Computer bootet und führt Programme langsam aus (evtl. Virus?)
Hallo mein Computer bootet langsam und startet Programme sehr langsam.
Habe mal mit OTL gescannt vielleicht erkennt jemand was verdächtiges.
Schonmal THX für die Hilfe im vorraus Code:
OTL logfile created on: 11.02.2012 03:09:44 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\fly
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 40,37% Memory free
8,00 Gb Paging File | 5,64 Gb Available in Paging File | 70,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 245,59 Gb Free Space | 52,74% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 446,18 Gb Free Space | 47,90% Space Free | Partition Type: NTFS
Computer Name: DUDDILS-PC | User Name: Duddils | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.02.11 02:59:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\fly\OTL.exe
PRC - [2012.02.09 11:58:18 | 000,222,528 | ---- | M] (TuneUp Software) -- C:\Program Files (x86)\TuneUp Utilities 2012\UninstallManager.exe
PRC - [2012.02.03 19:06:13 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.01.31 21:41:52 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.23 15:46:25 | 000,399,512 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2011.08.18 23:00:00 | 002,068,832 | ---- | M] (Cerulean Studios) -- C:\Program Files (x86)\Trillian\trillian.exe
PRC - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccsvchst.exe
PRC - [2011.01.27 14:31:36 | 000,556,072 | ---- | M] (ROCCAT GmbH) -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
PRC - [2010.10.22 01:00:00 | 002,105,344 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
PRC - [2010.10.22 01:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
PRC - [2009.12.16 21:39:36 | 000,196,608 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Valo Keyboard\ValoMonitor.EXE
PRC - [2009.06.24 22:30:02 | 000,061,440 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Valo Keyboard\ValoOSD.exe
PRC - [2009.03.28 09:50:04 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ROCCAT\Valo Keyboard\Applets\ValoLCDClock.exe
========== Modules (No Company Name) ==========
MOD - [2012.02.09 11:43:12 | 013,416,256 | ---- | M] () -- C:\Program Files (x86)\TuneUp Utilities 2012\libcef.dll
MOD - [2012.01.31 21:41:52 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.01.23 15:46:26 | 002,123,928 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2012.01.23 15:46:26 | 000,161,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.01.23 15:46:26 | 000,021,144 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012.01.08 17:31:02 | 000,079,872 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components\RadioWMPCoreGecko10.dll
MOD - [2011.11.25 12:59:11 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011.08.18 23:00:00 | 000,193,024 | ---- | M] () -- C:\Program Files (x86)\Trillian\libspeex.dll
MOD - [2011.08.18 23:00:00 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Trillian\libungif.dll
MOD - [2011.08.18 23:00:00 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Trillian\zlib1.dll
MOD - [2011.05.04 03:51:59 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2native.dll
MOD - [2010.06.22 13:50:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll
MOD - [2010.05.25 10:12:14 | 000,010,240 | ---- | M] () -- c:\users\duddils\appdata\roaming\trillian\languages\de\buddy.dll
MOD - [2010.05.25 10:12:14 | 000,007,680 | ---- | M] () -- c:\users\duddils\appdata\roaming\trillian\languages\de\talk.dll
MOD - [2010.05.25 10:12:14 | 000,007,168 | ---- | M] () -- c:\users\duddils\appdata\roaming\trillian\languages\de\events.dll
MOD - [2010.05.25 10:12:14 | 000,006,144 | ---- | M] () -- c:\users\duddils\appdata\roaming\trillian\languages\de\trillian.dll
MOD - [2010.05.25 10:12:14 | 000,002,048 | ---- | M] () -- c:\users\duddils\appdata\roaming\trillian\languages\de\toolkit.dll
MOD - [2009.03.28 09:50:04 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ROCCAT\Valo Keyboard\Applets\ValoLCDClock.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.02.09 11:59:08 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011.12.06 04:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.12.05 22:15:08 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.11.12 04:50:40 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2010.12.13 14:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007.02.08 04:53:20 | 000,566,192 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxcjcoms.exe -- (lxcj_device)
SRV - [2012.02.09 11:59:08 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.02.09 11:59:06 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.02.03 19:06:13 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.24 22:33:52 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe -- (N360)
SRV - [2011.04.05 00:28:00 | 004,004,328 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2011.01.18 23:11:51 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010.10.22 01:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.01 16:57:50 | 000,077,032 | ---- | M] (Entriq, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\maxdome\DCBin\DCService.exe -- (Prosieben)
SRV - [2008.11.09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007.02.08 04:52:50 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxcjcoms.exe -- (lxcj_device)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.12.17 10:33:24 | 002,782,848 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kinonivd.sys -- (kinonivd)
DRV:64bit: - [2011.12.17 10:33:18 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kinonivad.sys -- (KINONI_Wave)
