Code:
OTL logfile created on: 27.02.2012 10:57:40 - Run 3
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\bodbeli\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,79 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 67,45% Memory free
7,59 Gb Paging File | 6,14 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 61,77 Gb Free Space | 53,05% Space Free | Partition Type: NTFS
Drive D: | 332,72 Gb Total Space | 199,31 Gb Free Space | 59,90% Space Free | Partition Type: NTFS
Computer Name: BODBELI-PC | User Name: bodbeli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\bodbeli\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe ()
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (HPSIService) -- C:\Windows\SysNative\HPSIsvc.exe (HP)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (acsock) -- C:\Windows\SysNative\drivers\acsock64.sys (Cisco Systems, Inc.)
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (AsDsm) -- C:\Windows\SysNative\drivers\AsDsm.sys (ASUSTek Computer Inc)
DRV:64bit: - (mvusbews) -- C:\Windows\SysNative\drivers\mvusbews.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (JME) JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits) -- C:\Windows\SysNative\drivers\JME.sys (JMicron Technology Corp.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (lullaby) -- C:\Windows\SysNative\drivers\lullaby.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2630102896-260595033-1478422663-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2630102896-260595033-1478422663-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKU\S-1-5-21-2630102896-260595033-1478422663-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.vwl.uni-muenchen.de/
IE - HKU\S-1-5-21-2630102896-260595033-1478422663-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.vwl.uni-muenchen.de/"
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.19 09:21:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.08.06 12:59:53 | 000,000,000 | ---D | M]
[2011.06.15 22:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bodbeli\AppData\Roaming\mozilla\Extensions
[2011.11.09 00:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.10.16 11:00:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.02.19 09:21:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.08.06 12:59:43 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.19 09:21:43 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.19 09:21:43 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.19 09:21:43 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.19 09:21:43 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.19 09:21:43 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.19 09:21:43 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.12.31 10:00:38 | 000,000,897 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 129.187.254.163 asa03.lrz.de
O1 - Hosts: 129.187.254.28 asa-cluster.lrz.de
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2630102896-260595033-1478422663-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2630102896-260595033-1478422663-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2630102896-260595033-1478422663-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.156.33.53 129.187.5.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F1D260C-B51B-4C2D-934A-B37B3E419DC1}: DhcpNameServer = 10.156.33.53 129.187.5.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6ABD17F0-6A14-4A65-AA1E-EFFED453A618}: NameServer = 10.149.184.2,10.156.33.53
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE466911-B24A-4BA2-A870-6581B376AD81}: Domain = uni-muenchen.de
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE466911-B24A-4BA2-A870-6581B376AD81}: NameServer = 10.156.33.53,129.187.5.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8aedd25e-8ada-11e0-a679-485b39736daa}\Shell - "" = AutoRun
O33 - MountPoints2\{8aedd25e-8ada-11e0-a679-485b39736daa}\Shell\AutoRun\command - "" = F:\SISetup.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\SISetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe - ()
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: ADSMTray - hkey= - key= - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
MsConfig:64bit - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
MsConfig:64bit - StartUpReg: Cisco AnyConnect Secure Mobility Agent for Windows - hkey= - key= - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
MsConfig:64bit - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig:64bit - StartUpReg: FreePDF Assistant - hkey= - key= - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.02.26 16:14:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.02.26 16:12:33 | 002,322,184 | ---- | C] (ESET) -- C:\Users\bodbeli\Desktop\esetsmartinstaller_enu.exe
[2012.02.26 14:11:09 | 000,000,000 | ---D | C] -- C:\Users\bodbeli\AppData\Roaming\Malwarebytes
[2012.02.26 14:11:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.26 14:11:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.26 14:11:05 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.02.26 14:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.26 14:04:56 | 000,000,000 | ---D | C] -- C:\Users\bodbeli\AppData\Local\ElevatedDiagnostics
[2012.02.26 14:03:22 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\bodbeli\Desktop\mbam-setup-1.60.1.1000.exe
[2012.02.24 17:42:43 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\bodbeli\Desktop\OTL.exe
[2012.02.24 17:41:13 | 033,205,152 | ---- | C] (TuneUp Software) -- C:\Users\bodbeli\Desktop\TuneUpUtilities2012_de-DE.exe
[2012.02.16 12:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2012.02.16 12:47:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2012.02.16 12:47:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2012.02.16 12:43:06 | 000,000,000 | ---D | C] -- C:\Users\bodbeli\Documents\Visual Studio 2008
[2012.02.16 12:42:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual C++ 9.0 Express Edition
[2012.02.16 12:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2012.02.16 12:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2012.02.16 12:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2012.02.16 12:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2008
[2012.02.16 12:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2012.02.16 11:56:59 | 000,000,000 | ---D | C] -- C:\Users\bodbeli\AppData\Roaming\Systweak
[2012.02.16 11:56:57 | 000,018,816 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2012.02.16 11:56:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2012.02.16 11:56:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegClean Pro
[2012.02.15 17:09:28 | 000,000,000 | ---D | C] -- C:\Users\bodbeli\AppData\Roaming\Kyq
[2012.02.15 17:09:28 | 000,000,000 | ---D | C] -- C:\Users\bodbeli\AppData\Roaming\Coreyc
[2012.02.15 16:03:47 | 000,000,000 | ---D | C] -- C:\Users\bodbeli\Desktop\Latex Matlab Code
[2012.02.14 18:40:44 | 000,000,000 | ---D | C] -- C:\Users\bodbeli\Desktop\Markov_Switching
========== Files - Modified Within 30 Days ==========
[2012.02.27 10:10:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.27 10:02:06 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.27 10:02:06 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.27 09:54:43 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012.02.27 09:54:35 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.27 09:54:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.27 09:54:07 | 3054,882,816 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.26 18:45:44 | 000,712,000 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.26 18:45:44 | 000,663,580 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.26 18:45:44 | 000,124,894 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.26 18:45:43 | 001,648,954 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.26 18:45:43 | 000,154,516 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.26 18:41:08 | 000,002,198 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.02.26 16:12:33 | 002,322,184 | ---- | M] (ESET) -- C:\Users\bodbeli\Desktop\esetsmartinstaller_enu.exe
[2012.02.26 16:01:19 | 000,001,257 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.02.26 14:11:06 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.26 14:03:24 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\bodbeli\Desktop\mbam-setup-1.60.1.1000.exe
[2012.02.26 14:02:14 | 000,013,016 | ---- | M] () -- C:\Users\bodbeli\Desktop\get-mirror-server.html
[2012.02.24 17:42:45 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\bodbeli\Desktop\OTL.exe
[2012.02.24 17:41:33 | 033,205,152 | ---- | M] (TuneUp Software) -- C:\Users\bodbeli\Desktop\TuneUpUtilities2012_de-DE.exe
[2012.02.20 21:07:15 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\RegClean Pro.job
[2012.02.19 15:01:12 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012.02.19 10:05:44 | 001,527,276 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.16 13:04:23 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012.02.16 13:03:28 | 000,002,228 | ---- | M] () -- C:\Windows\SysNative\ASOROSet.bin
[2012.02.16 12:53:03 | 000,001,052 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2012.02.15 21:45:24 | 000,458,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.09 12:00:22 | 000,018,816 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
========== Files Created - No Company Name ==========
[2012.02.26 14:11:06 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.26 14:02:12 | 000,013,016 | ---- | C] () -- C:\Users\bodbeli\Desktop\get-mirror-server.html
[2012.02.16 18:05:50 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\RegClean Pro.job
[2012.02.16 12:58:58 | 000,002,228 | ---- | C] () -- C:\Windows\SysNative\ASOROSet.bin
[2012.02.16 12:50:14 | 001,527,276 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.16 11:57:04 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012.02.16 11:57:04 | 000,000,280 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012.02.16 11:56:56 | 000,001,052 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2011.05.12 09:01:16 | 000,000,000 | ---- | C] () -- C:\Users\bodbeli\AppData\Local\{8EC6D0F3-324B-48EA-8FFF-89D33E2DDCD5}
[2011.05.11 20:05:29 | 000,000,000 | ---- | C] () -- C:\Users\bodbeli\AppData\Local\{65715203-8541-4D94-9C3E-C4C32E0E911A}
[2011.05.11 19:57:38 | 000,000,000 | ---- | C] () -- C:\Users\bodbeli\AppData\Local\{97CEF38C-553E-4A27-A617-69F86EA2ECD1}
[2011.03.07 18:38:57 | 000,000,337 | ---- | C] () -- C:\Users\bodbeli\AppData\Local\Perfmon.PerfmonCfg
[2011.02.05 17:28:16 | 000,038,049 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2010.11.19 22:32:29 | 000,006,656 | ---- | C] () -- C:\Windows\SysWow64\CNMVS58.DLL
[2010.11.18 23:29:40 | 000,000,772 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.10.30 08:48:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.08.25 19:34:30 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.08.25 19:34:30 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.08.25 19:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.05.11 10:29:24 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010.05.11 10:04:28 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
========== LOP Check ==========
[2010.10.29 17:08:10 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Asus WebStorage
[2012.02.24 09:54:19 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Coreyc
[2011.10.05 11:24:07 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\FreePDF
[2012.02.15 17:11:03 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Kyq
[2011.02.05 17:33:00 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\QuickScan
[2012.02.16 11:56:59 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Systweak
[2012.02.20 21:07:15 | 000,000,272 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro.job
[2012.02.19 15:01:12 | 000,000,280 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job
[2012.02.16 13:04:23 | 000,000,288 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_UPDATES.job
[2012.02.27 08:08:47 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.05.18 19:30:15 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Adobe
[2010.10.29 17:08:10 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Asus WebStorage
[2012.02.24 09:54:19 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Coreyc
[2011.10.05 11:24:07 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\FreePDF
[2010.10.29 16:52:30 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Identities
[2012.02.15 17:11:03 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Kyq
[2010.10.29 17:18:00 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Macromedia
[2012.02.26 14:11:09 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Malwarebytes
[2010.10.30 12:38:49 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\MathWorks
[2009.07.14 08:44:38 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Media Center Programs
[2012.02.26 15:56:49 | 000,000,000 | --SD | M] -- C:\Users\bodbeli\AppData\Roaming\Microsoft
[2011.06.15 14:35:28 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\MiKTeX
[2011.06.15 22:54:24 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Mozilla
[2011.02.05 17:33:00 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\QuickScan
[2012.02.27 08:34:57 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Skype
[2011.07.27 12:05:16 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\skypePM
[2012.02.16 11:56:59 | 000,000,000 | ---D | M] -- C:\Users\bodbeli\AppData\Roaming\Systweak
< %APPDATA%\*.exe /s >
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\afm2afm.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\authorindex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\autoinst.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\bdftops.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\bib2xhtml.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\bibhtml.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\biokey2html.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\biokey2html1.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\biokey2html2.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\biokey2html3.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\birm.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\cmap2enc.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\config.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\csvtools.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\cyrename.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbcontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dblatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbmcontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbmlatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbmmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbmtex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbmtexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbmxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbmxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbtex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbtexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dbxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\dumphint.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\eps2eps.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\escontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\eslatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\esmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\estex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\estexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\esxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\esxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\feynmf.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\fig4latex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\findhyph.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\fixmswrd.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\fixwada2.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\font2afm.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\font2c.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\gsbj.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\gsdj.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\gsdj500.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\gslj.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\gslp.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\gsnd.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\gsndt.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\gssetgs.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\gst.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\gstt.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ht.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\htcontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\htlatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\htmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\httex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\httexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\htxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\htxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ibyhyph.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jh1context.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jh1latex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jh1mex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jh1tex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jh1texi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jh1xelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jh1xetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jhcontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jhlatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jhmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jhtex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jhtexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jhxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jhxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jmcontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jmlatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jmmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jmtex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jmtexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jmxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jmxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jscontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jslatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jsmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jstex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jstexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jsxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\jsxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\latexdiff-fast.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\latexdiff-so.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\latexdiff-vc.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\latexdiff.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\latexmk.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\latexrevise.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\lp386.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\lp386r2.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\lpgs.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\lpr2.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\makeglossaries.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\makeuniwada.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\merge.exe
[2009.09.23 15:47:53 | 001,234,432 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\miktex-taskbar-icon.exe
[2009.09.23 15:47:53 | 001,234,432 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\miktex-update.exe
