hier einfach als post und nicht als Anhang :
OTL Logfile: Code:
OTL logfile created on: 17.10.2011 17:43:26 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\shiddi\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,97 Gb Total Physical Memory | 13,93 Gb Available Physical Memory | 87,23% Memory free
31,94 Gb Paging File | 29,82 Gb Available in Paging File | 93,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,28 Gb Total Space | 406,44 Gb Free Space | 83,24% Space Free | Partition Type: NTFS
Drive E: | 100,00 Mb Total Space | 71,40 Mb Free Space | 71,40% Space Free | Partition Type: NTFS
Drive F: | 218,62 Gb Total Space | 142,58 Gb Free Space | 65,22% Space Free | Partition Type: NTFS
Drive G: | 224,61 Gb Total Space | 223,57 Gb Free Space | 99,54% Space Free | Partition Type: NTFS
Drive H: | 126,85 Gb Total Space | 80,72 Gb Free Space | 63,63% Space Free | Partition Type: NTFS
Drive L: | 138,23 Gb Total Space | 103,51 Gb Free Space | 74,88% Space Free | Partition Type: NTFS
Drive U: | 9,77 Gb Total Space | 8,96 Gb Free Space | 91,74% Space Free | Partition Type: NTFS
Drive Z: | 97,66 Gb Total Space | 87,26 Gb Free Space | 89,36% Space Free | Partition Type: NTFS
Computer Name: SHIDDI-PC | User Name: shiddi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.10.17 16:52:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\shiddi\Desktop\OTL.exe
PRC - [2011.10.01 22:27:08 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.12 17:13:26 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.03.23 23:22:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.01.25 10:11:16 | 000,438,272 | ---- | M] (MSI CO.,LTD.) -- C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
PRC - [2010.04.05 12:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- G:\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009.07.27 11:13:28 | 000,061,440 | ---- | M] () -- C:\Windows\SysWOW64\ASDR.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.11.29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.12.01 14:22:58 | 000,063,488 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\Windows\SysNative\ATKFUSService.exe -- (ATKFUSService)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.10.13 12:12:03 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.10.01 22:27:08 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.12 17:13:26 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.23 23:22:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.04.05 12:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- G:\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.07.27 11:13:28 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASDR.exe -- (ASDR)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.05 16:45:39 | 000,230,864 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011.09.30 20:46:15 | 000,503,352 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.09.30 16:53:41 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.03.31 15:01:50 | 000,126,464 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.03 17:59:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.02.16 11:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.02.10 14:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.02.10 14:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010.09.29 11:34:50 | 000,377,176 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys -- (LADF_SBVM)
DRV:64bit: - [2010.09.29 11:34:48 | 000,062,168 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys -- (LADF_DHP2)
DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010.02.22 15:46:36 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)
DRV:64bit: - [2009.11.18 01:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.11.01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.02.17 18:22:22 | 000,039,424 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys -- (atkdisplf)
DRV:64bit: - [2009.02.17 18:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb)
DRV:64bit: - [2007.07.17 17:42:38 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007.07.17 17:42:32 | 000,054,288 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.10.22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2010.05.10 10:44:40 | 000,033,592 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.11.14 02:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
DRV - [2004.04.10 09:43:54 | 000,004,608 | ---- | M] (cansoft@livewiredev.com) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\mbmiodrvr.sys -- (mbmiodrvr)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A9 9A 92 9A 78 80 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\shiddi\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\shiddi\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
[2011.10.02 20:35:22 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\shiddi\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = G:\MSOFFI~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = G:\MSOFFI~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\shiddi\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\shiddi\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\shiddi\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Session Manager = C:\Users\shiddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0\
CHR - Extension: Adblock Plus fr Google Chrome (Beta) = C:\Users\shiddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.1.4_0\
CHR - Extension: BitDefender QuickScan = C:\Users\shiddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.99_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [DriveTheLife] C:\Program Files (x86)\DriveTheLife\DriveTheLife.exe (深圳市拾三意网络科技有限公司)
O4 - HKLM..\Run: [Logitech G35] G:\G35\G35.exe (Logitech(c))
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe (TODO: <Company name>)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Steam] F:\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HLSW.lnk = G:\HLSW\hlsw.exe (Stripf Software)
O4 - Startup: C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamSpeak 3 Client.lnk = G:\TS3\ts3client_win64.exe (TeamSpeak Systems GmbH)
O4 - Startup: C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = G:\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://G:\MSOFFI~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://G:\MSOFFI~1\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D70E6C2-00B2-431B-ADBB-24D68E6A5594}: DhcpNameServer = 192.168.0.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
