| ArkeologeN | 20.02.2012 21:29 |
Code:
OTL logfile created on: 20.02.2012 21:12:50 - Run 1
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Konstantin\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,72 Gb Available Physical Memory | 67,89% Memory free
8,00 Gb Paging File | 6,31 Gb Available in Paging File | 78,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 780,63 Gb Total Space | 611,10 Gb Free Space | 78,28% Space Free | Partition Type: NTFS
Computer Name: KONSTANTINS-PC | User Name: Konstantin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.02.19 23:07:25 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Konstantin\Desktop\OTL.exe
PRC - [2012.02.19 14:45:24 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.10.15 12:23:49 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.10.11 15:05:59 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 15:05:48 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2011.10.11 15:05:46 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 15:05:46 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.09.30 14:16:06 | 002,155,848 | ---- | M] () -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.12.17 13:22:06 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.12.28 09:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [Disabled | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007.04.29 22:55:08 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxcgcoms.exe -- (lxcg_device)
SRV - [2012.02.19 14:45:24 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.02.14 11:10:48 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.01.24 13:50:46 | 000,168,864 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\WireHelpSvc.exe -- (WireHelpSvc)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.10.15 12:23:49 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.10.11 15:05:59 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 15:05:48 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.10.11 15:05:46 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.01.15 03:20:04 | 000,415,072 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe -- (Dyyno Launcher)
SRV - [2010.09.30 14:16:06 | 002,155,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.04.29 22:54:44 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxcgcoms.exe -- (lxcg_device)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.02.19 14:45:31 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.01.24 13:50:38 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:64bit: - [2011.12.17 13:27:34 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.12.17 13:27:10 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.12.17 13:26:43 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.10.11 15:06:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.10.11 15:06:11 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.09.23 12:25:54 | 000,272,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011.07.19 12:08:18 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2011.06.18 06:09:36 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.04.18 11:11:38 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1)
DRV:64bit: - [2010.06.14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.04.27 03:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.04.27 03:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010.04.27 03:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010.04.27 03:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2010.04.27 03:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV:64bit: - [2010.04.27 03:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV:64bit: - [2009.11.18 11:30:56 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.01 22:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.02.17 17:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb)
DRV:64bit: - [2008.02.12 02:59:18 | 000,297,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Treiber\VMM.sys -- (vmm)
DRV:64bit: - [2008.02.05 00:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV:64bit: - [2006.12.05 10:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV - [2011.03.18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2010.06.14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.01.18 22:37:32 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\raspppoe.sys -- (RasPppoe)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2132976033-2582622444-1119226143-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKU\S-1-5-21-2132976033-2582622444-1119226143-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2132976033-2582622444-1119226143-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2132976033-2582622444-1119226143-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4B EC 87 01 12 29 CC 01 [binary data]
IE - HKU\S-1-5-21-2132976033-2582622444-1119226143-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2132976033-2582622444-1119226143-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2132976033-2582622444-1119226143-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Konstantin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.05.22 14:04:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.05.22 14:04:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.17 17:44:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.24 05:25:10 | 000,000,000 | ---D | M]
[2012.02.03 01:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Konstantin\AppData\Roaming\mozilla\Extensions
[2012.02.03 01:19:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Konstantin\AppData\Roaming\mozilla\Firefox\Profiles\pwhdhrhp.default\extensions
[2012.02.19 12:33:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\KONSTANTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PWHDHRHP.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.02.17 17:44:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.03 01:25:36 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.29 15:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.29 14:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 15:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.06.14 11:45:57 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.01.29 15:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 15:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 15:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-2132976033-2582622444-1119226143-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-2132976033-2582622444-1119226143-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-2132976033-2582622444-1119226143-1000\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [LXCGCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXCGtime.DLL ()
O4:64bit: - HKLM..\Run: [lxcgmon.exe] C:\Program Files (x86)\Lexmark 2300 Series\lxcgmon.exe (Lexmark International, Inc.)