[2009.09.23 15:47:53 | 001,234,944 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\miktex-update_admin.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\mk4ht.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\mkmlsmf.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\mkt1font.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\mm.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\mzcontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\mzlatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\mzmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\mztex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\mztexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\mzxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\mzxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\nts.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\oocontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\oolatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\oomex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ootex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ootexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ooxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ooxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\orderrefs.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ot2kpx.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pdf2dsc.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pdf2ps.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pdfatfi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pdfcrop.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pdfopt.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pedigree.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\perltex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pf2afm.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pfbtopfa.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pfm2kpx.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pftogsf.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\plind.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pn2pdf.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ps2ascii.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ps2epsi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ps2pdf.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ps2pdf12.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ps2pdf13.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ps2pdf14.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ps2pdfxx.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ps2ps.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ps2ps2.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\ps4pdf.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\pst2pdf.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\rcsinfo.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\showglyphs.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\splitindex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\svn-multi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teicontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teilatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teimcontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teimex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teimlatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teimmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teimtex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teimtexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teimxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teimxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teitex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teitexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teixelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\teixetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\texcount.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\texdiff.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\texdirflatten.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\texshow.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\thumbpdf.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\urlbst.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\uxhcontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\uxhlatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\uxhmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\uxhtex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\uxhtexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\uxhxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\uxhxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\vpl2ovp.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\vpl2vpl.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\wcontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\wlatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\wmakebat.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\wmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\wtex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\wtexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\wxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\wxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xdv2pdf_mergemarks.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhcontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhlatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhmcontext.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhmlatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhmmex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhmtex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhmtexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhmxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhmxetex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhtex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhtexi.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhxelatex.exe
[2010.04.17 21:20:34 | 000,022,528 | ---- | M] () -- C:\Users\bodbeli\AppData\Roaming\MiKTeX\2.8\miktex\bin\xhxetex.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2007.01.23 16:22:16 | 000,032,890 | ---- | M] () MD5=4FA5D1120762802A741F374F8B391E69 -- C:\Program Files\MATLAB\R2008a\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll
< MD5 for: IASTOR.SYS >
[2009.12.17 03:42:07 | 000,538,136 | ---- | M] (Intel Corporation) MD5=42E00996DFC13C46366689C0EA8ABC5E -- C:\eSupport\eDriver\Software\Others\Intel\IRST\Vista64_Win7_64_9.5.6.1001\iaStor.sys
[2009.12.17 03:42:07 | 000,538,136 | ---- | M] (Intel Corporation) MD5=42E00996DFC13C46366689C0EA8ABC5E -- C:\Windows\SysNative\drivers\iaStor.sys
[2009.12.17 03:42:07 | 000,538,136 | ---- | M] (Intel Corporation) MD5=42E00996DFC13C46366689C0EA8ABC5E -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_f26ae7769ab43067\iaStor.sys
[2009.12.17 03:25:25 | 000,433,176 | ---- | M] (Intel Corporation) MD5=8CDACD4AD63D49834C6B59DB102E7CD7 -- C:\eSupport\eDriver\Software\Others\Intel\IRST\Vista32_Win7_32_9.5.6.1001\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.05.11 10:17:39 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.05.11 10:17:39 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >
|