MsConfig:64bit - StartUpFolder: C:^Users^shiddi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip - - File not found
MsConfig:64bit - StartUpReg: AlcoholAutomount - hkey= - key= - G:\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
MsConfig:64bit - StartUpReg: ASUSGamerOSD - hkey= - key= - C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
MsConfig:64bit - StartUpReg: BCSSync - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: CanonMyPrinter - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
MsConfig:64bit - StartUpReg: CanonSolutionMenuEx - hkey= - key= - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
MsConfig:64bit - StartUpReg: facemoods - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\shiddi\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig:64bit - StartUpReg: Kernel and Hardware Abstraction Layer - hkey= - key= - C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
MsConfig:64bit - StartUpReg: Live Update 5 - hkey= - key= - C:\Program Files (x86)\MSI\Live Update 5\LU5.exe ()
MsConfig:64bit - StartUpReg: NUSB3MON - hkey= - key= - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
MsConfig:64bit - StartUpReg: Razer Naga Driver - hkey= - key= - G:\NAGA\RazerNagaSysTray.exe (Razer USA Ltd)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.10.17 17:19:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.10.17 16:54:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.10.17 16:52:05 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\shiddi\Desktop\OTL.exe
[2011.10.17 16:25:28 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Malwarebytes
[2011.10.17 16:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.17 16:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.17 16:25:18 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.10.17 16:25:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.10.16 16:09:35 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\QuickScan
[2011.10.15 19:01:59 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\My Photos
[2011.10.15 19:01:59 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\My Documents
[2011.10.15 19:01:28 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Local Settings
[2011.10.15 17:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Sync
[2011.10.15 17:33:28 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011.10.15 17:33:08 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Htc
[2011.10.15 17:33:01 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\HTC
[2011.10.15 17:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
[2011.10.15 17:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spirent Communications
[2011.10.15 17:17:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC
[2011.10.15 17:17:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011.10.15 17:16:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011.10.14 18:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011.10.14 18:13:09 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Application Data
[2011.10.13 16:09:22 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\BioWare
[2011.10.13 15:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dragon Age 2
[2011.10.13 15:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2011.10.13 15:18:42 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.10.13 15:18:42 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.10.09 15:33:52 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terrafirma
[2011.10.08 22:50:00 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Desktop\SKIDROW
[2011.10.06 21:08:53 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Desktop\GTA THEME
[2011.10.06 18:25:03 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Desktop\shiddi
[2011.10.05 16:52:13 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\TrueCrypt
[2011.10.05 16:45:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
[2011.10.05 16:45:39 | 000,230,864 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2011.10.05 16:45:26 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt
[2011.10.05 16:38:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ShellExt
[2011.10.05 15:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.10.05 15:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.10.05 15:07:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.10.04 17:14:31 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJ
[2011.10.04 17:13:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2011.10.04 17:12:40 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Canon
[2011.10.02 23:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.10.02 23:34:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011.10.02 20:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.10.02 20:32:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2011.10.02 12:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.10.02 12:20:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.10.02 12:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.10.02 12:16:59 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\Battlefield 3 Open Beta
[2011.10.02 11:36:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2011.10.02 11:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.10.01 23:51:08 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\LogiShrd
[2011.10.01 23:51:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2011.10.01 23:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2011.10.01 23:49:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2011.10.01 23:49:12 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Downloaded Installations
[2011.10.01 22:44:29 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.10.01 22:27:32 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2011.10.01 17:37:45 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011.10.01 17:37:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriveTheLife 2009
[2011.10.01 17:37:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriveTheLife
[2011.10.01 15:15:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2011.10.01 01:12:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2011.10.01 01:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011.10.01 01:11:32 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\InstallShield
[2011.09.30 23:33:46 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.09.30 23:33:33 | 000,000,000 | -HSD | C] -- C:\Boot
[2011.09.30 23:26:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