O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2132976033-2582622444-1119226143-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8128EBD5-C04D-4BBB-B6F5-68BC5CCFA2BA}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.09.23 13:20:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{352eb94a-9998-11e0-b325-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{352eb94a-9998-11e0-b325-00ff01000001}\Shell\AutoRun\command - "" = I:\Setup.exe
O33 - MountPoints2\{4bc1d62b-e104-11e0-a047-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{4bc1d62b-e104-11e0-a047-00ff01000001}\Shell\AutoRun\command - "" = F:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
MsConfig:64bit - StartUpFolder: C:^Users^Konstantin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk - C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE - ()
MsConfig:64bit - StartUpReg: AutoStartNPSAgent - hkey= - key= - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: Dyyno Launcher - hkey= - key= - C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe ()
MsConfig:64bit - StartUpReg: ESL Wire - hkey= - key= - C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
MsConfig:64bit - StartUpReg: EzPrint - hkey= - key= - C:\Program Files (x86)\Lexmark 2300 Series\ezprint.exe (Lexmark International Inc.)
MsConfig:64bit - StartUpReg: ICQ - hkey= - key= - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - xvidvfw.dll File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.02.20 09:41:21 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{33C682A8-9889-48AB-A9A8-C42473067584}
[2012.02.20 09:41:09 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{4F5380D2-367A-47F7-B7A1-314925F777FA}
[2012.02.19 23:07:20 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Konstantin\Desktop\OTL.exe
[2012.02.19 13:41:39 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\Microsoft Games
[2012.02.19 12:45:15 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Roaming\Avira
[2012.02.19 12:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.02.19 12:44:42 | 000,132,320 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.02.19 12:44:42 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.02.19 12:44:42 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.02.19 12:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.02.19 12:44:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.02.19 12:33:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.02.19 10:58:12 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{DF858A04-6C73-4970-9929-0C6952DA2D64}
[2012.02.19 10:57:31 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{66C1CF10-F600-4895-AF2F-AD8CF1B58340}
[2012.02.18 18:57:24 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.02.18 17:59:45 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Roaming\Malwarebytes
[2012.02.18 17:59:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.18 17:59:36 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.02.18 17:59:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.18 17:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.18 17:57:43 | 004,763,456 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Konstantin\Desktop\procexp.exe
[2012.02.18 17:26:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.02.18 17:24:46 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Konstantin\Desktop\esetsmartinstaller_enu.exe
[2012.02.18 10:34:34 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{155150D8-CAEC-4A30-BD89-10CD152E514E}
[2012.02.18 10:34:17 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{844AA980-DDA8-4AAC-9610-9709A7C7B6E8}
[2012.02.17 11:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.02.17 11:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.02.17 11:34:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.02.17 11:29:10 | 000,000,000 | ---D | C] -- C:\AMD
[2012.02.17 11:18:53 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{EF2E4D7D-EAC2-4EB3-B822-566E22C34021}
[2012.02.17 11:18:37 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{99F9771C-16A9-4775-9139-B1155C48AF18}
[2012.02.16 20:54:06 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{76336C92-9548-41B7-9D57-B9176CEBE552}
[2012.02.16 20:53:47 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{46BA236F-3FAA-4F9F-9EC2-FB06B99CE566}
[2012.02.16 07:02:10 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{83279375-F674-4C3D-9B15-C4707F09D4CF}
[2012.02.16 07:01:54 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{529FEA91-A64F-45B2-8898-8C46A06482F0}
[2012.02.15 07:25:07 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{70FFD563-16E4-4E1D-81BC-FD5F53E22F86}
[2012.02.15 07:24:46 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{AC63696B-3A61-4807-9ADF-8234C2BA0B38}
[2012.02.14 04:29:24 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{ACBC54CF-69E0-4BC5-A6E0-0619389BA4C4}
[2012.02.14 04:29:06 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{9C1BE537-7FCA-4321-BF09-53D85D355CB4}
[2012.02.13 10:35:35 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{419463FE-B906-4A8A-9422-6F5EF0B668EA}
[2012.02.13 10:35:16 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{D2E9D427-AE57-4E69-987E-B8AB437B19D5}
[2012.02.12 09:29:31 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{5FD75202-D5DB-4A16-A828-A1A6EB2947AA}