DRV:64bit: - [2011.12.06 04:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.12.06 04:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.12.06 03:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.12.02 18:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011.11.12 04:50:34 | 002,182,768 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.11.01 10:07:24 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011.11.01 10:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.11.01 10:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.11.01 10:07:24 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011.07.06 11:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011.06.23 07:43:04 | 001,071,032 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\wcmvcam64.sys -- (WCMVCAM)
DRV:64bit: - [2011.05.11 16:09:39 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011.04.21 02:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011.03.31 04:04:12 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2011.03.31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011.03.31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011.03.15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.23 01:57:49 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.01.27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\symds64.sys -- (SymDS)
DRV:64bit: - [2010.12.13 14:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010.11.16 02:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010.10.22 02:00:00 | 000,714,368 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV:64bit: - [2010.10.22 01:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2010.07.01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010.06.01 16:28:10 | 000,769,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arusb_win7x.sys -- (arusb_win7x)
DRV:64bit: - [2010.03.04 17:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010.02.25 15:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.09.24 12:38:48 | 000,027,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs)
DRV:64bit: - [2009.09.24 04:40:14 | 000,023,304 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:64bit: - [2009.08.26 10:16:52 | 000,030,344 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:64bit: - [2009.08.21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.16 11:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.14 01:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009.06.10 21:36:04 | 000,694,272 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxusbase.sys -- (FXUSBASE)
DRV:64bit: - [2009.06.10 21:36:02 | 000,079,872 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmcowan.sys -- (AVMCOWAN)
DRV:64bit: - [2009.06.10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.23 00:08:37 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009.04.10 20:58:52 | 000,014,720 | ---- | M] (ROCCAT Development, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ValoFltr.sys -- (ValFltr)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.12.11 14:56:54 | 000,015,488 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Kone.sys -- (KoneFltr)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.08.14 14:48:34 | 000,024,064 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\skfiltv.sys -- (skfiltv)
DRV - [2012.02.09 11:48:24 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.02.04 09:25:41 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011.12.16 00:33:20 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120209.002\IDSviA64.sys -- (IDSVia64)
DRV - [2011.12.01 03:25:03 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120207.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011.08.04 09:34:15 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120210.003\EX64.SYS -- (NAVEX15)
DRV - [2011.08.04 09:34:15 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120210.003\ENG64.SYS -- (NAVENG)
DRV - [2011.06.24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2011.06.24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.0)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 04:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {fc01c2be-850b-4115-9b6b-9a427ddecc34} - SOFTWARE\Classes\CLSID\{fc01c2be-850b-4115-9b6b-9a427ddecc34}\InprocServer32 File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.icq.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=15430
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.ask.com/?l=dis&o=15430"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.4.0024
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}:5.0.21
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=CLM&o=15427&locale=de_DE&apn_uid=83fa0279-d92c-45f8-bc7b-941d7fc33064&apn_ptnrs=LE&apn_sauid=9594239D-AF0E-4A88-AF9B-B948B34B1BEB&apn_dtid=YYYYYYYYDE&&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012.02.10 15:53:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_5_2 [2012.02.10 21:04:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.01.16 16:59:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.31 21:41:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.02.10 16:50:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.29 19:51:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2012.01.16 16:59:05 | 000,000,000 | ---D | M]
[2011.05.12 05:35:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Duddils\AppData\Roaming\mozilla\Extensions
[2011.05.12 05:35:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Duddils\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.02.10 19:36:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Duddils\AppData\Roaming\mozilla\Firefox\Profiles\mv1kkk8v.default\extensions