[2011.09.30 23:26:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Geeks3D
[2011.09.30 23:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2011.09.30 23:05:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2011.09.30 22:59:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011.09.30 22:37:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.09.30 22:35:12 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.09.30 22:34:34 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011.09.30 20:57:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011.09.30 20:50:54 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\InstallAnywhere
[2011.09.30 20:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 52%
[2011.09.30 20:46:15 | 000,503,352 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2011.09.30 19:03:45 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Origin
[2011.09.30 19:03:44 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Origin
[2011.09.30 19:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2011.09.30 19:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2011.09.30 19:03:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2011.09.30 19:03:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011.09.30 18:24:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.09.30 18:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.09.30 18:21:28 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\Ubisoft
[2011.09.30 18:21:27 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\Documents\Runes of Magic 22.08
[2011.09.30 18:21:26 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\Documents\Runes of Magic 20.08
[2011.09.30 18:21:24 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\Documents\Runes of Magic 18.08 neu
[2011.09.30 18:21:23 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\Documents\Runes of Magic 04.09.2011
[2011.09.30 18:21:21 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\Documents\Runes of Magic
[2011.09.30 18:20:48 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\My Games
[2011.09.30 18:20:48 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\Meine empfangenen Dateien
[2011.09.30 18:20:48 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\Deus Ex - Invisible War
[2011.09.30 18:20:47 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\BFBC2
[2011.09.30 18:20:03 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Desktop\terraria.serhanp
[2011.09.30 18:19:43 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Desktop\CoH Maps
[2011.09.30 18:19:23 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\vlc
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Software Informer
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\redsn0w
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Notepad++
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ezCoverMaker 3.1.0
[2011.09.30 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2011.09.30 18:18:49 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\DisplayFusion
[2011.09.30 18:18:49 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\CD-LabelPrint
[2011.09.30 18:18:41 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Apple Computer
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Windows Live
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Ubisoft Game Launcher
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{FD90D821-D705-47D7-92EA-4EA277223379}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{FCA65FF3-E69C-427D-8C89-BECED8F992A1}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{FB37EB42-481A-4699-BCA9-F83F1DEACAC7}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{FADDE3C9-DE08-43B1-A3E5-487BC0CC8B26}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{F85121C1-F850-4E7C-B209-2E6795B471E5}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{F4162472-A791-4350-AFA8-0727596586FC}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{F2CDB118-2996-4797-98F2-D71FBDF6943F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{EF5850F4-8DD9-4E83-B489-6A0A92C8F058}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{EC2FCF36-17CE-4761-B002-F07123188750}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{E8121D9F-AC3E-4AF0-B485-D0E7CE4142C4}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{E6A50690-A9AD-4814-8050-04F8C9BBC98F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{E59EED8E-1555-4250-BA99-8A13D4BE0236}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{E4C02A71-7009-46D8-83D0-A7FB5765B38C}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{E1D81303-D06F-437C-A73B-168DB59499C2}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{DC726566-A3BB-4071-A5CC-F2F8EAAD6B11}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{D9D85837-6F35-4995-9609-30F1573830ED}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{D4D6C51B-92EF-413B-A89C-B9327C701FDF}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{CED748DF-D512-47AA-B355-E08DF5985A52}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{CB32FF28-C420-4373-86F4-80DB37AE40B8}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{C93C9544-F196-4CDD-989D-203374540D0E}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{C67DF668-F807-4D06-A175-CAAB7B6BECF9}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{C34303CC-E398-43F4-A094-C8587A640DD7}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{C1C2C7B0-F046-4C20-8E7D-AE67C5302607}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{C18D21EE-82A3-44D5-87D1-25B081FB37ED}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{BED7C99B-84F7-49A6-9D51-76C2DF8B9130}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{BEA7B6F4-BC24-4B4E-A341-FB771E3A9CC7}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{BDBD8F99-C7D6-45B5-AFC2-AB9EE3968321}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{BD865D7A-3F70-408E-B980-CD9357EC74A1}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{BA3E8071-A1CF-4DE7-8E38-EAC85A049BE4}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{AC48CE65-5AA7-41EB-8387-BEF246B431F9}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{AA707825-9891-40BC-BF75-7607AA6AB987}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{A4002282-9D22-4D67-B80F-92E1812312FA}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{A2C57585-7A75-4E1E-BC2C-0482762C9132}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{9F7F70F0-CB38-463F-B502-FBF395428D4F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{9F76AD9C-D783-4AE6-92C6-A4DFDC7C9213}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{9EC8A4B5-263B-4CE8-8D7D-8B220ABE7AA2}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{9B1442BA-9BE9-4346-8903-64B7F94E13F6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{965454CE-E112-435D-9787-24CE71BAF981}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{91802F44-7AB9-489D-BC79-B893415B9503}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{8CC25773-A260-4639-A8EE-BB289A4757EA}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{8C21FF68-ACE9-47C5-BFEE-956FAA72E4ED}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{8913A3FF-2609-4A50-B3A9-4C57BF54CA4F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{85613CEB-2B93-4440-BEC2-88573D9E2E2B}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{835C9B2B-D238-4903-B0FA-51D739C38197}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{7916D6D2-5E54-4962-B640-946BF4F72895}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{7741251E-64EC-4BF8-A87C-1966B4386015}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{76067D4C-0F9A-4DFD-B05B-456B59806AB0}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{73D15B7B-BB3D-421B-8001-B67AC431D378}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{705E174A-857B-4C17-8A7B-93F470880113}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6CFCB152-A25C-49C4-A9C1-79D9B05AA79A}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6C418A3F-C4E4-4EC0-BF84-A34DECD921F6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6BE7D7A3-EADC-4030-B7AC-2063EFD7FEC7}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6B83AADD-A124-430C-9A24-95DA73E8BAA5}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6B822E39-20BD-4670-826F-A94DDB24C819}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6ADB75AD-8DB1-4035-94A8-11B967942E1C}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{66C281E5-3CAF-4C42-84FB-6CADD82ABC4E}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{66C0DE84-BEFA-46D1-AD4A-D2327B1703C6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6516EE82-1282-42A7-BE53-02CDAEF9DFE6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{63915E61-8DF8-4BEE-A241-4C146F8FB5C6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{6176DD7E-775F-44D6-AC2E-CAA8A8F97CDB}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{611342CD-7230-4038-85D6-AABA814B4819}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{5C073BAB-B10E-4C01-A50E-DE66E24DC873}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{5B644BC9-805E-49A9-A5B8-9295A543B8AF}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{5ABA3A3B-FA8C-4C9A-B7D9-F8AE6AB7BB7F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{594E7533-3B62-4B6E-8DB0-0CBE81F7B66A}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{5799807D-4568-42EE-AE40-65CA4F7B43CA}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{576D6673-D4E3-4B87-9C03-1484CCFC9632}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{573F7818-55D4-418A-8573-F27796198F81}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{56E54B56-6352-4EB8-BDB9-23B40EEFA6CE}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{4E9AC099-26DA-4F8A-82C7-BA615EB27A82}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{4E6AF0B0-F122-480E-8BC5-4013153D7ADB}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{4D72D53E-8F4C-490F-B59C-9F637AC7C336}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{46ABD8FF-A238-4785-91AF-3EA09761661F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{439052A3-6ACD-46B9-A66C-FC851FF6913D}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{42FF222B-C995-40FC-AF97-F784E4A93791}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{426FFB3D-3A92-488D-AF35-67ED68693E2A}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{3ABE5719-B179-49A6-8EBB-D6210DB130F3}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{3A7CA099-4A03-4737-961A-2F21C40AF8FE}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{37A92021-E569-47A0-945E-836337FD09EE}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{3745DFEB-81F2-493D-B255-9F06A90F51A2}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{3481859E-C5EA-4861-8671-E575A9A06C8A}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{3238681E-C965-419D-B67E-C1F1F33CE285}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{31DC22EF-6A31-4306-A797-D133E8BEBD27}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{311452FA-460C-407C-B039-E10AE9F0383F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{29B8D09C-EE76-46AD-917D-86265FA1578F}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{2851B64D-08FE-402E-A297-CD6F1469CA7B}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{278CA70F-4524-483D-8743-0CD5CC75AC80}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{23F4353B-5DBF-4B17-B3EE-214928476083}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{1B804D70-B3D2-460E-AE81-E3E5A9B33F04}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{1B11C320-1E22-4EC5-94A1-273E696E72BD}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{1A19B618-C2A7-4992-A898-D27FB8CC046D}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{18A6133D-FD7F-4728-B340-4AAAD03EC1DD}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{116831DE-9A69-4426-B069-29F8765F99F6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{113EA621-3E68-4B4E-BA68-16EF01326451}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{0DCC6294-E128-476C-B570-1D8C8835472E}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{0B6B6667-3128-444C-BC47-0630A30043D6}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{0A8ECD0A-BA18-4DF2-8C94-60FBDB995D2A}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{03AA10A1-049E-4D0C-AA3C-E165BC6580DF}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{03766BED-EDD2-46F6-B4D0-8534BB941D12}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{0320955C-1545-4B2A-A4F4-5DAEDE55A248}
[2011.09.30 18:18:39 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\{015D44DA-4687-42BA-935A-2FAA362F2286}
[2011.09.30 18:18:04 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\PunkBuster
[2011.09.30 18:17:23 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\ElevatedDiagnostics
[2011.09.30 18:17:23 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\dxhr
[2011.09.30 18:17:23 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Deployment
[2011.09.30 18:17:22 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Apple Computer