[2012.02.12 09:29:15 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{639433D0-8F06-4031-BF6C-95F36D7027E4}
[2012.02.11 15:30:20 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{AF2880C5-9E96-409D-AEC0-CE1ECD23140A}
[2012.02.11 15:30:08 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{03A5E2D7-7CF7-4CBD-B133-5973D2A4495D}
[2012.02.11 03:29:39 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{B2C45660-0B30-45C3-A0B8-5B0F578292D1}
[2012.02.11 03:29:26 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{B8CFEC15-E4FE-49EC-A1C6-E1E49DD212F4}
[2012.02.10 12:08:59 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{DA050DC5-DE34-45FA-A7F0-FBCEEF0D078A}
[2012.02.10 12:08:42 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{43753DDC-700D-440D-811D-542E045EB3F9}
[2012.02.09 09:50:32 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{72022ADE-5C99-4A72-9013-D184B087631C}
[2012.02.09 09:50:15 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{D066A34D-3648-40F7-9EB7-1D46AB10204E}
[2012.02.08 20:49:36 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{77ED8C20-4ACA-4274-8FFB-C4C1EB6C432E}
[2012.02.08 20:49:24 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{B36B9C78-0F99-4C57-B741-3CBE61969A99}
[2012.02.08 19:36:01 | 001,075,528 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Konstantin\Desktop\procexp64.exe
[2012.02.08 08:48:50 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{D06886AC-24D2-48D6-860F-69541EECA156}
[2012.02.08 08:48:33 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{D03400A8-1779-4C89-BA06-62E524155FE7}
[2012.02.07 11:24:13 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{EF80E3D9-CF12-4C9D-AB8A-9392000DDA0F}
[2012.02.07 11:23:58 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{D3760354-BA16-4083-B046-E05ADF80ED3A}
[2012.02.06 10:18:29 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{70AB0ED5-48BB-49FD-9E99-CC6ECF956BFD}
[2012.02.06 10:17:50 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{99EE05FE-D76B-40CB-A9D0-849CF8F06B76}
[2012.02.05 15:47:43 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\Documents\ICQ
[2012.02.05 09:14:49 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{AB82F8E1-4AF2-4A8D-9317-4CAD0D6E21F2}
[2012.02.05 09:14:26 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{80F3667C-499E-4DDD-929C-20FD643C43D8}
[2012.02.04 18:12:59 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
[2012.02.04 18:12:51 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\jagexcache
[2012.02.04 11:11:49 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{B71FD386-E305-48DB-9A4E-EB40FF0AF5BD}
[2012.02.04 11:11:28 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{637D989C-0FBD-407A-B043-FD6C4DFAACEB}
[2012.02.03 12:07:55 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{5343FC9C-B615-45A3-998A-1122942420CD}
[2012.02.03 12:06:51 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{B7923CAC-D175-4B20-BBDF-9B1532C07103}
[2012.02.03 01:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.02.03 01:13:17 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.02.03 01:12:26 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Roaming\Mozilla
[2012.02.02 12:45:27 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{4FD8C202-7552-465B-BD91-5F8C109645EA}
[2012.02.02 12:45:11 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{9F2D19E1-D11A-4AE8-AAD2-31D2B8FE661E}
[2012.02.01 08:16:42 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{B1AA55C0-BC07-4F7E-9FE6-76E4B4B51452}
[2012.02.01 08:16:16 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{7B051D50-1C18-4D89-8D3F-4F63C5CA2499}
[2012.01.31 09:21:14 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{2417A506-872D-4FC3-86FA-1C82E173F867}
[2012.01.31 09:20:55 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{DD1A6D38-2A9C-4316-B4DB-CEBF78C9B366}
[2012.01.30 11:31:13 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{D5F15E5C-C5B7-4E25-9998-4112E832FD5C}
[2012.01.30 11:31:00 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{35AF465B-7256-4D17-BDEF-6BAEE267DD2F}
[2012.01.29 23:30:32 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{EEC6DCC6-0EF5-40BF-86CD-19308D89B0CB}
[2012.01.29 23:30:20 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{DEDDF53A-037C-45EC-81E1-470ED11860F1}
[2012.01.29 11:29:41 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{1359295B-5CE1-4D59-87F7-B0F991CDE506}
[2012.01.29 11:29:08 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{9D344C1E-CFCE-4B72-ABF8-5B21C1A3D517}
[2012.01.28 10:23:29 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{2C501E7F-A295-438D-B1B3-6EFB8C91F095}
[2012.01.28 10:23:17 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{00DDFA00-0ED5-41A7-9C0F-55B18E100F82}
[2012.01.27 22:22:47 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{B576DF12-94C6-484C-A8B7-76B31F45BE79}
[2012.01.27 22:22:33 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{ADD0EB5F-6AEE-4E49-88AF-04387AAE1320}
[2012.01.27 20:29:11 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\Documents\Outlook-Dateien
[2012.01.27 07:18:13 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{471A6C58-5AAC-4537-84A5-C119BB839552}
[2012.01.27 07:18:00 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{E56CE5FF-5689-4321-9879-607DDCD28727}