[2012.01.30 19:08:08 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Duddils\AppData\Roaming\mozilla\Firefox\Profiles\mv1kkk8v.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.05.21 02:08:29 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Duddils\AppData\Roaming\mozilla\Firefox\Profiles\mv1kkk8v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.12.25 18:45:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Duddils\AppData\Roaming\mozilla\Firefox\Profiles\mv1kkk8v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.01.09 18:52:11 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Duddils\AppData\Roaming\mozilla\Firefox\Profiles\mv1kkk8v.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.05.17 17:57:29 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Duddils\AppData\Roaming\mozilla\Firefox\Profiles\mv1kkk8v.default\extensions\battlefieldplay4free@ea.com
[2011.05.21 01:48:08 | 000,000,000 | ---D | M] (Plasmoo Search Engine) -- C:\Users\Duddils\AppData\Roaming\mozilla\Firefox\Profiles\mv1kkk8v.default\extensions\engine@plasmoo.com
[2012.02.10 20:15:40 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Duddils\AppData\Roaming\mozilla\Firefox\Profiles\mv1kkk8v.default\extensions\toolbar@ask.com
[2012.02.10 20:15:41 | 000,002,400 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\searchplugins\askcom.xml
[2012.02.10 23:10:32 | 000,000,950 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\searchplugins\icqplugin-2.xml
[2011.09.01 03:06:06 | 000,000,950 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\searchplugins\icqplugin-3.xml
[2011.09.07 14:22:46 | 000,000,950 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\searchplugins\icqplugin-4.xml
[2011.09.27 22:06:41 | 000,000,950 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\searchplugins\icqplugin-5.xml
[2011.10.06 18:55:26 | 000,000,950 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\searchplugins\icqplugin-6.xml
[2011.11.13 01:03:30 | 000,000,950 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\searchplugins\icqplugin-7.xml
[2012.01.09 18:52:18 | 000,000,950 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\searchplugins\icqplugin-8.xml
[2012.01.31 21:43:52 | 000,000,950 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\searchplugins\icqplugin-9.xml
[2011.06.18 18:35:39 | 000,001,056 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\searchplugins\icqplugin.xml
[2011.04.28 18:42:58 | 000,001,975 | ---- | M] () -- C:\Users\Duddils\AppData\Roaming\Mozilla\Firefox\Profiles\mv1kkk8v.default\searchplugins\plasmoo.xml
[2011.11.13 01:03:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.02.10 21:04:09 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN_2011_7_5_2
[2012.02.10 15:53:10 | 000,000,000 | ---D | M] (Symantec Intrusion Prevention) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
() (No name found) -- C:\USERS\DUDDILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MV1KKK8V.DEFAULT\EXTENSIONS\{1FC895A6-2042-46EC-A61B-233165B4C218}.XPI
() (No name found) -- C:\USERS\DUDDILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MV1KKK8V.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI
() (No name found) -- C:\USERS\DUDDILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MV1KKK8V.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2012.01.31 21:41:52 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009.12.17 00:03:36 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.09.27 22:04:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.27 22:04:29 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.09.27 22:04:29 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.12 21:14:50 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.09.27 22:04:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.27 22:04:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.27 22:04:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files (x86)\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
O4 - HKLM..\Run: [RoccatValo] C:\Program Files (x86)\ROCCAT\Valo Keyboard\ValoMonitor.EXE (ROCCAT)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Duddils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Duddils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Duddils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Duddils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_21-windows-i586.cab (Java Plug-in 1.5.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A3EA245-57B5-4AA0-8988-6800C47DB16B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B684E396-EB81-4CF9-AB13-E2B1D1DE59BA}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD7E13C5-9ECC-4DA0-9911-9B0BEA1DD32B}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\browserplusprefs.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\browserplusuninstaller.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\dctrayapp.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\yahoomessenger.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\browserplusprefs.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\browserplusuninstaller.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\dctrayapp.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\yahoomessenger.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{12a0ec8f-8208-11e0-91f0-001f3f08c770}\Shell - "" = AutoRun
O33 - MountPoints2\{12a0ec8f-8208-11e0-91f0-001f3f08c770}\Shell\AutoRun\command - "" = K:\pushinst.exe
O33 - MountPoints2\{347ea086-234b-11e0-9cb2-90e6ba566660}\Shell - "" = AutoRun
O33 - MountPoints2\{347ea086-234b-11e0-9cb2-90e6ba566660}\Shell\AutoRun\command - "" = K:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (Partizan)
O34 - HKLM BootExecute: (ootExecute settings...)