[2011.09.30 18:17:22 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Apple
[2011.09.30 18:17:22 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Adobe
[2011.09.30 18:17:22 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\28050
[2011.09.30 18:13:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX
[2011.09.30 18:13:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2011.09.30 18:13:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2011.09.30 18:12:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2011.09.30 18:06:10 | 000,004,608 | ---- | C] (cansoft@livewiredev.com) -- C:\Windows\SysWow64\mbmiodrvr.sys
[2011.09.30 18:06:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motherboard Monitor 5
[2011.09.30 18:06:09 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MBM 5
[2011.09.30 18:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MBM 5
[2011.09.30 18:02:59 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2011.09.30 18:00:20 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\WinRAR
[2011.09.30 18:00:20 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.09.30 18:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.09.30 18:00:18 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011.09.30 17:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup
[2011.09.30 17:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series Benutzerregistrierung
[2011.09.30 17:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2011.09.30 17:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2011.09.30 17:57:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint
[2011.09.30 17:57:21 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\ts3overlay
[2011.09.30 17:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011.09.30 17:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2011.09.30 17:56:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011.09.30 17:56:03 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2011.09.30 17:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
[2011.09.30 17:55:35 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Adobe
[2011.09.30 17:54:28 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2011.09.30 17:54:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2011.09.30 17:53:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2011.09.30 17:53:10 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\TS3Client
[2011.09.30 17:50:55 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Apps
[2011.09.30 17:48:53 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Realtime Soft
[2011.09.30 17:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\UltraMon
[2011.09.30 17:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Realtime Soft
[2011.09.30 17:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Realtime Soft
[2011.09.30 17:46:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011.09.30 17:33:18 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.09.30 17:30:51 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Macromedia
[2011.09.30 17:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011.09.30 17:29:33 | 000,023,680 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\IOMap64.sys
[2011.09.30 17:29:23 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Documents\ASUS
[2011.09.30 17:22:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.09.30 17:19:55 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Microsoft Help
[2011.09.30 17:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.09.30 17:17:52 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Leadertech
[2011.09.30 17:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011.09.30 17:16:38 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011.09.30 17:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2011.09.30 17:12:24 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Xfire
[2011.09.30 17:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2011.09.30 17:12:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2011.09.30 17:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2011.09.30 17:11:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2011.09.30 17:09:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.09.30 17:07:29 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Google
[2011.09.30 17:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2011.09.30 17:03:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI
[2011.09.30 17:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2011.09.30 17:02:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2011.09.30 17:02:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2011.09.30 17:01:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.09.30 17:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011.09.30 17:01:26 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011.09.30 17:01:26 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.09.30 17:01:26 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011.09.30 17:01:26 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011.09.30 17:01:26 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.09.30 17:01:25 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011.09.30 17:01:25 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011.09.30 17:01:25 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011.09.30 17:01:25 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011.09.30 17:01:24 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.09.30 17:01:24 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.09.30 17:01:23 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011.09.30 17:01:23 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011.09.30 17:01:21 | 002,075,712 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011.09.30 17:01:20 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011.09.30 17:00:26 | 000,428,136 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011.09.30 17:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011.09.30 16:59:38 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011.09.30 16:59:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011.09.30 16:59:36 | 000,000,000 | ---D | C] -- C:\Intel
[2011.09.30 16:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2011.09.30 16:53:41 | 000,016,384 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\EIO64.sys
[2011.09.30 16:53:41 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
[2011.09.30 16:51:58 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HLSW