[2012.01.26 10:58:32 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{F6295647-5C85-494B-9B39-A10FF366F72D}
[2012.01.26 10:58:17 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{554A8280-F75C-444E-9214-C8A1517D3232}
[2012.01.25 09:48:52 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{E344BD82-1BB6-4C6A-AE3D-75557D529316}
[2012.01.25 09:48:20 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{65F2BAE4-268B-422A-967D-28337BADDE4A}
[2012.01.24 10:00:47 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{843B86DF-B9FF-497E-8809-5C97AD617705}
[2012.01.24 10:00:22 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{FCF61FB6-4914-459E-947A-3D721DF41FE9}
[2012.01.23 19:47:26 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{47CA6ACD-C286-408D-9BB0-6FAC70D09E18}
[2012.01.23 19:47:13 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{43CB5D28-0D57-41A1-BF53-DF5DE8C9110C}
[2012.01.23 07:46:39 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{1606BA7E-90F4-4548-9420-7741193C19A2}
[2012.01.23 07:46:22 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{73C2777D-B362-4A21-8E29-96248FF78D2F}
[2012.01.22 23:04:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012.01.22 23:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.01.22 23:03:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012.01.22 23:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012.01.22 23:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2012.01.22 23:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012.01.22 23:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012.01.22 23:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012.01.22 23:00:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012.01.22 22:59:22 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\Microsoft Help
[2012.01.22 22:59:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.01.22 22:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.01.22 22:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.01.22 22:58:40 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.01.22 11:09:03 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{CE9D1316-7A84-4333-99E7-1B9D01412E92}
[2012.01.22 11:08:50 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{1B295E41-DF8B-409C-A0AD-8633DB7C31CD}
[2012.01.21 23:08:15 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{94C7A359-0D3D-446C-9B21-6493D9BF7C95}
[2012.01.21 23:07:48 | 000,000,000 | ---D | C] -- C:\Users\Konstantin\AppData\Local\{D6D97A1E-6FE2-4666-AD4B-F8608EF87856}
[2012.01.17 19:43:06 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcginpa.dll
[2012.01.17 19:43:06 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgiesc.dll
[2012.01.17 19:43:05 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgserv.dll
[2012.01.17 19:43:05 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgusb1.dll
[2012.01.17 19:43:05 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcghbn3.dll
[2012.01.17 19:43:05 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcomc.dll
[2012.01.17 19:43:05 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgpmui.dll
[2012.01.17 19:43:05 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcglmpm.dll
[2012.01.17 19:43:05 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcoms.exe
[2012.01.17 19:43:05 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcomm.dll
[2012.01.17 19:43:05 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgih.exe
[2012.01.17 19:43:05 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgcfg.exe
[2012.01.17 19:43:05 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgppls.exe
[2012.01.17 19:43:05 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgprox.dll
[2012.01.17 19:43:05 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcgpplc.dll
[2012.01.17 19:22:22 | 000,305,664 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcghcp.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.02.20 21:08:23 | 000,000,032 | ---- | M] () -- C:\Users\Konstantin\jagex_cl_runescape_LIVE.dat
[2012.02.20 10:47:20 | 000,020,467 | ---- | M] () -- C:\Users\Konstantin\Desktop\823530519054e1683f5f9d6c06b23986f15a8292441d98b5625130ffd430dcbe6a44b995.jpg
[2012.02.20 10:25:20 | 000,612,577 | ---- | M] () -- C:\Users\Konstantin\Desktop\Foto0176.jpg2.jpg
[2012.02.20 10:20:34 | 000,723,019 | ---- | M] () -- C:\Users\Konstantin\Desktop\Foto0176.jpg
[2012.02.20 10:20:28 | 000,637,923 | ---- | M] () -- C:\Users\Konstantin\Desktop\Foto0177.jpg
[2012.02.20 10:17:45 | 001,527,504 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.20 10:17:45 | 000,666,072 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.20 10:17:45 | 000,625,252 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.20 10:17:45 | 000,135,280 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.20 10:17:45 | 000,110,890 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.20 09:47:17 | 000,019,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.20 09:47:17 | 000,019,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.20 09:39:55 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro64 startups.job
[2012.02.20 09:39:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.20 09:39:42 | 3220,615,168 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.19 23:07:25 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Konstantin\Desktop\OTL.exe