O34 - HKLM BootExecute: (ount)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{4F8F1C61-3CC8-4B4B-80F6-F57D9F5DDDA7} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe - (GamersFirst)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: BtTray - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: EADM - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: XboxStat - hkey= - key= - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.02.11 01:42:01 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Roaming\f-secure
[2012.02.11 01:41:38 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2012.02.10 23:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.02.10 23:16:08 | 000,039,184 | ---- | C] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2012.02.10 23:10:16 | 000,000,000 | ---D | C] -- C:\Windows\RestoreSafeDeleted
[2012.02.10 23:04:22 | 000,039,184 | ---- | C] (Greatis Software) -- C:\Windows\SysWow64\Partizan.exe
[2012.02.10 23:04:22 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\SysWow64\drivers\Partizan.sys
[2012.02.10 23:04:06 | 000,000,000 | ---D | C] -- C:\Users\Duddils\Documents\RegRun2
[2012.02.10 23:04:03 | 000,012,800 | ---- | C] (Greatis Software, LLC.) -- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys
[2012.02.10 23:04:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
[2012.02.10 23:04:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\regruninfo
[2012.02.10 23:04:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnHackMe
[2012.02.10 21:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter
[2012.02.10 21:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012.02.10 20:45:26 | 000,028,992 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012.02.10 20:45:25 | 000,035,648 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012.02.10 20:44:51 | 000,000,000 | -H-D | C] -- C:\Windows\Icons
[2012.02.10 19:36:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.02.10 19:36:20 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Roaming\WebcamMax
[2012.02.10 18:56:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Drivers For Free
[2012.02.10 18:56:21 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Local\Drivers_For_Free
[2012.02.10 18:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2012.02.10 18:55:11 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Roaming\Drivers For Free
[2012.02.10 18:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2012.02.10 18:30:33 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acer
[2012.02.10 18:30:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer
[2012.02.10 17:35:23 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.02.10 17:35:22 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.02.10 17:35:22 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.02.10 17:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012.02.10 17:34:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2012.02.10 17:33:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.02.10 16:49:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.02.10 16:49:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.02.10 16:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.02.10 12:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
[2012.02.10 12:45:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
[2012.02.10 12:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam
[2012.02.08 09:13:09 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Local\{1587E3EE-68E7-4F0B-9913-37D08E9E25EC}
[2012.02.08 09:12:57 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Local\{B1CE7700-CEC7-4D90-BA3A-8A7D957B222B}
[2012.02.05 13:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.02.05 13:00:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.02.05 13:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012.02.05 12:54:52 | 000,000,000 | ---D | C] -- C:\AMD
[2012.01.22 16:55:47 | 000,114,688 | ---- | C] (Warelex LLC) -- C:\Windows\SysWow64\BTCamVideoSource.dll
[2012.01.22 13:18:23 | 000,000,000 | ---D | C] -- C:\Users\Duddils\Documents\Mobiola Video Files
[2012.01.22 13:18:23 | 000,000,000 | ---D | C] -- C:\Users\Duddils\Documents\Mobiola Image Files
[2012.01.22 13:18:23 | 000,000,000 | ---D | C] -- C:\Users\Duddils\Documents\Mobiola Audio Files
[2012.01.22 13:18:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobiola Web Camera for S60
[2012.01.22 13:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.01.22 13:02:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.01.17 11:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SonicFocus
[2012.01.17 11:12:31 | 002,915,440 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIAPropPageExt.dll
[2012.01.17 11:12:31 | 002,182,768 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys
[2012.01.17 11:12:31 | 001,161,328 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaKaraokeApo.dll
[2012.01.17 11:12:31 | 000,675,952 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIASysFx.dll
[2012.01.17 11:12:31 | 000,202,864 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2012.01.17 11:12:31 | 000,116,848 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaKaraokePropPageExt.dll
[2012.01.17 11:12:31 | 000,091,760 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\Dts2PropPageExt.dll
[2012.01.17 11:12:31 | 000,090,224 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2012.01.17 11:12:31 | 000,027,760 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViakaraokeSrv.exe