[2011.09.30 16:51:58 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\HLSW
[2011.09.30 16:51:55 | 005,473,280 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKOSDX64.dll
[2011.09.30 16:51:55 | 002,212,864 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKDispCPL.dll
[2011.09.30 16:51:55 | 001,354,240 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\atklumdispx.dll
[2011.09.30 16:51:55 | 000,151,040 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\atkdx11dispx.dll
[2011.09.30 16:51:55 | 000,150,528 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\atkdx10dispx.dll
[2011.09.30 16:51:55 | 000,063,488 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKFUSService.exe
[2011.09.30 16:51:55 | 000,039,424 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys
[2011.09.30 16:51:55 | 000,039,424 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\ATKDispLowFilter.sys
[2011.09.30 16:51:55 | 000,016,896 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKOGL64.dll
[2011.09.30 16:51:54 | 005,463,552 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysWow64\ATKOSDX32.dll
[2011.09.30 16:51:54 | 001,336,320 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\ATKLUMDISP.dll
[2011.09.30 16:51:54 | 000,135,168 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\atkdx11disp.dll
[2011.09.30 16:51:54 | 000,135,168 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\atkdx10disp.dll
[2011.09.30 16:51:54 | 000,102,400 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysWow64\NetVideo_SBS.ax
[2011.09.30 16:51:54 | 000,102,400 | ---- | C] (ASMedia Techonology) -- C:\Windows\ASMT_CE.dll
[2011.09.30 16:51:54 | 000,071,680 | ---- | C] (ASMedia Technology) -- C:\Windows\i2c.dll
[2011.09.30 16:51:54 | 000,069,632 | ---- | C] (ASMedia Technology) -- C:\Windows\i2c_i.dll
[2011.09.30 16:51:54 | 000,068,608 | ---- | C] (ASMedia Technology) -- C:\Windows\nVGA_i2c.dll
[2011.09.30 16:51:54 | 000,017,792 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\asusgsb.sys
[2011.09.30 16:51:54 | 000,017,792 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\asusgsb.sys
[2011.09.30 16:51:54 | 000,015,360 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysWow64\ATKOGL32.dll
[2011.09.30 16:51:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2011.09.30 16:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2011.09.30 16:51:15 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2011.09.30 16:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2011.09.30 16:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2011.09.30 16:50:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.09.30 16:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.09.30 16:49:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011.09.30 16:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.09.30 16:48:30 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011.09.30 16:48:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.09.30 16:48:03 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.09.30 16:43:26 | 000,000,000 | R--D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.09.30 16:43:26 | 000,000,000 | R--D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.09.30 16:43:25 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Searches
[2011.09.30 16:43:15 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Identities
[2011.09.30 16:43:13 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Contacts
[2011.09.30 16:43:12 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\VirtualStore
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Vorlagen
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\AppData\Local\Verlauf
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\AppData\Local\Temporary Internet Files
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Startmenü
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\SendTo
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Recent
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Netzwerkumgebung
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Lokale Einstellungen
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Documents\Eigene Videos
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Documents\Eigene Musik
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Eigene Dateien
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Documents\Eigene Bilder
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Druckumgebung
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Cookies
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\AppData\Local\Anwendungsdaten
[2011.09.30 16:43:01 | 000,000,000 | -HSD | C] -- C:\Users\shiddi\Anwendungsdaten
[2011.09.30 16:43:00 | 000,000,000 | --SD | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Videos
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Saved Games
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Pictures
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Music
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Links
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Favorites
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Downloads
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Documents
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\Desktop
[2011.09.30 16:43:00 | 000,000,000 | R--D | C] -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.09.30 16:43:00 | 000,000,000 | -H-D | C] -- C:\Users\shiddi\AppData
[2011.09.30 16:43:00 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Temp
[2011.09.30 16:43:00 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Local\Microsoft
[2011.09.30 16:43:00 | 000,000,000 | ---D | C] -- C:\Users\shiddi\AppData\Roaming\Media Center Programs
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.09.30 16:40:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.09.28 18:57:30 | 000,000,000 | ---D | C] -- C:\Users\shiddi\.shsh
[2011.09.28 18:57:02 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Oma_Buch
[2011.09.28 18:57:01 | 000,000,000 | ---D | C] -- C:\Users\shiddi\nuschi
[2011.09.28 18:57:01 | 000,000,000 | ---D | C] -- C:\Users\shiddi\Melanie
[2011.09.28 18:56:59 | 000,000,000 | ---D | C] -- C:\Users\shiddi\mama
[2011.09.28 18:55:38 | 000,000,000 | ---D | C] -- C:\Users\shiddi\iTunes
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.10.17 17:33:22 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.17 17:33:22 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.17 17:27:39 | 000,337,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.17 17:27:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.17 17:27:25 | 4271,566,846 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.17 17:17:16 | 000,001,220 | ---- | M] () -- C:\prefs.js