[2012.02.19 14:45:31 | 000,132,320 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.02.19 12:44:59 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.02.19 12:19:53 | 081,313,744 | ---- | M] () -- C:\Users\Konstantin\Desktop\avira_antivirus_premium_de.exe
[2012.02.18 17:59:37 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.18 17:38:36 | 000,000,024 | ---- | M] () -- C:\Users\Konstantin\jagexappletviewer.preferences
[2012.02.18 17:26:03 | 026,304,337 | ---- | M] () -- C:\Users\Konstantin\Desktop\avira_free_antivirus_898de.exe
[2012.02.18 17:24:54 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Konstantin\Desktop\esetsmartinstaller_enu.exe
[2012.02.17 23:13:55 | 000,020,821 | ---- | M] () -- C:\Users\Konstantin\Desktop\I hate Travian.odt
[2012.02.16 20:57:42 | 000,000,779 | ---- | M] () -- C:\Users\Public\Desktop\ESL Wire.lnk
[2012.02.15 08:36:14 | 000,000,050 | ---- | M] () -- C:\Users\Konstantin\jagex_cl_runescape_LIVE1.dat
[2012.02.08 20:15:25 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.02.08 19:39:28 | 541,215,670 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.02.08 19:36:01 | 001,075,528 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Konstantin\Desktop\procexp64.exe
[2012.02.04 18:12:59 | 000,002,092 | ---- | M] () -- C:\Users\Konstantin\Desktop\RuneScape.lnk
[2012.02.03 01:12:17 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.02.03 00:54:17 | 000,007,598 | ---- | M] () -- C:\Users\Konstantin\AppData\Local\Resmon.ResmonCfg
[2012.01.24 13:50:46 | 000,168,864 | ---- | M] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2012.01.24 13:50:38 | 000,147,472 | ---- | M] (<Turtle Entertainment>) -- C:\Windows\SysNative\drivers\ESLWireACD.sys
[2012.01.23 07:45:07 | 000,514,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.02.20 10:47:20 | 000,020,467 | ---- | C] () -- C:\Users\Konstantin\Desktop\823530519054e1683f5f9d6c06b23986f15a8292441d98b5625130ffd430dcbe6a44b995.jpg
[2012.02.20 10:25:20 | 000,612,577 | ---- | C] () -- C:\Users\Konstantin\Desktop\Foto0176.jpg2.jpg
[2012.02.20 10:17:59 | 000,723,019 | ---- | C] () -- C:\Users\Konstantin\Desktop\Foto0176.jpg
[2012.02.20 10:17:59 | 000,637,923 | ---- | C] () -- C:\Users\Konstantin\Desktop\Foto0177.jpg
[2012.02.19 12:44:59 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.02.19 12:15:46 | 081,313,744 | ---- | C] () -- C:\Users\Konstantin\Desktop\avira_antivirus_premium_de.exe
[2012.02.18 17:59:37 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.18 17:57:43 | 000,072,268 | ---- | C] () -- C:\Users\Konstantin\Desktop\procexp.chm
[2012.02.18 17:24:50 | 026,304,337 | ---- | C] () -- C:\Users\Konstantin\Desktop\avira_free_antivirus_898de.exe
[2012.02.04 18:13:25 | 000,000,024 | ---- | C] () -- C:\Users\Konstantin\jagexappletviewer.preferences
[2012.02.04 18:12:59 | 000,002,122 | ---- | C] () -- C:\Users\Konstantin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
[2012.02.04 18:12:59 | 000,002,092 | ---- | C] () -- C:\Users\Konstantin\Desktop\RuneScape.lnk
[2012.02.03 01:12:17 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.02.03 01:12:16 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.01.29 21:23:42 | 000,004,334 | ---- | C] () -- C:\Users\Konstantin\Desktop\config.cfg
[2012.01.17 19:43:06 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxcgcomx.dll
[2012.01.17 19:43:06 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\lxcginst.dll
[2011.12.17 13:26:54 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.12.17 13:24:31 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.12.17 13:22:18 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.12.17 05:25:13 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2011.12.17 05:25:13 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll
[2011.12.17 05:25:13 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll
[2011.12.05 22:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.05 22:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.10.15 12:23:51 | 000,281,656 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.10.15 12:23:49 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.09.05 18:02:28 | 000,100,712 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.08.05 11:09:32 | 000,007,598 | ---- | C] () -- C:\Users\Konstantin\AppData\Local\Resmon.ResmonCfg
[2011.07.12 19:08:35 | 000,000,098 | ---- | C] () -- C:\Users\Konstantin\AppData\Local\fusioncache.dat
[2011.07.12 19:05:50 | 001,553,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.07.05 14:21:23 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2011.06.18 12:30:16 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011.06.18 12:30:16 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011.06.18 12:30:16 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011.06.18 12:25:55 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.05.20 21:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
========== LOP Check ==========
[2011.09.15 05:55:14 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\BitComet
[2011.10.04 17:06:21 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\bizarre creations
[2011.12.26 18:40:10 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\concept design
[2011.06.17 18:11:28 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\DAEMON Tools Lite
[2011.06.18 12:22:15 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\DAEMON Tools Pro
[2011.09.04 22:22:02 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Dyyno
[2011.06.10 13:33:51 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\FileZilla
[2012.02.18 15:26:28 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\ICQ
[2011.06.14 14:41:30 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\JonDo
[2011.12.24 17:48:58 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\MAGIX
[2011.07.12 23:58:39 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\OpenOffice.org
[2011.05.17 17:07:06 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Publish Providers
[2011.09.01 17:15:08 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\RenPy
[2011.05.23 22:55:56 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Samsung
[2011.07.04 18:19:59 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Sierra
[2011.07.04 18:30:31 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Sierra Entertainment
[2011.05.17 17:07:04 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Sony
[2011.09.23 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\TeamViewer
[2012.01.05 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\TS3Client
[2011.06.23 14:21:36 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Unity
[2011.07.08 00:34:37 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\WinBatch
[2011.10.04 17:34:19 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Windows Live Writer
[2012.02.20 09:39:55 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\PC Optimizer Pro64 startups.job
[2012.02.08 19:37:38 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.07.10 22:04:39 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Adobe
[2012.01.02 12:01:04 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Apple Computer
[2001.12.31 23:11:13 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\ATI
[2012.02.19 12:45:15 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Avira
[2011.09.15 05:55:14 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\BitComet
[2011.10.04 17:06:21 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\bizarre creations
[2011.12.26 18:40:10 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\concept design
[2011.06.17 18:11:28 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\DAEMON Tools Lite
[2011.06.18 12:22:15 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\DAEMON Tools Pro
[2012.01.18 17:41:06 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Download Manager
[2011.09.04 22:22:02 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Dyyno
[2011.06.10 13:33:51 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\FileZilla
[2012.02.18 15:26:28 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\ICQ
[2011.05.15 12:01:18 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Identities
[2011.06.14 14:41:30 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\JonDo
[2011.05.15 12:28:03 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Macromedia
[2011.12.24 17:48:58 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\MAGIX
[2012.02.18 17:59:45 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Malwarebytes
[2009.07.14 19:18:19 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Media Center Programs
[2012.01.27 19:11:27 | 000,000,000 | --SD | M] -- C:\Users\Konstantin\AppData\Roaming\Microsoft
[2012.02.03 01:12:29 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Mozilla
[2011.07.12 23:58:39 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\OpenOffice.org
[2011.05.17 17:07:06 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Publish Providers
[2011.09.01 17:15:08 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\RenPy
[2011.05.23 22:55:56 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Samsung
[2011.07.04 18:19:59 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Sierra
[2011.07.04 18:30:31 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Sierra Entertainment
[2012.01.24 22:00:11 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Skype
[2011.05.17 17:07:04 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Sony
[2011.09.23 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\TeamViewer
[2012.01.05 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\TS3Client
[2011.06.23 14:21:36 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Unity
[2011.08.24 21:41:33 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\vlc
[2011.07.08 00:34:37 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\WinBatch
[2011.10.04 17:34:19 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\Windows Live Writer
[2011.05.16 14:18:50 | 000,000,000 | ---D | M] -- C:\Users\Konstantin\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2011.10.04 19:57:52 | 010,274,313 | ---- | M] (Igor Pavlov) -- C:\Users\Konstantin\AppData\Roaming\bizarre creations\blur\BizUpdaterPack.exe
[2012.02.04 18:12:59 | 000,015,086 | R--- | M] () -- C:\Users\Konstantin\AppData\Roaming\Microsoft\Installer\{5D87C09F-512F-474A-A306-0FE3B89C396F}\launcher.exe
[2011.08.20 20:11:07 | 000,010,134 | R--- | M] () -- C:\Users\Konstantin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >
|
