd - hxxp://www.all2pdf.com) -- C:\Windows\SysNative\PrintDisp.exe
[2010.06.02 11:15:01 | 000,065,536 | ---- | C] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) -- C:\Windows\SysNative\PrintCtrl.exe
[2010.06.02 11:14:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010.06.02 11:14:56 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ActPrint
[2010.06.02 11:14:54 | 001,170,944 | ---- | C] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) -- C:\Windows\SysNative\PrtClient.exe
[2010.06.02 11:14:54 | 000,826,880 | ---- | C] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) -- C:\Windows\SysNative\SetupDrv.exe
[2010.06.02 11:14:54 | 000,740,864 | ---- | C] (ActMask - hxxp://www.all2pdf.com) -- C:\Windows\SysNative\PrtTools.exe
[2010.06.02 11:14:54 | 000,375,808 | ---- | C] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) -- C:\Windows\SysNative\SetPrinter.exe
[2010.06.02 11:14:51 | 000,000,000 | ---D | C] -- C:\Programme\iVisit
[2010.06.02 02:21:24 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\Desktop\Dantherm
[2010.05.20 11:47:12 | 000,000,000 | ---D | C] -- C:\Riot Games
[2010.05.20 11:25:24 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\AppData\Local\PMB Files
[2010.05.20 11:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010.05.17 11:38:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010.05.12 16:22:20 | 000,000,000 | ---D | C] -- C:\Users\Dizzy\AppData\Roaming\LolClient
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 90 Days ==========
 