[2011.10.17 17:12:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2644519557-559773896-1197014076-1000UA.job
[2011.10.17 17:12:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2644519557-559773896-1197014076-1000Core.job
[2011.10.17 16:55:39 | 000,000,020 | ---- | M] () -- C:\Users\shiddi\defogger_reenable
[2011.10.17 16:52:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\shiddi\Desktop\OTL.exe
[2011.10.17 16:25:21 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.16 17:55:27 | 003,497,209 | ---- | M] () -- C:\Users\shiddi\Desktop\world1.rar
[2011.10.16 17:47:24 | 097,064,147 | ---- | M] () -- C:\Users\shiddi\Desktop\world1.wld
[2011.10.15 19:28:59 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.15 19:28:59 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.10.15 19:28:59 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.15 19:28:59 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.10.15 19:28:59 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.15 17:43:37 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2011.10.15 16:03:48 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.10.15 16:03:48 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.10.15 16:02:51 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.10.13 22:29:40 | 000,042,392 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.10.13 22:29:40 | 000,028,056 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2011.10.09 15:33:52 | 000,000,562 | ---- | M] () -- C:\Users\shiddi\Desktop\Terrafirma.lnk
[2011.10.09 01:30:43 | 000,000,704 | ---- | M] () -- C:\Users\shiddi\Documents\ax_files.xml
[2011.10.08 12:13:04 | 016,129,083 | ---- | M] () -- C:\Users\shiddi\Desktop\SKIDROW.rar
[2011.10.07 22:08:39 | 000,025,004 | ---- | M] () -- C:\Users\shiddi\Desktop\www.rofl.to_you-are-gay.jpg
[2011.10.06 21:22:15 | 000,206,051 | ---- | M] () -- C:\Users\shiddi\Desktop\ts3 übersicht.jpg
[2011.10.05 18:14:36 | 000,000,589 | ---- | M] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamSpeak 3 Client.lnk
[2011.10.05 18:13:50 | 000,000,509 | ---- | M] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HLSW.lnk
[2011.10.05 17:03:27 | 000,000,798 | ---- | M] () -- C:\Users\shiddi\Desktop\Client.exe - Verknüpfung.lnk
[2011.10.05 16:45:43 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2011.10.05 16:45:39 | 000,230,864 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2011.10.02 03:06:03 | 001,588,762 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.01 23:50:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2011.10.01 22:27:08 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.10.01 12:54:00 | 406,888,288 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.10.01 12:42:27 | 000,000,490 | ---- | M] () -- C:\Users\shiddi\Desktop\Driver.exe - Verknüpfung.lnk
[2011.09.30 23:33:35 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011.09.30 22:38:59 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.09.30 22:38:59 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.09.30 22:36:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.09.30 20:46:15 | 000,503,352 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2011.09.30 20:38:53 | 000,001,105 | ---- | M] () -- C:\Users\shiddi\Desktop\Terraria.exe - Verknüpfung.lnk
[2011.09.30 17:48:52 | 000,002,585 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2011.09.30 17:46:23 | 000,000,273 | ---- | M] () -- C:\Windows\game.ini
[2011.09.30 17:12:23 | 000,000,517 | ---- | M] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2011.09.30 17:11:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzSynapse_01007.Wdf
[2011.09.30 17:04:48 | 000,001,182 | ---- | M] () -- C:\Users\Public\Desktop\ControlCenter.lnk
[2011.09.30 17:04:37 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2011.09.30 16:53:41 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\EIO64.sys
[2011.09.30 16:51:15 | 000,000,514 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2011.09.30 16:41:11 | 000,171,136 | RHS- | M] () -- C:\w7ldr
[2011.09.20 01:22:34 | 000,007,600 | ---- | M] () -- C:\Users\shiddi\AppData\Local\resmon.resmoncfg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.10.17 16:55:39 | 000,000,020 | ---- | C] () -- C:\Users\shiddi\defogger_reenable
[2011.10.17 16:25:21 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.16 17:55:57 | 097,064,147 | ---- | C] () -- C:\Users\shiddi\Desktop\world1.wld
[2011.10.16 17:28:22 | 003,497,209 | ---- | C] () -- C:\Users\shiddi\Desktop\world1.rar
[2011.10.15 17:43:37 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2011.10.13 22:29:40 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.10.13 22:29:40 | 000,028,056 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2011.10.09 15:33:52 | 000,000,562 | ---- | C] () -- C:\Users\shiddi\Desktop\Terrafirma.lnk
[2011.10.08 12:13:00 | 016,129,083 | ---- | C] () -- C:\Users\shiddi\Desktop\SKIDROW.rar
[2011.10.07 22:08:39 | 000,025,004 | ---- | C] () -- C:\Users\shiddi\Desktop\www.rofl.to_you-are-gay.jpg
[2011.10.06 21:22:15 | 000,206,051 | ---- | C] () -- C:\Users\shiddi\Desktop\ts3 übersicht.jpg
[2011.10.05 18:14:36 | 000,000,589 | ---- | C] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamSpeak 3 Client.lnk
[2011.10.05 18:13:50 | 000,000,509 | ---- | C] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HLSW.lnk
[2011.10.05 17:03:27 | 000,000,798 | ---- | C] () -- C:\Users\shiddi\Desktop\Client.exe - Verknüpfung.lnk
[2011.10.05 16:45:43 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2011.10.05 15:09:03 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.10.02 20:35:22 | 000,001,220 | ---- | C] () -- C:\prefs.js
[2011.10.02 20:32:19 | 000,001,966 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.10.02 20:32:19 | 000,001,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2011.10.02 20:32:19 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.10.01 23:50:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2011.10.01 12:42:27 | 000,000,490 | ---- | C] () -- C:\Users\shiddi\Desktop\Driver.exe - Verknüpfung.lnk
[2011.09.30 23:33:35 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2011.09.30 23:33:33 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2011.09.30 22:38:51 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.09.30 22:38:39 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.09.30 22:36:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.09.30 22:34:34 | 4271,566,846 | -HS- | C] () -- C:\hiberfil.sys
[2011.09.30 20:42:34 | 001,588,762 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.30 19:16:14 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.09.30 18:20:47 | 000,000,704 | ---- | C] () -- C:\Users\shiddi\Documents\ax_files.xml
[2011.09.30 18:19:40 | 000,013,712 | ---- | C] () -- C:\Users\shiddi\Desktop\test.jpg
[2011.09.30 18:19:39 | 016,707,028 | ---- | C] () -- C:\Users\shiddi\Desktop\terraria.serhanp.rar
[2011.09.30 18:19:39 | 000,043,553 | ---- | C] () -- C:\Users\shiddi\Desktop\o.jpg
[2011.09.30 18:19:39 | 000,001,105 | ---- | C] () -- C:\Users\shiddi\Desktop\Terraria.exe - Verknüpfung.lnk
[2011.09.30 18:17:22 | 000,007,600 | ---- | C] () -- C:\Users\shiddi\AppData\Local\resmon.resmoncfg
[2011.09.30 17:55:56 | 000,013,056 | ---- | C] () -- C:\Windows\SysWow64\CNC1749D.TBL
[2011.09.30 17:55:56 | 000,013,056 | ---- | C] () -- C:\Windows\SysNative\CNC1749D.TBL
[2011.09.30 17:48:52 | 000,002,585 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2011.09.30 17:48:52 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMon.lnk
[2011.09.30 17:46:25 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.09.30 17:46:25 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.09.30 17:46:24 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.09.30 17:46:23 | 000,000,273 | ---- | C] () -- C:\Windows\game.ini
[2011.09.30 17:33:11 | 406,888,288 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.09.30 17:12:23 | 000,000,517 | ---- | C] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2011.09.30 17:11:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzSynapse_01007.Wdf
[2011.09.30 17:07:30 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2644519557-559773896-1197014076-1000UA.job
[2011.09.30 17:07:29 | 000,001,072 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2644519557-559773896-1197014076-1000Core.job
[2011.09.30 17:04:48 | 000,001,182 | ---- | C] () -- C:\Users\Public\Desktop\ControlCenter.lnk
[2011.09.30 17:04:37 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2011.09.30 17:00:26 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011.09.30 16:51:55 | 000,001,849 | ---- | C] () -- C:\Windows\SysNative\ATKDispLowFilter.inf
[2011.09.30 16:51:54 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.09.30 16:51:54 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.09.30 16:51:54 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asrussian.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\askorean.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asjapan.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asgerman.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asfrench.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aseng.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ASCHT.dll
[2011.09.30 16:51:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aschs.dll
[2011.09.30 16:51:54 | 000,010,766 | ---- | C] () -- C:\Windows\SysNative\asusgsb.cat
[2011.09.30 16:51:54 | 000,010,733 | ---- | C] () -- C:\Windows\SysNative\ATKDispLowFilter.cat
[2011.09.30 16:51:54 | 000,002,963 | ---- | C] () -- C:\Windows\SysWow64\xvid.inf
[2011.09.30 16:51:54 | 000,002,109 | ---- | C] () -- C:\Windows\SysNative\asusgsb.inf
[2011.09.30 16:51:15 | 000,000,514 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2011.09.30 16:49:16 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011.09.30 16:43:32 | 000,001,405 | ---- | C] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.09.30 16:43:28 | 000,001,439 | ---- | C] () -- C:\Users\shiddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.09.30 16:41:11 | 000,171,136 | RHS- | C] () -- C:\w7ldr
[2011.08.03 03:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2009.07.27 11:13:28 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\ASDR.exe
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011.10.04 17:13:01 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\Canon
[2011.09.30 18:18:49 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\CD-LabelPrint
[2011.09.30 18:18:49 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\DisplayFusion
[2011.10.17 17:28:53 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\HLSW
[2011.10.15 17:33:08 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\HTC
[2011.10.15 17:33:28 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011.09.30 17:17:52 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\Leadertech
[2011.09.30 23:05:38 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\Notepad++
[2011.09.30 19:03:45 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\Origin
[2011.10.16 16:09:38 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\QuickScan
[2011.09.30 18:18:50 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\redsn0w
[2011.09.30 18:18:50 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\Software Informer
[2011.10.05 16:53:03 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\TrueCrypt
[2011.09.30 18:18:51 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\TS3Client
[2011.09.30 18:17:06 | 000,000,000 | ---D | M] -- C:\Users\shiddi\AppData\Roaming\ts3overlay
[2009.07.14 07:08:49 | 000,011,466 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.09.30 16:43:13 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.09.30 23:33:33 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.10.17 17:27:25 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.09.30 16:40:40 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.09.30 16:59:36 | 000,000,000 | ---D | M] -- C:\Intel
[2011.10.01 17:37:45 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.10.17 17:21:13 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.10.17 17:21:44 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.10.17 16:25:21 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.09.30 16:40:40 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.09.30 16:40:40 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.10.17 17:44:00 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.10.02 12:23:07 | 000,000,000 | R--D | M] -- C:\Users
[2011.10.17 17:21:44 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.manifest /3 >
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: REGEDIT.EXE >
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >
--- --- ---
Hoff das hilft dir/uns weiter |