[2012.01.17 11:10:31 | 003,746,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll
[2012.01.17 11:10:31 | 002,526,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll
[2012.01.17 11:10:31 | 000,239,208 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys
[2012.01.17 11:07:28 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DriverGenius
[2012.01.17 11:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2012.01.17 10:46:54 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Roaming\Nokia Suite
[2012.01.17 10:42:14 | 000,000,000 | ---D | C] -- C:\Users\Duddils\Documents\Nokia Suite
[2012.01.17 09:13:54 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Local\NokiaAccount
[2012.01.16 16:59:50 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Roaming\Nokia
[2012.01.16 16:59:50 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Local\Nokia
[2012.01.16 16:59:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012.01.16 16:59:45 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Roaming\PC Suite
[2012.01.16 16:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012.01.16 16:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2012.01.16 16:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2012.01.16 16:58:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012.01.16 16:58:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2012.01.16 16:56:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2012.01.16 16:15:27 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Local\{9FF249FC-5DAE-4302-B1E8-2A8EBD77FEF0}
[2012.01.16 16:15:16 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Local\{A939C7B0-FDC9-4DAF-A613-CE56573A0EEA}
[2012.01.16 03:50:54 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Local\{470961E4-F3E6-4646-AA79-624E7165744E}
[2012.01.16 03:50:39 | 000,000,000 | ---D | C] -- C:\Users\Duddils\AppData\Local\{3FFECAF2-447E-41AF-9C30-7DB6FF1909FA}
[2012.01.14 11:47:43 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.14 11:47:43 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.14 11:47:42 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.14 11:47:42 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.14 11:47:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.14 11:47:42 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.14 11:47:38 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.14 11:47:38 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.14 11:47:38 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.14 11:47:38 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.14 11:47:36 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.14 11:47:34 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.14 11:47:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2011.05.13 12:33:27 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjserv.dll
[2011.05.13 12:33:27 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjusb1.dll
[2011.05.13 12:33:27 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjhbn3.dll
[2011.05.13 12:33:27 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjpmui.dll
[2011.05.13 12:33:27 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjlmpm.dll
[2011.05.13 12:33:27 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjcoms.exe
[2011.05.13 12:33:27 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjinpa.dll
[2011.05.13 12:33:27 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjiesc.dll
[2011.05.13 12:33:27 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjih.exe
[2011.05.13 12:33:27 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjppls.exe
[2011.05.13 12:33:27 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjprox.dll
[2011.05.13 12:33:27 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjpplc.dll
[2011.05.13 12:33:26 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjcomc.dll
[2011.05.13 12:33:26 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjcomm.dll
[2011.05.13 12:33:26 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcjcfg.exe
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.02.11 02:11:47 | 000,000,512 | ---- | M] () -- C:\Users\Duddils\Desktop\MBR.dat
[2012.02.11 02:10:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 02:10:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 02:05:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.11 00:05:24 | 000,000,119 | ---- | M] () -- C:\Windows\SysWow64\Partizan.RRI
[2012.02.10 23:16:08 | 000,039,184 | ---- | M] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2012.02.10 23:04:22 | 000,039,184 | ---- | M] (Greatis Software) -- C:\Windows\SysWow64\Partizan.exe
[2012.02.10 23:04:22 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\SysWow64\drivers\Partizan.sys
[2012.02.10 23:04:08 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2012.02.10 23:04:08 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\CONFIG.NT
[2012.02.10 23:04:08 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2012.02.10 23:04:04 | 000,000,907 | ---- | M] () -- C:\Users\Duddils\Desktop\UnHackMe.lnk
[2012.02.10 21:23:03 | 000,001,175 | ---- | M] () -- C:\Users\Public\Desktop\RegHunter.lnk
[2012.02.10 21:02:43 | 000,003,488 | ---- | M] () -- C:\bootsqm.dat
[2012.02.10 19:35:32 | 001,450,478 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\Cat.DB
[2012.02.10 17:35:18 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.02.10 17:35:17 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.02.09 11:59:10 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.02.09 11:59:08 | 000,035,648 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012.02.09 11:59:08 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.02.09 11:59:06 | 000,028,992 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012.02.09 11:59:06 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.02.08 23:57:42 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.02.08 23:57:42 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.02.08 23:57:30 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.02.03 19:06:13 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.01.28 06:27:32 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0502000.00D\isolate.ini
[2012.01.25 18:56:43 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.25 18:56:43 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.25 18:56:43 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.25 18:56:43 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.25 18:56:43 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.23 17:01:14 | 000,012,800 | ---- | M] (Greatis Software, LLC.) -- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys
[2012.01.17 11:18:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.01.17 10:38:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.02.11 02:11:47 | 000,000,512 | ---- | C] () -- C:\Users\Duddils\Desktop\MBR.dat
[2012.02.10 23:16:08 | 000,000,119 | ---- | C] () -- C:\Windows\SysWow64\Partizan.RRI
[2012.02.10 23:04:08 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2012.02.10 23:04:08 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\CONFIG.NT
[2012.02.10 23:04:08 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2012.02.10 23:04:04 | 000,000,907 | ---- | C] () -- C:\Users\Duddils\Desktop\UnHackMe.lnk
[2012.02.10 21:23:01 | 000,001,175 | ---- | C] () -- C:\Users\Public\Desktop\RegHunter.lnk
[2012.02.10 21:02:43 | 000,003,488 | ---- | C] () -- C:\bootsqm.dat
[2012.02.10 17:35:17 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.02.10 17:35:17 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.02.10 17:35:01 | 000,002,179 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.02.10 16:50:24 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.01.17 11:18:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012.01.17 11:12:35 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2012.01.17 10:38:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011.12.18 15:14:34 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.12.18 15:14:34 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.12.18 15:14:33 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.12.05 22:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.05 22:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.10.13 21:29:40 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.08.26 09:39:21 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011.05.13 12:33:27 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxcjcomx.dll
[2011.05.13 12:33:27 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\lxcjinst.dll
[2011.05.13 06:52:46 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.05.13 06:52:39 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.13 04:52:38 | 000,197,728 | ---- | C] () -- C:\Windows\WinVd32.sys
[2011.05.13 04:52:37 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\WinFLsrv.exe
[2011.05.12 05:35:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.05.12 05:09:49 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\LckFldService.exe
[2011.05.12 05:09:48 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\fldlckun.exe
[2011.05.09 22:48:55 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2011.05.01 03:06:03 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.29 20:05:29 | 000,007,623 | ---- | C] () -- C:\Users\Duddils\AppData\Local\Resmon.ResmonCfg
[2011.03.01 00:54:05 | 000,000,023 | ---- | C] () -- C:\Windows\SWFDecompiler.INI
[2011.02.15 13:41:01 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2011.02.12 12:21:35 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.12 08:59:50 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011.02.12 08:59:50 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011.02.12 08:59:03 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2011.02.08 23:38:23 | 000,000,153 | ---- | C] () -- C:\Users\Duddils\AppData\Roaming\default.rss
[2011.02.08 23:38:08 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.02.02 20:21:20 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.01.19 00:03:48 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.01.18 23:11:16 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2011.01.18 23:11:16 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2011.01.18 23:11:15 | 000,128,512 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.01.18 23:11:15 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.01.18 22:25:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011.06.28 20:30:47 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\.minecraft
[2012.01.25 19:02:12 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\AbiSuite
[2011.08.26 09:39:33 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Atari
[2011.02.25 12:16:46 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\BFBC2CC
[2011.10.31 23:15:39 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\DAEMON Tools Lite
[2011.03.29 15:55:14 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\DarksporeData
[2011.06.22 18:16:01 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Day 1 Studios
[2012.02.10 18:55:11 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Drivers For Free
[2011.10.07 13:36:07 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\DVDVideoSoft
[2011.05.21 02:08:29 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.02.11 01:42:01 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\f-secure
[2012.02.09 19:10:59 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\FileZilla
[2011.07.04 20:09:48 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\go
[2011.08.05 12:19:36 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\ImgBurn
[2011.08.26 09:38:34 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Leadertech
[2011.02.07 04:02:50 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\LolClient
[2011.01.20 00:23:16 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\NewsLeecher
[2012.01.17 10:46:53 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Nokia
[2012.01.17 10:46:54 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Nokia Suite
[2011.10.31 19:28:25 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Origin
[2012.01.17 10:41:35 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\PC Suite
[2011.01.24 05:34:46 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Publish Providers
[2011.02.04 12:30:18 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\ROCCAT
[2011.03.18 17:37:20 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Screaming Bee
[2011.01.24 05:34:42 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Sony
[2011.03.16 01:50:01 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Systemberatung Schommer
[2011.06.24 20:46:48 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\TeamViewer
[2011.05.12 05:35:40 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Thunderbird
[2011.05.13 02:54:11 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Tific
[2011.02.09 02:01:20 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Trillian
[2012.01.09 20:38:30 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\TS3Client
[2012.02.10 20:39:55 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\TuneUp Software
[2011.09.09 23:59:26 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Tunngle
[2011.05.30 02:21:33 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\Utherverse
[2011.05.20 22:39:45 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\wargaming.net
[2012.02.10 19:36:20 | 000,000,000 | ---D | M] -- C:\Users\Duddils\AppData\Roaming\WebcamMax
[2012.01.16 07:31:42 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.05.13 03:49:41 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.06.18 01:39:50 | 000,000,000 | ---D | M] -- C:\A320_III_M2_LIM
[2012.02.05 12:54:52 | 000,000,000 | ---D | M] -- C:\AMD
[2011.01.19 22:15:32 | 000,000,000 | ---D | M] -- C:\ATI
[2011.01.18 22:35:07 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.05.05 01:59:32 | 000,000,000 | ---D | M] -- C:\Download
[2011.05.13 12:32:53 | 000,000,000 | ---D | M] -- C:\drivers
[2011.03.06 19:15:30 | 000,000,000 | ---D | M] -- C:\Fraps
[2011.05.20 19:37:57 | 000,000,000 | ---D | M] -- C:\Games
[2011.05.04 21:48:33 | 000,000,000 | ---D | M] -- C:\HanTemp
[2011.05.03 18:02:30 | 000,000,000 | ---D | M] -- C:\ijji
[2011.05.12 03:00:47 | 000,000,000 | ---D | M] -- C:\Nexon
[2011.01.19 22:22:27 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.02.10 21:23:01 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.02.10 23:47:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2012.02.11 01:41:38 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.01.18 22:35:07 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.01.18 22:35:07 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.02.15 06:37:33 | 000,000,000 | ---D | M] -- C:\Riot Games
[2011.03.27 06:54:53 | 000,000,000 | ---D | M] -- C:\Streaming
[2012.02.11 03:12:08 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.07.09 13:10:37 | 000,000,000 | R--D | M] -- C:\Users
[2012.02.10 23:10:16 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2009.06.02 23:05:03 | 002,607,616 | ---- | M] (Microsoft Corporation) MD5=33C215661503CC215326F36B69B379B7 -- C:\Users\Duddils\Desktop\-=BHBY=-\Neuer Ordner (2)\Tools, zugänge, usw.{21EC2020-3AEA-1069-A2DD-08002B30309D}\Windows 8\Windows\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: IASTORV.SYS >
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %USERPROFILE%\*.* >
[2012.02.11 03:18:41 | 003,670,016 | ---- | M] () -- C:\Users\Duddils\NTUSER.DAT
[2012.02.11 03:18:40 | 000,262,144 | -HS- | M] () -- C:\Users\Duddils\ntuser.dat.LOG1
[2011.01.18 22:38:08 | 000,000,000 | -HS- | M] () -- C:\Users\Duddils\ntuser.dat.LOG2
[2011.01.18 22:41:29 | 000,065,536 | -HS- | M] () -- C:\Users\Duddils\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011.01.18 22:41:29 | 000,524,288 | -HS- | M] () -- C:\Users\Duddils\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011.01.18 22:41:29 | 000,524,288 | -HS- | M] () -- C:\Users\Duddils\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2011.01.18 22:38:09 | 000,000,020 | -HS- | M] () -- C:\Users\Duddils\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< >
< End of report >
|
