OTL logfile created on: 22.06.2011 20:46:32 - Run 3
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\Hody\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
10,00 Gb Total Physical Memory | 8,57 Gb Available Physical Memory | 85,70% Memory free
16,84 Gb Paging File | 15,42 Gb Available in Paging File | 91,54% Paging File free
Paging file location(s): k:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 41,93 Gb Free Space | 42,94% Space Free | Partition Type: NTFS
Drive D: | 115,04 Gb Total Space | 70,11 Gb Free Space | 60,95% Space Free | Partition Type: NTFS
Drive E: | 100,10 Gb Total Space | 19,20 Gb Free Space | 19,18% Space Free | Partition Type: NTFS
Drive F: | 100,33 Gb Total Space | 1,33 Gb Free Space | 1,32% Space Free | Partition Type: NTFS
Drive G: | 7,67 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive J: | 95,37 Gb Total Space | 91,29 Gb Free Space | 95,72% Space Free | Partition Type: NTFS
Drive K: | 100,10 Gb Total Space | 1,00 Gb Free Space | 1,00% Space Free | Partition Type: NTFS
Drive L: | 102,62 Gb Total Space | 73,06 Gb Free Space | 71,20% Space Free | Partition Type: NTFS
Drive M: | 232,88 Gb Total Space | 42,23 Gb Free Space | 18,13% Space Free | Partition Type: NTFS
Drive N: | 7,55 Gb Total Space | 0,51 Gb Free Space | 6,79% Space Free | Partition Type: FAT32
Drive Y: | 3,87 Mb Total Space | 3,42 Mb Free Space | 88,32% Space Free | Partition Type: NTFS
 
Computer Name: FRANKENSTEIN2 | User Name: Hody | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Hody\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Hody\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (IGDCTRL) -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
SRV:[b]64bit:[/b] - (vfsFPService) -- C:\Windows\SysNative\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (LMIMaint) -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe (LogMeIn, Inc.)
SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (LogMeIn) -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (LogMeIn, Inc.)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (HauppaugeTVServer) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (DAUpdaterSvc) -- E:\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (DpHost) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (TMPService) -- C:\Program Files (x86)\TrafficMonitor\TMPacketServiceInit.exe (Mirko Böer)
SRV - (vfsFPService) -- C:\Windows\SysWOW64\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (hitmanpro35) -- C:\Windows\SysNative\drivers\hitmanpro35.sys ()
DRV:[b]64bit:[/b] - (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (dc3d) MS Hardware Device Detection Driver (USB) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (avmaudio) -- C:\Windows\SysNative\drivers\avmaudio.sys (AVM Berlin)
DRV:[b]64bit:[/b] - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV:[b]64bit:[/b] - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SBRE) -- C:\Windows\SysNative\drivers\SBREDrv.sys (Sunbelt Software)
DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:[b]64bit:[/b] - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:[b]64bit:[/b] - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:[b]64bit:[/b] - (hcw88vid) -- C:\Windows\SysNative\drivers\hcw88vid.sys (Hauppauge Computer Works, Inc)
DRV:[b]64bit:[/b] - (HCW88TSE) -- C:\Windows\SysNative\drivers\hcw88tse.sys (Hauppauge Computer Works, Inc)
DRV:[b]64bit:[/b] - (hcw88rc5) -- C:\Windows\SysNative\drivers\hcw88rc5.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (hcw88bda) -- C:\Windows\SysNative\drivers\hcw88bda.sys (Hauppauge Computer Works, Inc)
DRV:[b]64bit:[/b] - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:[b]64bit:[/b] - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia)
DRV:[b]64bit:[/b] - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:[b]64bit:[/b] - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:[b]64bit:[/b] - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:[b]64bit:[/b] - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:[b]64bit:[/b] - (VNA) -- C:\Windows\SysNative\drivers\vna.sys (Check Point Software Technologies)
DRV:[b]64bit:[/b] - (SKYNET) -- C:\Windows\SysNative\drivers\SkyNET_AMD64.sys (TechniSat Digital, S.A.)
DRV:[b]64bit:[/b] - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:[b]64bit:[/b] - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:[b]64bit:[/b] - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (USBPNPA) -- C:\Windows\SysNative\drivers\CM10864.sys (C-Media Electronics Inc)
DRV:[b]64bit:[/b] - (usbdpfp) -- C:\Windows\SysNative\drivers\usbdpfp.sys (DigitalPersona, Inc.)
DRV:[b]64bit:[/b] - (dpK00701) -- C:\Windows\SysNative\drivers\dpK00701.sys (DigitalPersona, Inc.)
DRV:[b]64bit:[/b] - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:[b]64bit:[/b] - (LMIRfsDriver) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV:[b]64bit:[/b] - (radpms) -- C:\Windows\SysNative\drivers\radpms.sys (LogMeIn, Inc.)
DRV:[b]64bit:[/b] - (lmimirr) -- C:\Windows\SysNative\drivers\lmimirr.sys (LogMeIn, Inc.)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (EverestDriver) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 ()
DRV - (LMIInfo) -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys (LogMeIn, Inc.)
DRV - (hotcore3) -- C:\Windows\SysWOW64\drivers\hotcore3.sys (Paragon Software Group)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hody.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A7 D5 A2 CA 9D 56 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010.01.12 10:13:53 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Programme\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Cm108Sound] C:\Windows\Syswow64\cm108.dll (C-Media Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [SpybotSnD] C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [HijackThis startup scan] C:\Program Files (x86)\Trend Micro\HiJackThis\HijackThis.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [TrafficMonitor] C:\Program Files (x86)\TrafficMonitor\TrafficMonitor.exe (Mirko Böer)
O4 - Startup: C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\android-notifier-desktop.lnk = C:\Programme\Android Notifier Desktop\android-notifier-desktop.exe ()
O4 - Startup: C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Hody\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk =  File not found
O4 - Startup: C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk = C:\Users\Hody\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:[b]64bit:[/b] - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} https://saarbruecken.vpn.ids-scheer.com/CSHELL/extender.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} http://download.pplive.com/config/pplite/pluginsetup.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/x64/RACtrl.cab (Performance Viewer Activex Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.03.15 18:58:20 | 000,000,037 | -H-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare) - G:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.14 05:17:18 | 000,000,058 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010.01.27 15:05:13 | 000,000,040 | -H-- | M] () - M:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008.05.08 15:04:58 | 000,000,044 | ---- | M] () - N:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{aa9cd049-d7c8-11de-9230-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{aa9cd049-d7c8-11de-9230-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 
Drivers32:[b]64bit:[/b] aux - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] aux2 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] aux3 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] aux4 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] aux5 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] aux6 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] aux7 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi3 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi4 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi5 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi6 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi7 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi8 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi9 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midimapper - midimap.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer3 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer4 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer5 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer6 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer7 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer8 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer9 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:[/b] msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave3 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave4 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave5 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave6 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave7 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave8 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave9 - wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux5 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux6 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux7 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi5 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi6 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi7 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi8 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi9 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer5 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer6 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer7 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer8 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer9 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()
Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave5 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave6 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave7 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave8 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave9 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Error creating restore point.
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011.06.22 20:34:14 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Hody\Desktop\OTL.exe
[2011.06.22 14:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Hagel Technologies
[2011.06.22 14:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011.06.22 14:21:34 | 000,000,000 | ---D | C] -- F:\Hodys\Simply Super Software
[2011.06.22 14:21:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2011.06.22 14:21:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ztvcabinet.dll
[2011.06.22 14:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2011.06.22 14:21:22 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Roaming\Simply Super Software
[2011.06.22 14:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2011.06.22 12:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.06.22 12:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.06.22 12:50:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011.06.22 12:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.06.22 12:13:40 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.06.22 00:30:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011.06.22 00:30:36 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011.06.19 23:04:31 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Local\ALK_Technologies
[2011.06.19 23:03:58 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Roaming\ALK Technologies
[2011.06.19 22:34:31 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
[2011.06.19 19:30:19 | 000,000,000 | ---D | C] -- C:\Users\Hody\.android
[2011.06.19 19:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Notifier Desktop
[2011.06.19 19:30:14 | 000,000,000 | ---D | C] -- C:\Programme\Android Notifier Desktop
[2011.06.16 02:41:39 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.06.16 02:41:39 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.06.16 02:41:38 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.06.16 02:41:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.06.16 02:41:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.06.16 02:41:37 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011.06.16 02:41:37 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.06.16 02:41:37 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.06.15 20:41:39 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.06.15 19:23:39 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2011.06.15 19:23:03 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Roaming\Dropbox
[2011.06.14 20:41:40 | 000,203,320 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2011.06.14 20:41:32 | 000,093,496 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2011.06.10 20:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Useful Apps
[2011.06.10 20:37:32 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Barcode Receiver
[2011.06.10 20:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Barcode Receiver
[2011.06.08 22:01:15 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Roaming\Malwarebytes
[2011.06.08 22:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.06.08 22:01:00 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.06.08 21:28:33 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Local\PackageAware
[2011.06.02 21:13:05 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Roaming\Mp3tag
[2011.06.02 21:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
[2011.06.02 21:12:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3tag
[2011.06.02 14:07:59 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Roaming\CompanionLink
[2011.06.02 13:49:45 | 000,000,000 | ---D | C] -- C:\Temp
[2011.06.02 13:16:47 | 000,000,000 | -HSD | C] -- C:\Users\Hody\Phone Browser
[2011.06.02 12:27:22 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Local\Samsung
[2011.06.02 11:53:39 | 000,000,000 | ---D | C] -- F:\Hodys\samsung
[2011.06.02 02:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2011.06.02 02:01:05 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2011.06.02 02:00:58 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2011.06.02 02:00:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2011.06.02 02:00:40 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Roaming\Samsung
[2011.06.02 02:00:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2011.06.02 02:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2011.06.02 01:59:55 | 000,000,000 | ---D | C] -- C:\Users\Hody\AppData\Local\Downloaded Installations
[2011.06.01 22:19:25 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2011.05.27 23:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Tastatur
[2011.05.27 23:05:09 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliType Pro
[2011.05.27 00:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus
[2011.05.27 00:14:07 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliPoint
[2011.05.24 19:58:07 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011.06.22 20:46:25 | 000,025,806 | ---- | M] () -- C:\Windows\SysWow64\notepad2.ini
[2011.06.22 20:45:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.22 20:45:37 | 3756,904,447 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.22 20:43:51 | 000,025,616 | ---- | M] () -- C:\Windows\notepad2.ini
[2011.06.22 20:34:14 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Hody\Desktop\OTL.exe
[2011.06.22 20:28:39 | 000,001,014 | ---- | M] () -- C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk
[2011.06.22 20:17:56 | 001,507,170 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.22 20:17:56 | 000,657,438 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.06.22 20:17:56 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.22 20:17:56 | 000,130,810 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.06.22 20:17:56 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.22 20:15:32 | 000,000,276 | ---- | M] () -- C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\android-notifier-desktop.lnk
[2011.06.22 20:15:15 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.22 20:15:15 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.22 20:14:52 | 000,000,069 | ---- | M] () -- C:\Windows\SysWow64\everest_cpl.ini
[2011.06.22 20:01:46 | 000,415,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.06.22 19:51:59 | 000,025,616 | ---- | M] () -- C:\Windows\SysNative\notepad2.ini
[2011.06.22 19:37:07 | 000,023,112 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011.06.22 18:39:56 | 000,265,577 | ---- | M] () -- C:\Users\Hody\Desktop\virus.JPG
[2011.06.22 14:47:33 | 000,001,920 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2011.06.22 14:33:21 | 000,002,144 | ---- | M] () -- F:\Hodys\DU Meter Report.html
[2011.06.22 14:21:00 | 000,052,573 | ---- | M] () -- C:\Users\Hody\Desktop\Unbenannt.JPG
[2011.06.22 12:51:57 | 000,001,292 | ---- | M] () -- C:\Users\Hody\Desktop\Spybot - Search & Destroy.lnk
[2011.06.22 00:30:36 | 000,002,971 | ---- | M] () -- C:\Users\Hody\Desktop\HiJackThis.lnk
[2011.06.20 00:04:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2011.06.19 17:15:26 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.06.19 17:15:26 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\statistics.dat
[2011.06.19 17:15:26 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.06.15 19:25:50 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.06.15 19:25:25 | 000,001,043 | ---- | M] () -- C:\Users\Hody\Desktop\Dropbox.lnk
[2011.06.15 19:23:49 | 000,001,023 | ---- | M] () -- C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011.06.14 20:41:40 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2011.06.14 20:41:32 | 000,093,496 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2011.06.08 21:41:20 | 000,000,036 | ---- | M] () -- C:\Users\Hody\AppData\Local\housecall.guid.cache
[2011.06.05 01:44:53 | 000,000,078 | ---- | M] () -- C:\Users\Hody\AppData\Local\CrystalDiskMark30.ini
[2011.06.02 21:12:47 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2011.06.02 02:04:32 | 000,001,957 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.06.22 20:28:39 | 000,001,014 | ---- | C] () -- C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk
[2011.06.22 18:39:56 | 000,265,577 | ---- | C] () -- C:\Users\Hody\Desktop\virus.JPG
[2011.06.22 14:47:33 | 000,001,920 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2011.06.22 14:30:54 | 000,023,112 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011.06.22 14:21:24 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2011.06.22 14:21:24 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
[2011.06.22 14:21:24 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2011.06.22 14:21:24 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2011.06.22 14:21:00 | 000,052,573 | ---- | C] () -- C:\Users\Hody\Desktop\Unbenannt.JPG
[2011.06.22 12:50:32 | 000,001,292 | ---- | C] () -- C:\Users\Hody\Desktop\Spybot - Search & Destroy.lnk
[2011.06.22 00:30:36 | 000,002,971 | ---- | C] () -- C:\Users\Hody\Desktop\HiJackThis.lnk
[2011.06.20 00:04:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2011.06.19 19:30:36 | 000,000,276 | ---- | C] () -- C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\android-notifier-desktop.lnk
[2011.06.15 19:25:25 | 000,001,043 | ---- | C] () -- C:\Users\Hody\Desktop\Dropbox.lnk
[2011.06.15 19:23:49 | 000,001,023 | ---- | C] () -- C:\Users\Hody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011.06.08 21:41:20 | 000,000,036 | ---- | C] () -- C:\Users\Hody\AppData\Local\housecall.guid.cache
[2011.06.05 01:44:28 | 000,000,078 | ---- | C] () -- C:\Users\Hody\AppData\Local\CrystalDiskMark30.ini
[2011.06.02 21:12:47 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2011.06.02 02:04:32 | 000,001,957 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2011.05.14 10:28:44 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.05.14 10:28:44 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.05.14 10:28:43 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\statistics.dat