[2010.08.01 15:07:14 | 006,553,600 | -HS- | M] () -- C:\Users\Dizzy\NTUSER.DAT
[2010.08.01 14:34:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.01 13:17:48 | 000,218,808 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.08.01 13:03:04 | 000,218,808 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.08.01 13:01:03 | 000,794,408 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.08.01 13:01:03 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.08.01 12:53:35 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.01 12:53:35 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.01 12:52:17 | 001,501,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.01 12:52:17 | 000,654,096 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.08.01 12:52:17 | 000,615,760 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.01 12:52:17 | 000,130,952 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.08.01 12:52:17 | 000,107,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.08.01 12:51:08 | 000,001,297 | ---- | M] () -- C:\Users\Dizzy\Desktop\Revo Uninstaller.lnk
[2010.08.01 12:47:42 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.01 12:46:19 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.01 12:46:18 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2010.08.01 12:46:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.01 12:46:13 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.01 12:45:07 | 012,240,916 | -H-- | M] () -- C:\Users\Dizzy\AppData\Local\IconCache.db
[2010.08.01 12:25:10 | 000,100,908 | ---- | M] () -- C:\Users\Dizzy\Desktop\SystemLook.exe
[2010.08.01 10:50:17 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.01 10:46:49 | 000,001,040 | ---- | M] () -- C:\Users\Dizzy\Desktop\CCleaner.lnk
[2010.07.29 18:27:28 | 000,001,726 | ---- | M] () -- C:\Users\Dizzy\Desktop\Start League of Legends.lnk
[2010.07.28 23:25:09 | 000,415,700 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.07.28 23:04:59 | 000,001,291 | ---- | M] () -- C:\Users\Dizzy\Desktop\Spybot - Search & Destroy.lnk
[2010.07.28 07:07:24 | 000,000,221 | ---- | M] () -- C:\Users\Dizzy\Desktop\Disciples III Renaissance - Demo.url
[2010.07.27 19:53:03 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.07.27 19:53:03 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.07.27 19:53:02 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.07.27 19:53:02 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.07.13 16:39:25 | 000,038,729 | ---- | M] () -- C:\Users\Dizzy\Desktop\1-af18aa73243cb6a8191b58e896f89e94.jpg
[2010.07.11 01:53:10 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.07.10 09:44:41 | 000,000,817 | ---- | M] () -- C:\Users\Public\Desktop\Play Wizard101.lnk
[2010.07.10 09:26:21 | 000,035,432 | ---- | M] () -- C:\Users\Dizzy\Documents\cc_20100710_092616.reg
[2010.07.09 13:20:18 | 222,713,280 | ---- | M] () -- C:\Users\Dizzy\Documents\reg_backup.reg
[2010.07.08 13:06:29 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\BattleForge™.lnk
[2010.06.26 21:45:40 | 002,875,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.06.26 12:59:39 | 000,059,000 | ---- | M] () -- C:\Users\Dizzy\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.06.23 16:39:33 | 000,001,040 | ---- | M] () -- C:\Users\Dizzy\Desktop\SpeedFan.lnk
[2010.06.23 16:39:33 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.06.12 20:59:40 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Vid.lnk
[2010.06.10 11:59:34 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010.05.31 19:10:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.05.14 21:56:06 | 010,830,680 | ---- | M] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010.05.14 21:56:06 | 010,830,680 | ---- | M] () -- C:\Windows\SysNative\LogiDPP.dll
[2010.05.14 21:56:06 | 000,102,744 | ---- | M] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010.05.14 21:56:06 | 000,102,744 | ---- | M] () -- C:\Windows\SysNative\LogiDPPApp.exe
[2010.05.14 21:55:58 | 000,290,648 | ---- | M] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010.05.14 21:55:58 | 000,290,648 | ---- | M] () -- C:\Windows\SysNative\DevManagerCore.dll
[2010.05.14 21:47:38 | 000,266,828 | ---- | M] () -- C:\Windows\SysNative\drivers\LVAFT.cfg
[2010.05.12 09:58:39 | 000,000,460 | ---- | M] () -- C:\Users\Dizzy\Documents\cc_20100512_095834.reg
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.01 13:16:49 | 000,218,808 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.08.01 13:13:20 | 000,846,336 | ---- | C] () -- C:\Users\Dizzy\Desktop\pbsetup.exe
[2010.08.01 13:01:03 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.08.01 12:51:08 | 000,001,297 | ---- | C] () -- C:\Users\Dizzy\Desktop\Revo Uninstaller.lnk
[2010.08.01 12:36:36 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.08.01 12:25:10 | 000,100,908 | ---- | C] () -- C:\Users\Dizzy\Desktop\SystemLook.exe
[2010.08.01 10:50:17 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.29 18:27:28 | 000,001,726 | ---- | C] () -- C:\Users\Dizzy\Desktop\Start League of Legends.lnk
[2010.07.28 23:04:59 | 000,001,291 | ---- | C] () -- C:\Users\Dizzy\Desktop\Spybot - Search & Destroy.lnk
[2010.07.27 20:12:46 | 000,000,221 | ---- | C] () -- C:\Users\Dizzy\Desktop\Disciples III Renaissance - Demo.url
[2010.07.13 16:39:24 | 000,038,729 | ---- | C] () -- C:\Users\Dizzy\Desktop\1-af18aa73243cb6a8191b58e896f89e94.jpg
[2010.07.11 01:53:10 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.07.10 09:44:41 | 000,000,817 | ---- | C] () -- C:\Users\Public\Desktop\Play Wizard101.lnk
[2010.07.10 09:26:19 | 000,035,432 | ---- | C] () -- C:\Users\Dizzy\Documents\cc_20100710_092616.reg
[2010.07.09 13:20:07 | 222,713,280 | ---- | C] () -- C:\Users\Dizzy\Documents\reg_backup.reg
[2010.07.08 13:06:29 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\BattleForge™.lnk
[2010.06.23 16:39:33 | 000,001,040 | ---- | C] () -- C:\Users\Dizzy\Desktop\SpeedFan.lnk
[2010.06.23 16:39:32 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.06.14 18:58:53 | 000,218,808 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.06.04 12:34:43 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Vid.lnk
[2010.06.04 12:33:42 | 000,082,289 | ---- | C] () -- C:\Windows\SysNative\lvcoin64.ini
[2010.06.04 12:33:42 | 000,034,068 | ---- | C] () -- C:\Windows\SysNative\Repository.reg
[2010.06.04 12:32:35 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2010.06.02 11:15:01 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2010.06.02 11:14:55 | 000,524,288 | ---- | C] () -- C:\Windows\SysNative\PrtPass.exe
[2010.06.02 11:14:54 | 000,691,200 | ---- | C] () -- C:\Windows\SysNative\PrintLog.exe
[2010.05.31 19:10:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.05.14 21:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010.05.14 21:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\SysNative\LogiDPP.dll
[2010.05.14 21:56:06 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010.05.14 21:56:06 | 000,102,744 | ---- | C] () -- C:\Windows\SysNative\LogiDPPApp.exe
[2010.05.14 21:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010.05.14 21:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\SysNative\DevManagerCore.dll
[2010.05.14 21:47:38 | 000,266,828 | ---- | C] () -- C:\Windows\SysNative\drivers\LVAFT.cfg
[2010.05.12 09:58:37 | 000,000,460 | ---- | C] () -- C:\Users\Dizzy\Documents\cc_20100512_095834.reg
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.02.26 07:59:16 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2009.11.12 00:52:25 | 001,526,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.02.01 09:18:14 | 000,009,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\FlashSys.sys
 
========== LOP Check ==========
 
[2009.10.26 14:40:09 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\DAEMON Tools Lite
[2010.03.10 10:55:37 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\EveHQ
[2010.03.06 14:04:41 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\EVEMon
[2010.06.20 10:13:26 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\Facebook
[2010.03.20 02:20:20 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\GetRightToGo
[2009.10.26 11:59:42 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\Leadertech
[2010.05.12 16:22:20 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\LolClient
[2009.10.26 12:34:52 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2009.11.12 00:50:12 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\MAXON
[2010.06.02 11:28:21 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\ooVoo Details
[2009.10.26 12:02:04 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\Thunderbird
[2009.12.08 17:03:10 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\Tropico 3
[2010.02.07 22:43:24 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\TS3Client
[2010.03.20 10:41:03 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\Turbine
[2009.10.26 15:20:29 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\Ubisoft
[2010.07.08 13:08:55 | 000,000,000 | ---D | M] -- C:\Users\Dizzy\AppData\Roaming\Wizards of the Coast
[2010.05.13 08:10:37 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >