. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Root at 21:35:09 on 2012-03-20 Microsoft Windows 7 Ultimate 6.1.7601.1.1256.966.1033.18.8190.5483 [GMT 3:00] . AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: FireWall *Disabled* {CE40CCC0-8ADB-6D67-25A0-C5B6438E4B57} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe C:\Windows\SysWOW64\vmnat.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\SysWOW64\vmnetdhcp.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Logitech Gaming Software\LCore.exe C:\Program Files (x86)\TechniSat DVB\bin\Server4PC.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyServer = 64.69.36.41:60000 mWinlogon: Userinit=userinit.exe, BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: LeapFTP Internet Explorer Hook: {a5479da1-7843-43a7-b5c0-be342c77b629} - C:\PROGRA~2\LEAPFT~1.0\lftpie.dll mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SERVER~1.LNK - C:\Program Files (x86)\TechniSat DVB\bin\Server4PC.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll LSP: %SystemRoot%\system32\vsocklib.dll TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{2FF17871-FEFF-42E7-A759-2CECC8E34661} : DhcpNameServer = 0.0.0.0 TCP: Interfaces\{C3CC0E41-54C4-45BC-B9ED-2FC07EF41E27} : DhcpNameServer = 192.168.1.1 192.168.1.1 BHO-X64: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll BHO-X64: IDM Helper - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: LeapFTP Internet Explorer Hook: {A5479DA1-7843-43A7-B5C0-BE342C77B629} - C:\PROGRA~2\LEAPFT~1.0\lftpie.dll mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun-x64: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Root\AppData\Roaming\Mozilla\Firefox\Profiles\s4ivins9.default\ FF - prefs.js: network.proxy.ftp - 83.170.97.240 FF - prefs.js: network.proxy.ftp_port - 60000 FF - prefs.js: network.proxy.http - 83.170.97.240 FF - prefs.js: network.proxy.http_port - 60000 FF - prefs.js: network.proxy.socks - 83.170.97.240 FF - prefs.js: network.proxy.socks_port - 60000 FF - prefs.js: network.proxy.ssl - 83.170.97.240 FF - prefs.js: network.proxy.ssl_port - 60000 FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R1 avfwot;avfwot;C:\Windows\System32\drivers\avfwot.sys [2011-8-16 131336] R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AntiVirFirewallService;Avira FireWall;C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [2011-10-11 616400] R2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [2011-10-11 342480] R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224] R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-11 110032] R2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2011-10-11 463824] R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?] R2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-31 652360] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-9 382272] R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448] R3 avfwim;AvFw Packet Filter Miniport;C:\Windows\system32\DRIVERS\avfwim.sys --> C:\Windows\system32\DRIVERS\avfwim.sys [?] R3 KeyScrambler;KeyScrambler;C:\Windows\system32\drivers\keyscrambler.sys --> C:\Windows\system32\drivers\keyscrambler.sys [?] R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\system32\DRIVERS\ladfGSCamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSCamd64.sys [?] R3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\system32\DRIVERS\ladfGSRamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSRamd64.sys [?] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-10-4 27808] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 LADF_DHP2;G35 DHP2 Filter Driver;C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys --> C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys [?] S3 LADF_SBVM;G35 SBVM Filter Driver;C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys --> C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\rtl8187.sys --> C:\Windows\system32\DRIVERS\rtl8187.sys [?] S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\system32\drivers\ScreamingBAudio64.sys --> C:\Windows\system32\drivers\ScreamingBAudio64.sys [?] S3 SKYNET;TechniSat DVB-PC TV Star PCI;C:\Windows\system32\DRIVERS\SkyNET_AMD64.SYS --> C:\Windows\system32\DRIVERS\SkyNET_AMD64.SYS [?] S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?] S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\system32\DRIVERS\tapoas.sys --> C:\Windows\system32\DRIVERS\tapoas.sys [?] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?] S3 VBoxUSB;VirtualBox USB;C:\Windows\system32\Drivers\VBoxUSB.sys --> C:\Windows\system32\Drivers\VBoxUSB.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-1-18 11839488] . =============== Created Last 30 ================ . 2030-08-29 13:22:31 56832 ------w- C:\Windows\SysWow64\iyvu9_32.dll 2030-08-29 13:22:31 143872 ------w- C:\Windows\SysWow64\iacenc.dll 2012-03-20 07:21:31 -------- d-----w- C:\Users\Root\AppData\Local\{52B8DD49-AAAF-489F-B319-1A8B0D980D15} 2012-03-20 07:21:20 -------- d-----w- C:\Users\Root\AppData\Local\{1487945F-1E49-49E5-83CA-50EF39047F6C} 2012-03-19 17:17:02 -------- d-----w- C:\Users\Root\AppData\Local\{DA2CACFE-485B-4BB9-B0D7-67AEFC37BF2E} 2012-03-19 17:16:51 -------- d-----w- C:\Users\Root\AppData\Local\{51F2F59B-4D0B-49A9-8676-253180D5115E} 2012-03-18 20:15:44 -------- d-----w- C:\Users\Root\AppData\Local\{BA192447-6FA9-4D99-8B09-3BECB23F5C09} 2012-03-18 20:15:33 -------- d-----w- C:\Users\Root\AppData\Local\{234C6BBF-486F-4E9E-8E80-2EBBB8D1DD58} 2012-03-18 13:41:30 -------- d-----w- C:\Program Files (x86)\LeapFTP 3.0 2012-03-15 21:59:04 -------- d-----w- C:\Users\Root\AppData\Local\{2595A5EB-C8CE-48A6-A8E1-5AC9E2D3C634} 2012-03-15 21:58:53 -------- d-----w- C:\Users\Root\AppData\Local\{5730992D-F25D-4DDE-913B-2AFC6E7AF29A} 2012-03-14 19:19:05 -------- d-----w- C:\Users\Root\AppData\Local\{F1D12FC2-47EB-4F9D-A0F3-A2B0B104F65E} 2012-03-14 19:18:54 -------- d-----w- C:\Users\Root\AppData\Local\{CF9058D2-0E38-4761-AC08-C952BB1C37BF} 2012-03-13 20:43:58 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-03-13 20:43:57 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-13 20:43:57 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-03-13 20:41:59 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-03-13 20:41:58 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-03-13 20:41:58 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-03-13 20:41:58 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-03-13 20:41:57 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-03-13 20:41:57 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-03-13 20:41:52 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll 2012-03-13 20:41:51 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-03-13 20:41:51 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-03-13 20:41:51 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-03-13 20:41:51 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-03-13 11:27:43 -------- d-----w- C:\Users\Root\AppData\Local\{768F1C0C-E5C4-487F-9D73-BF8344D1BC67} 2012-03-13 11:27:31 -------- d-----w- C:\Users\Root\AppData\Local\{5A9E9B8A-FB4A-4A53-9C42-88C525CF8004} 2012-03-12 13:10:23 -------- d-----w- C:\Users\Root\AppData\Local\{724EC8EC-C5C7-403B-89BC-8581FA1B7192} 2012-03-12 13:10:12 -------- d-----w- C:\Users\Root\AppData\Local\{CF578E40-7704-4393-B56D-6C4F5C1825CD} 2012-03-11 01:13:02 -------- d-----w- C:\Program Files (x86)\Elecard 2012-03-11 01:13:02 -------- d-----w- C:\Program Files (x86)\Common Files\Elecard 2012-03-10 00:47:42 -------- d-----w- C:\dvbdream 2012-03-10 00:13:10 -------- d-----w- C:\Program Files (x86)\CoreCodec 2012-03-09 20:10:28 89088 ----a-w- C:\Windows\SysWow64\atl71.dll 2012-03-09 20:10:28 671744 ----a-w- C:\Windows\SysWow64\DolbyHph.dll 2012-03-09 19:39:58 -------- d-----w- C:\Program Files\ProgDVB 2012-03-09 19:28:23 -------- d--h--w- C:\ProgramData\{3DBA7F3A-54F5-4A48-86EE-F122FBAAB103} 2012-03-09 18:03:51 -------- d-----w- C:\Users\Root\AppData\Local\{1BE042A5-B8F1-4D47-B103-34DDCCAFD196} 2012-03-09 18:03:29 -------- d-----w- C:\Users\Root\AppData\Local\{89C46178-4EEE-4B47-B2EE-EAFC53C3BECE} 2012-03-09 17:55:58 -------- d-----w- C:\ProgramData\CMUV 2012-03-09 17:48:21 -------- d-----w- C:\Program Files (x86)\ProgDVB 2012-03-09 17:45:18 -------- d-----w- C:\ProgramData\Technisat 2012-03-09 17:45:10 -------- d-----w- C:\Program Files (x86)\DVBViewer TE2 2012-03-09 17:45:08 -------- d-----w- C:\Program Files (x86)\TechniSat DVB 2012-03-09 09:50:42 222904 ----a-w- C:\Windows\System32\drivers\keyscrambler.sys 2012-03-08 21:26:28 617048 ----a-w- C:\Windows\System32\drivers\SkyNET_AMD64.sys 2012-03-08 05:05:06 120632 ----a-w- C:\Windows\System32\KeyScramblerLogon.dll 2012-03-07 19:06:51 -------- d-----w- C:\Users\Root\AppData\Local\{18D008D0-150A-457A-B796-EC40E1DCBEEF} 2012-03-07 19:06:40 -------- d-----w- C:\Users\Root\AppData\Local\{1B2ECACC-7AFD-40ED-AA15-F98319235460} 2012-03-05 18:28:48 -------- d-----w- C:\Users\Root\AppData\Local\{47A527A0-C71B-4A8C-A7E6-458618EAB296} 2012-03-05 18:28:38 -------- d-----w- C:\Users\Root\AppData\Local\{6FD9BC24-A502-4C88-BE8F-C458A8290DAF} 2012-03-04 20:11:44 -------- d-----w- C:\Users\Root\AppData\Local\{7190D548-DC8B-46AF-8B09-DF8B36F60B0B} 2012-03-04 20:11:33 -------- d-----w- C:\Users\Root\AppData\Local\{4A08C823-316B-45C6-A056-33B79C218C42} 2012-03-04 07:58:52 -------- d-----w- C:\Users\Root\AppData\Local\{15D22168-242C-48D6-BDAE-03ABEA2A4752} 2012-03-04 07:58:41 -------- d-----w- C:\Users\Root\AppData\Local\{19D9C997-78FF-45FF-9EFB-ABAFBD11FA0B} 2012-03-03 18:27:13 -------- d-----w- C:\Users\Root\AppData\Local\{B1A28C06-8685-4292-8FD2-4D228B665C3A} 2012-03-03 18:26:59 -------- d-----w- C:\Users\Root\AppData\Local\{BA41CF5A-1989-49F4-8865-EF6DD6E8B354} 2012-03-01 17:03:07 -------- d-----w- C:\Program Files (x86)\KeyScrambler 2012-03-01 16:36:59 -------- d-----w- C:\Users\Root\AppData\Local\LogiShrd 2012-03-01 16:36:55 53248 ----a-r- C:\Users\Root\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2012-03-01 16:36:47 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys 2012-03-01 16:36:10 -------- d-----w- C:\Users\Root\AppData\Roaming\Logishrd 2012-03-01 16:11:47 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll 2012-03-01 16:11:23 -------- d-----w- C:\Intel 2012-02-29 03:46:40 -------- d-----w- C:\NVIDIA 2012-02-28 11:34:18 -------- d-----w- C:\Users\Root\AppData\Local\{703D2332-D086-4922-BED7-4C7C4947FCBA} 2012-02-28 11:34:07 -------- d-----w- C:\Users\Root\AppData\Local\{2F42EFCD-0120-4ECD-9BFD-21A025397CA5} 2012-02-28 09:42:36 149640 ----a-w- C:\Windows\System32\drivers\idmwfp.sys 2012-02-28 02:15:52 162664 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin 2012-02-27 16:22:44 -------- d-----w- C:\Users\Root\AppData\Local\{03917EEB-7360-493D-A9FE-25EE20D31760} 2012-02-27 16:22:34 -------- d-----w- C:\Users\Root\AppData\Local\{1F828F0C-36DB-4A01-B866-3E1D3E0F3D29} 2012-02-23 23:16:37 -------- d-----w- C:\Users\Root\AppData\Local\{73AA72E3-70AC-415F-B167-1D85107EA945} 2012-02-23 23:16:26 -------- d-----w- C:\Users\Root\AppData\Local\{40075EA3-CC89-4D55-AE32-601D5D090B15} 2012-02-22 23:45:40 -------- d-----w- C:\Users\Root\AppData\Local\{71D36FED-14FB-4A3E-8FD5-D235BCC7E651} 2012-02-22 23:45:27 -------- d-----w- C:\Users\Root\AppData\Local\{AF04DE2D-1225-4615-87E7-98F9113CAE3A} 2012-02-20 18:18:43 -------- d-----w- C:\Users\Root\AppData\Local\{DD484FD7-DC1B-4033-B14E-E7AD753404B7} 2012-02-20 18:18:29 -------- d-----w- C:\Users\Root\AppData\Local\{FC8CA931-302A-45FA-AD83-66F2A3493B34} 2012-02-19 20:05:30 -------- d-----w- C:\Users\Root\AppData\Roaming\TeamViewer . ==================== Find3M ==================== . 2012-03-06 21:07:35 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-10 03:14:04 6074176 ----a-w- C:\Windows\System32\nvcpl.dll 2012-02-10 03:14:01 3089728 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-02-10 03:07:00 889664 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-02-10 03:07:00 63296 ----a-w- C:\Windows\System32\nvshext.dll 2012-02-10 03:07:00 118080 ----a-w- C:\Windows\System32\nvmctray.dll 2012-02-09 17:05:44 416064 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-01-18 12:47:46 31344 ----a-w- C:\Windows\System32\drivers\VMparport.sys 2012-01-18 12:47:44 942192 ----a-w- C:\Windows\System32\vnetlib64.dll 2012-01-18 12:47:44 63088 ----a-w- C:\Windows\System32\drivers\vmx86.sys 2012-01-18 12:47:28 433264 ----a-w- C:\Windows\SysWow64\vmnat.exe 2012-01-18 12:47:20 354416 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe 2012-01-18 12:46:18 30320 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys 2012-01-18 10:41:32 252016 ----a-w- C:\Windows\SysWow64\vmnc.dll 2012-01-18 10:06:00 62064 ----a-w- C:\Windows\System32\vmnetbridge.dll 2012-01-18 10:06:00 48752 ----a-w- C:\Windows\System32\vnetinst.dll 2012-01-18 10:06:00 45680 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys 2012-01-18 10:06:00 24176 ----a-w- C:\Windows\System32\drivers\vmnet.sys 2012-01-18 10:06:00 20080 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys 2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl 2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys . ============= FINISH: 21:35:55.50 ===============