[2011.04.27 14:19:32 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.04.27 14:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.04.27 14:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.04.27 14:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.04.27 14:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.04.19 09:22:57 | 000,001,832 | ---- | C] () -- C:\Users\Hody\AppData\Local\SLC_Hody.prx
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.11.16 21:14:55 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix108.dll
[2010.11.16 21:14:25 | 000,000,128 | ---- | C] () -- C:\Windows\Cm108.ini.imi
[2010.09.19 21:48:49 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.09.19 21:48:48 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.09.19 21:48:34 | 000,037,574 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.09.19 21:48:05 | 000,142,337 | ---- | C] () -- C:\Windows\SysWow64\Wait.exe
[2010.09.19 21:41:33 | 000,002,302 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2010.04.11 23:03:40 | 000,139,816 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.03.20 11:44:03 | 000,000,218 | ---- | C] () -- C:\Windows\iepreview.ini
[2010.02.17 00:56:53 | 000,000,297 | ---- | C] () -- C:\Windows\Cm108.ini.cfl
[2010.02.17 00:56:35 | 000,002,029 | ---- | C] () -- C:\Windows\Cm108.ini.cfg
[2010.02.17 00:56:35 | 000,001,151 | ---- | C] () -- C:\Windows\cm108.ini
[2010.01.18 01:04:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.01.13 01:29:37 | 001,538,568 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.01.09 22:44:48 | 000,011,264 | ---- | C] () -- C:\Users\Hody\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.24 02:57:48 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.12.12 03:31:40 | 000,000,017 | ---- | C] () -- C:\Users\Hody\AppData\Local\resmon.resmoncfg
[2009.12.03 23:33:48 | 004,244,744 | ---- | C] () -- C:\Windows\SysWow64\qtp-mt334.dll
[2009.12.03 23:33:48 | 000,247,560 | ---- | C] () -- C:\Windows\SysWow64\prgiso.dll
[2009.12.03 23:33:48 | 000,013,576 | ---- | C] () -- C:\Windows\SysWow64\wnaspi32.dll
[2009.11.26 00:39:03 | 000,025,616 | ---- | C] () -- C:\Windows\notepad2.ini
[2009.11.24 03:03:19 | 000,000,069 | ---- | C] () -- C:\Windows\SysWow64\everest_cpl.ini
[2009.11.23 05:44:32 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009.11.23 05:44:32 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.08.16 12:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.08.03 03:16:32 | 001,012,736 | ---- | C] () -- C:\Windows\SysWow64\Notepad2.exe
[2009.07.28 02:00:00 | 000,025,806 | ---- | C] () -- C:\Windows\SysWow64\notepad2.ini
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:56:36 | 001,012,736 | ---- | C] () -- C:\Windows\notepad.exe
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.14 01:41:04 | 001,012,736 | ---- | C] () -- C:\Windows\SysWow64\notepad.exe
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.05.29 17:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.05.29 17:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.05.14 16:29:30 | 000,008,520 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2007.11.14 18:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\CogentBioSDK.dll
[2007.02.05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2009.11.24 09:13:03 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011.06.22 20:45:36 | 000,166,611 | ---- | M] () -- C:\aaw7boot.log
[2006.09.18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010.11.20 05:40:08 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2009.11.23 02:38:36 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2006.09.18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010.09.20 22:06:59 | 000,087,832 | ---- | M] () -- C:\hcwDriverInstall.txt
[2011.06.22 20:45:37 | 3756,904,447 | -HS- | M] () -- C:\hiberfil.sys
[2009.10.01 23:26:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009.10.01 23:26:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009.11.25 12:19:34 | 000,000,698 | ---- | M] () -- C:\RemoveCodec.iss
 
[color=#A23BEC]< %systemroot%\system32\*.wt >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.ruy >[/color]
 
[color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
[2009.07.14 07:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009.07.14 07:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009.07.14 07:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.07.14 07:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
[color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
 
[color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
[2009.06.10 22:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
 
[color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
 
[color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color]
 
[color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color]
 
[color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.jpg >[/color]
 
[color=#A23BEC]< %systemroot%\*.scr >[/color]
 
[color=#A23BEC]< %systemroot%\*._sy >[/color]
 
[color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color]
 
[color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color]
 
[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[2009.07.14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
 
[color=#A23BEC]< %APPDATA%\Update\*.* >[/color]
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
 
[color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color]
[2010.11.20 05:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
 
[color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color]
[2010.11.20 05:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
 
[color=#A23BEC]< %systemroot%\system32\ws2help.dll /md5 >[/color]
[2009.07.14 03:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\SysWOW64\ws2help.dll
 
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 05:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 06:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
[color=#A23BEC]< MD5 for: WININIT.EXE  >[/color]
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2010.11.20 06:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 06:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:711B5EDE
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >