surfen ja, stream nein. - quali viel zu schlecht.
das surfen ein fehler ist , war mir nicht klar. vorallem da der letzte scan nichts gefunden hatte.
gut, das das nutzen des pcs überhaupt solange ich nicht sicher weiß das er sauber ist, wohlmöglich keine gute idee ist, war mir klar. insofern selbst schuld.
welchen ordner soll ich auf den usb stick ziehen?
ausserdem spuckt er mir nur ein log aus - otl.txt Code:
OTL logfile created on: 3/20/2012 1:29:22 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = H: | %SystemRoot% = H:\Windows | %ProgramFiles% = H:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.82 Mb Free Space | 75.83% Space Free | Partition Type: NTFS
Drive D: | 12.74 Gb Total Space | 4.27 Gb Free Space | 33.48% Space Free | Partition Type: NTFS
Drive E: | 37.57 Gb Total Space | 7.97 Gb Free Space | 21.21% Space Free | Partition Type: NTFS
Drive F: | 37.58 Gb Total Space | 18.09 Gb Free Space | 48.12% Space Free | Partition Type: NTFS
Drive G: | 23.86 Gb Total Space | 21.11 Gb Free Space | 88.48% Space Free | Partition Type: NTFS
Drive H: | 97.56 Gb Total Space | 59.28 Gb Free Space | 60.76% Space Free | Partition Type: NTFS
Drive I: | 833.86 Gb Total Space | 171.91 Gb Free Space | 20.62% Space Free | Partition Type: NTFS
Drive J: | 326.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 636.81 Mb Total Space | 452.78 Mb Free Space | 71.10% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/01/13 10:04:10 | 000,202,752 | ---- | M] (AMD) [Auto] -- H:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/02/24 14:29:27 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand] -- H:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/01/31 03:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- H:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/01/31 03:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- H:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/01/13 09:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto] -- H:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- H:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/25 03:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand] -- H:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- H:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/01/31 03:56:33 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System] -- H:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/01/31 03:56:33 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto] -- H:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/12/10 10:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- H:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/09/16 11:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- H:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2010/11/27 21:17:58 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled] -- H:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/02/01 09:20:24 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand] -- H:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/01/13 10:26:02 | 006,327,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- H:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/01/13 10:26:02 | 006,327,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- H:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/01/13 09:10:58 | 000,185,344 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- H:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/12/24 04:31:07 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- H:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/11/16 08:32:24 | 000,631,360 | ---- | M] (DiBcom SA) [Kernel | On_Demand] -- H:\Windows\System32\drivers\Mod7700.sys -- (mod7700)
DRV:64bit: - [2009/10/19 08:45:54 | 000,039,480 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- H:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/15 23:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand] -- H:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- H:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- H:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- H:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/05/04 21:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- H:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/02/20 13:09:18 | 000,054,272 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand] -- H:\Windows\System32\drivers\GigasetGenericUSB_x64.sys -- (GigasetGenericUSB_x64)
DRV:64bit: - [2008/12/11 00:56:54 | 000,015,488 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand] -- H:\Windows\System32\drivers\Kone.sys -- (KoneFltr)
DRV:64bit: - [2007/10/05 05:17:56 | 000,177,664 | ---- | M] (Saitek) [Kernel | On_Demand] -- H:\Windows\System32\drivers\SaiH80C1.sys -- (SaiH80C1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ehrlich_ON_H\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Ehrlich_ON_H\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A4 A1 AE F8 B2 43 CB 01 [binary data]
IE - HKU\Ehrlich_ON_H\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:4.5.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\Windows\System32\Macromed\Flash\NPSWF64_11_1_102.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: H:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: H:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.11: H:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: H:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/16 17:12:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/16 17:12:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: F:\save installs\components
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: F:\save installs\plugins
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: D:\Neuer Ordner\components
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: D:\Neuer Ordner\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: D:\Neuer Ordner\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: D:\Neuer Ordner\plugins
[2010/08/25 12:09:34 | 000,000,000 | ---D | M] (No name found) -- H:\Users\Ehrlich\AppData\Roaming\Mozilla\Extensions
[2010/08/25 12:09:34 | 000,000,000 | ---D | M] (No name found) -- H:\Users\Ehrlich\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/12/06 18:27:48 | 000,000,000 | ---D | M] (No name found) -- H:\Users\Ehrlich\AppData\Roaming\Mozilla\Firefox\Profiles\htwgg1k9.default\extensions
[2011/09/18 14:50:28 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- H:\Users\Ehrlich\AppData\Roaming\Mozilla\Firefox\Profiles\htwgg1k9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/09/29 11:28:44 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- H:\Users\Ehrlich\AppData\Roaming\Mozilla\Firefox\Profiles\htwgg1k9.default\extensions\2020Player@2020Technologies.com
[2011/11/01 07:20:10 | 000,000,000 | ---D | M] (No name found) -- H:\Program Files (x86)\Mozilla Firefox\extensions
[2010/08/26 11:14:10 | 000,000,000 | ---D | M] (Java Console) -- H:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/24 16:10:50 | 000,000,000 | ---D | M] (Java Console) -- H:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/08 15:54:02 | 000,000,000 | ---D | M] (Java Console) -- H:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/23 11:04:58 | 000,000,000 | ---D | M] (Java Console) -- H:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/06 08:36:27 | 000,000,000 | ---D | M] (Java Console) -- H:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/08/05 14:47:06 | 000,000,000 | ---D | M] (Java Console) -- H:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/11/01 07:20:10 | 000,000,000 | ---D | M] (Java Console) -- H:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/10/03 00:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/11/17 16:33:04 | 000,001,392 | ---- | M] () -- H:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/11/17 16:33:04 | 000,002,344 | ---- | M] () -- H:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/11/17 16:33:04 | 000,006,805 | ---- | M] () -- H:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/17 16:33:04 | 000,001,178 | ---- | M] () -- H:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/11/17 16:33:04 | 000,001,105 | ---- | M] () -- H:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012/03/16 15:37:32 | 000,000,027 | ---- | M]) - H:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - H:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O4:64bit: - HKLM..\Run: [RtHDVCpl] H:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [amd_dc_opt] H:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] H:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BrStsMon00] H:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [gema.] H:\ProgramData\gema\gema.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] H:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] H:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan] H:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [RoccatKone+] H:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
O4 - HKLM..\Run: [StartCCC] H:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\Ehrlich_ON_H..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] H:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\Ehrlich_ON_H..\Run: [gema] H:\Users\Ehrlich\AppData\Roaming\gema\gema.exe ()
O4 - HKU\Ehrlich_ON_H..\Run: [Remote Control Editor] H:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe (Elgato Systems)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Ehrlich_ON_H\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Ehrlich_ON_H\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_H\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_H\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\systemprofile_ON_H\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - H:\Users\Ehrlich\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - H:\Users\Ehrlich\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - H:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - H:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\ProgramData\gema\gema.exe) - H:\ProgramData\gema\gema.exe ()
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\Ehrlich_ON_H Winlogon: Shell - (C:\Users\Ehrlich\AppData\Roaming\gema\gema.exe) - H:\Users\Ehrlich\AppData\Roaming\gema\gema.exe ()
O20 - HKU\Ehrlich_ON_H Winlogon: Shell - (Explorer.exe) - H:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/09 04:07:02 | 000,000,204 | R--- | M] () - J:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/03/17 21:02:09 | 000,000,000 | ---D | C] -- H:\Users\Ehrlich\AppData\Roaming\gema
[2012/03/17 21:02:09 | 000,000,000 | ---D | C] -- H:\ProgramData\gema
[2012/03/17 14:38:19 | 000,000,000 | ---D | C] -- H:\Users\Ehrlich\AppData\Roaming\Malwarebytes
[2012/03/17 14:38:12 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/17 14:38:12 | 000,000,000 | ---D | C] -- H:\ProgramData\Malwarebytes
[2012/03/17 14:38:11 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- H:\Windows\System32\drivers\mbam.sys
[2012/03/17 14:38:11 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/03/17 14:37:33 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- H:\Users\Ehrlich\Desktop\mbam-setup-1.60.1.1000.exe
[2012/03/17 11:35:30 | 000,000,000 | ---D | C] -- H:\Users\Ehrlich\AppData\Roaming\Avira
[2012/03/17 10:30:12 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/03/17 10:29:51 | 000,132,320 | ---- | C] (Avira GmbH) -- H:\Windows\System32\drivers\avipbb.sys
[2012/03/17 10:29:51 | 000,097,312 | ---- | C] (Avira GmbH) -- H:\Windows\System32\drivers\avgntflt.sys
[2012/03/17 10:29:51 | 000,027,760 | ---- | C] (Avira GmbH) -- H:\Windows\System32\drivers\avkmgr.sys
[2012/03/17 10:29:42 | 000,000,000 | ---D | C] -- H:\ProgramData\Avira
[2012/03/17 10:29:42 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Avira
[2012/03/16 15:41:08 | 000,000,000 | ---D | C] -- H:\Windows\temp
[2012/03/16 15:37:38 | 000,000,000 | -HSD | C] -- H:\$RECYCLE.BIN
[2012/03/16 15:30:47 | 000,518,144 | ---- | C] (SteelWerX) -- H:\Windows\SWREG.exe
[2012/03/16 15:30:47 | 000,406,528 | ---- | C] (SteelWerX) -- H:\Windows\SWSC.exe
[2012/03/16 15:30:47 | 000,060,416 | ---- | C] (NirSoft) -- H:\Windows\NIRCMD.exe
[2012/03/16 15:30:43 | 000,000,000 | ---D | C] -- H:\Windows\ERDNT
[2012/03/16 15:30:41 | 000,000,000 | ---D | C] -- H:\Qoobox
[2012/03/16 15:24:33 | 004,438,270 | R--- | C] (Swearware) -- H:\Users\Ehrlich\Desktop\ComboFix.exe
[2012/03/15 15:52:17 | 000,000,000 | ---D | C] -- H:\_OTL
[2012/03/15 14:42:12 | 000,594,432 | ---- | C] (OldTimer Tools) -- H:\Users\Ehrlich\Desktop\OTL.exe
[2012/03/15 13:27:58 | 000,607,260 | R--- | C] (Swearware) -- H:\Users\Ehrlich\Desktop\dds.com
[2012/03/03 12:58:20 | 000,000,000 | R--D | C] -- H:\Users\Ehrlich\AppData\Roaming\Brother
[2012/03/03 12:56:46 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2012/03/03 12:52:05 | 000,000,000 | ---D | C] -- H:\Brother
[2012/03/03 12:51:59 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Browny02
[2012/03/03 12:51:57 | 000,103,736 | ---- | C] (Brother Industries Ltd) -- H:\Windows\SysWow64\BRRBTOOL.EXE
[2012/03/03 12:51:57 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- H:\Windows\SysWow64\BRLMW03A.DLL
[2012/03/03 12:51:57 | 000,025,299 | ---- | C] (Brother Industries, Ltd) -- H:\Windows\SysWow64\BRLM03A.DLL
[2012/03/03 12:51:56 | 000,217,088 | ---- | C] (brother) -- H:\Windows\SysWow64\NSSearch.dll
[2012/03/03 12:51:56 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- H:\Windows\SysWow64\BrDctF2.dll
[2012/03/03 12:51:56 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- H:\Windows\SysWow64\BrDctF2L.dll
[2012/03/03 12:51:56 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- H:\Windows\SysWow64\BrDctF2S.dll
[2012/03/03 12:51:56 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\Brother
[2012/03/03 12:51:55 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- H:\Windows\SysWow64\BroSNMP.dll
[2012/03/03 12:51:32 | 000,000,000 | ---D | C] -- H:\ProgramData\Brother
[2012/03/03 12:51:31 | 000,000,000 | ---D | C] -- H:\Users\Ehrlich\AppData\Roaming\InstallShield
[2012/02/26 12:00:35 | 000,000,000 | ---D | C] -- H:\Users\Ehrlich\Desktop\bilder flyer
[2012/02/26 10:23:39 | 000,000,000 | ---D | C] -- H:\Users\Ehrlich\AppData\Roaming\gtk-2.0
[2012/02/26 09:58:20 | 000,000,000 | ---D | C] -- H:\Users\Ehrlich\Documents\gegl-0.0
[2012/02/26 09:58:16 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2012/02/26 09:58:00 | 000,000,000 | ---D | C] -- H:\Program Files (x86)\GIMP-2.0
[2012/02/22 11:54:51 | 000,000,000 | ---D | C] -- H:\Users\Ehrlich\Desktop\Neuer Ordner
[2004/11/24 15:25:52 | 000,335,872 | ---- | C] ( ) -- H:\Windows\SysWow64\drvc.dll
========== Files - Modified Within 30 Days ==========
[2012/03/19 15:39:48 | 000,067,584 | --S- | M] () -- H:\Windows\bootstat.dat
[2012/03/19 15:38:46 | 3218,989,056 | -HS- | M] () -- H:\hiberfil.sys
[2012/03/17 21:02:08 | 000,249,929 | ---- | M] () -- H:\Windows\System32\gema.exe
[2012/03/17 14:38:12 | 000,001,109 | ---- | M] () -- H:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/17 14:38:12 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/17 14:37:43 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- H:\Users\Ehrlich\Desktop\mbam-setup-1.60.1.1000.exe
[2012/03/17 10:34:00 | 000,014,784 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/17 10:34:00 | 000,014,784 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/17 10:31:12 | 000,653,928 | ---- | M] () -- H:\Windows\System32\perfh007.dat
[2012/03/17 10:31:12 | 000,615,810 | ---- | M] () -- H:\Windows\System32\perfh009.dat
[2012/03/17 10:31:12 | 000,129,800 | ---- | M] () -- H:\Windows\System32\perfc007.dat
[2012/03/17 10:31:12 | 000,106,190 | ---- | M] () -- H:\Windows\System32\perfc009.dat
[2012/03/17 10:30:12 | 000,001,994 | ---- | M] () -- H:\Users\Public\Desktop\Avira Control Center.lnk
[2012/03/17 10:30:12 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/03/16 17:44:32 | 087,227,952 | ---- | M] () -- H:\Users\Ehrlich\Desktop\avira_free_antivirus_de.exe
[2012/03/16 15:37:32 | 000,000,027 | ---- | M] () -- H:\Windows\System32\drivers\etc\hosts
[2012/03/16 15:24:47 | 004,438,270 | R--- | M] (Swearware) -- H:\Users\Ehrlich\Desktop\ComboFix.exe
[2012/03/15 14:42:12 | 000,594,432 | ---- | M] (OldTimer Tools) -- H:\Users\Ehrlich\Desktop\OTL.exe
[2012/03/15 13:27:58 | 000,607,260 | R--- | M] (Swearware) -- H:\Users\Ehrlich\Desktop\dds.com
[2012/03/15 13:26:28 | 000,050,477 | ---- | M] () -- H:\Users\Ehrlich\Desktop\Defogger.exe
[2012/03/06 13:14:53 | 000,000,333 | ---- | M] () -- H:\Windows\BRCALIB.INI
[2012/03/03 12:56:46 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2012/02/26 12:28:44 | 000,031,744 | ---- | M] () -- H:\Users\Ehrlich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/26 09:58:16 | 000,001,095 | ---- | M] () -- H:\Users\Public\Desktop\GIMP 2.lnk
[2012/02/26 09:58:16 | 000,000,000 | ---D | M] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
========== Files Created - No Company Name ==========
[2012/03/18 06:41:52 | 000,249,929 | ---- | C] () -- H:\Windows\System32\gema.exe
[2012/03/17 14:38:12 | 000,001,109 | ---- | C] () -- H:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/17 10:30:12 | 000,001,994 | ---- | C] () -- H:\Users\Public\Desktop\Avira Control Center.lnk
[2012/03/16 17:12:48 | 087,227,952 | ---- | C] () -- H:\Users\Ehrlich\Desktop\avira_free_antivirus_de.exe
[2012/03/16 15:30:47 | 000,256,000 | ---- | C] () -- H:\Windows\PEV.exe
[2012/03/16 15:30:47 | 000,208,896 | ---- | C] () -- H:\Windows\MBR.exe
[2012/03/16 15:30:47 | 000,098,816 | ---- | C] () -- H:\Windows\sed.exe
[2012/03/16 15:30:47 | 000,080,412 | ---- | C] () -- H:\Windows\grep.exe
[2012/03/16 15:30:47 | 000,068,096 | ---- | C] () -- H:\Windows\zip.exe
[2012/03/15 13:26:28 | 000,050,477 | ---- | C] () -- H:\Users\Ehrlich\Desktop\Defogger.exe
[2012/03/03 12:56:35 | 000,000,333 | ---- | C] () -- H:\Windows\BRCALIB.INI
[2012/03/03 12:51:57 | 000,045,056 | ---- | C] () -- H:\Windows\SysWow64\BRTCPCON.DLL
[2012/03/03 12:51:57 | 000,000,114 | ---- | C] () -- H:\Windows\SysWow64\BRLMW03A.INI
[2012/03/03 12:51:57 | 000,000,050 | ---- | C] () -- H:\Windows\System32\BRADC10A.DAT
[2012/02/26 09:58:16 | 000,001,095 | ---- | C] () -- H:\Users\Public\Desktop\GIMP 2.lnk
[2011/12/22 17:01:22 | 000,000,288 | ---- | C] () -- H:\Users\Ehrlich\AppData\Roaming\.backup.dm
[2011/10/29 13:02:04 | 000,000,026 | ---- | C] () -- H:\Windows\Irremote.ini
[2010/08/31 17:05:24 | 000,031,744 | ---- | C] () -- H:\Users\Ehrlich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/24 16:16:59 | 000,001,035 | ---- | C] () -- H:\Windows\SysWow64\atipblag.dat
[2010/08/24 16:13:36 | 000,044,672 | ---- | C] () -- H:\Windows\Ascd_log.ini
[2010/08/24 16:12:33 | 000,001,769 | ---- | C] () -- H:\Windows\Language_trs.ini
[2010/08/24 16:12:28 | 000,030,354 | ---- | C] () -- H:\Windows\Ascd_tmp.ini
[2010/08/24 15:29:55 | 000,000,000 | ---- | C] () -- H:\Windows\ativpsrm.bin
[2010/08/24 10:23:55 | 000,024,576 | R--- | C] () -- H:\Windows\SysWow64\AsIO.dll
[2010/08/24 10:23:55 | 000,013,440 | R--- | C] () -- H:\Windows\SysWow64\drivers\AsIO.sys
[2010/08/24 10:23:52 | 000,011,832 | ---- | C] () -- H:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010/08/24 10:23:52 | 000,010,216 | ---- | C] () -- H:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010/04/02 11:17:34 | 000,179,091 | ---- | C] () -- H:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- H:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- H:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- H:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- H:\Windows\mib.bin
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- H:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- H:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- H:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- H:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- H:\Windows\SysWow64\mlang.dat
[2009/04/02 08:30:14 | 000,010,296 | ---- | C] () -- H:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009/03/30 02:32:40 | 000,032,768 | R--- | C] () -- H:\Windows\DAODx.exe
[2008/12/19 11:15:58 | 004,338,246 | ---- | C] () -- H:\Windows\SysWow64\libavcodec.dll
[2008/12/17 13:41:18 | 000,884,237 | ---- | C] () -- H:\Windows\SysWow64\ff_x264.dll
[2008/12/17 13:22:58 | 000,093,184 | ---- | C] () -- H:\Windows\SysWow64\ff_wmv9.dll
[2008/12/17 13:22:48 | 000,057,344 | ---- | C] () -- H:\Windows\SysWow64\ff_vfw.dll
[2008/12/17 13:17:34 | 000,239,247 | ---- | C] () -- H:\Windows\SysWow64\ff_theora.dll
[2008/12/17 12:59:54 | 000,560,802 | ---- | C] () -- H:\Windows\SysWow64\libmplayer.dll
[2006/11/02 12:10:16 | 000,080,912 | ---- | C] () -- H:\Windows\SysWow64\sherlock2.exe
[2004/10/03 13:50:54 | 000,129,024 | ---- | C] () -- H:\Windows\SysWow64\ff_mpeg2enc.dll
[2002/03/21 07:51:52 | 000,503,808 | R--- | C] () -- H:\Windows\SysWow64\lt_xtrans.dll
[2002/03/21 07:51:52 | 000,286,720 | R--- | C] () -- H:\Windows\SysWow64\MrSIDD.dll
[2002/03/21 07:51:52 | 000,163,840 | R--- | C] () -- H:\Windows\SysWow64\lt_common.dll
[2002/03/21 07:51:52 | 000,126,976 | R--- | C] () -- H:\Windows\SysWow64\lt_trans.dll
[2002/03/21 07:51:52 | 000,069,632 | R--- | C] () -- H:\Windows\SysWow64\lt_meta.dll
[2002/03/21 07:51:52 | 000,053,248 | R--- | C] () -- H:\Windows\SysWow64\lt_encrypt.dll
[2002/03/21 07:51:52 | 000,020,480 | R--- | C] () -- H:\Windows\SysWow64\lt_messagetext.dll
[2002/03/20 16:01:06 | 000,006,688 | R--- | C] () -- H:\Windows\SysWow64\Digita.sys
[2002/03/20 16:00:20 | 000,049,152 | R--- | C] () -- H:\Windows\SysWow64\TransportUSB.dll
[2002/03/20 16:00:20 | 000,049,152 | R--- | C] () -- H:\Windows\SysWow64\TransportSerial.dll
[2002/03/20 16:00:20 | 000,049,152 | R--- | C] () -- H:\Windows\SysWow64\TransportIrDA.dll
[2002/03/20 16:00:20 | 000,049,152 | R--- | C] () -- H:\Windows\SysWow64\TransportIrCOMM.dll
========== LOP Check ==========
[2010/08/28 08:47:06 | 000,000,000 | ---D | M] -- H:\ProgramData\ACD Systems
[2010/08/24 15:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- H:\ProgramData\Application Data
[2011/01/19 14:14:48 | 000,000,000 | ---D | M] -- H:\ProgramData\Avery
[2010/11/27 21:17:07 | 000,000,000 | ---D | M] -- H:\ProgramData\DAEMON Tools Lite
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- H:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- H:\ProgramData\Documents
[2010/08/24 15:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Dokumente
[2010/08/24 15:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- H:\ProgramData\Favorites
[2012/03/17 21:02:09 | 000,000,000 | ---D | M] -- H:\ProgramData\gema
[2011/10/22 11:51:08 | 000,000,000 | ---D | M] -- H:\ProgramData\Gigaset QuickSync
[2010/08/24 15:22:14 | 000,000,000 | ---D | M] -- H:\ProgramData\PC Drivers HeadQuarters
[2011/08/14 06:56:17 | 000,000,000 | ---D | M] -- H:\ProgramData\ROCCAT
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- H:\ProgramData\Start Menu
[2010/08/24 15:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Startmenü
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- H:\ProgramData\Templates
[2012/02/07 12:36:24 | 000,000,000 | ---D | M] -- H:\ProgramData\TerraTec
[2010/08/24 15:53:55 | 000,000,000 | -HSD | M] -- H:\ProgramData\Vorlagen
[2011/12/15 13:17:28 | 000,032,632 | ---- | M] () -- H:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012/03/16 15:37:38 | 000,000,000 | -HSD | M] -- H:\$RECYCLE.BIN
[2012/03/03 12:52:05 | 000,000,000 | ---D | M] -- H:\Brother
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- H:\Documents and Settings
[2010/08/24 15:53:55 | 000,000,000 | -HSD | M] -- H:\Dokumente und Einstellungen
[2009/07/13 23:20:08 | 000,000,000 | ---D | M] -- H:\PerfLogs
[2011/12/07 15:05:34 | 000,000,000 | R--D | M] -- H:\Program Files
[2012/03/17 14:38:11 | 000,000,000 | R--D | M] -- H:\Program Files (x86)
[2012/03/17 21:02:09 | 000,000,000 | ---D | M] -- H:\ProgramData
[2010/08/24 15:53:55 | 000,000,000 | -HSD | M] -- H:\Programme
[2012/03/16 15:41:09 | 000,000,000 | ---D | M] -- H:\Qoobox
[2010/08/24 10:24:18 | 000,000,000 | ---D | M] -- H:\RaidTool
[2010/08/24 15:53:55 | 000,000,000 | ---D | M] -- H:\Recovery
[2012/03/16 15:31:03 | 000,000,000 | -HSD | M] -- H:\System Volume Information
[2010/08/24 15:53:59 | 000,000,000 | R--D | M] -- H:\Users
[2012/03/16 15:41:08 | 000,000,000 | ---D | M] -- H:\Windows
[2012/03/15 18:07:04 | 000,000,000 | ---D | M] -- H:\_OTL
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- H:\Windows\System32\drivers\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- H:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- H:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- H:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- H:\Windows\ERDNT\cache64\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- H:\Windows\System32\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- H:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- H:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- H:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- H:\Windows\ERDNT\cache86\cngaudit.dll
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- H:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- H:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- H:\Windows\ERDNT\cache64\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- H:\Windows\System32\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- H:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- H:\Windows\ERDNT\cache86\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- H:\Windows\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- H:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- H:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- H:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- H:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- H:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- H:\Windows\SysWOW64\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- H:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- H:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- H:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- H:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- H:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- H:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- H:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- H:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- H:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- H:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- H:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- H:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- H:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: IASTORV.SYS >
[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 02:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- H:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- H:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 02:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- H:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 02:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- H:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011/03/11 02:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- H:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 02:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- H:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- H:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- H:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- H:\Windows\ERDNT\cache64\netlogon.dll
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- H:\Windows\System32\netlogon.dll
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- H:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- H:\Windows\ERDNT\cache86\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- H:\Windows\SysWOW64\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- H:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- H:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- H:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 02:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- H:\Windows\System32\drivers\nvstor.sys
[2011/03/11 02:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- H:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011/03/11 02:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- H:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 02:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- H:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 02:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- H:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- H:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- H:\Windows\ERDNT\cache86\scecli.dll
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- H:\Windows\SysWOW64\scecli.dll
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- H:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- H:\Windows\ERDNT\cache64\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- H:\Windows\System32\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- H:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- H:\Windows\ERDNT\cache64\user32.dll
[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- H:\Windows\System32\user32.dll
[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- H:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- H:\Windows\ERDNT\cache86\user32.dll
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- H:\Windows\SysWOW64\user32.dll
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- H:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- H:\Windows\ERDNT\cache86\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- H:\Windows\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- H:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- H:\Windows\ERDNT\cache64\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- H:\Windows\System32\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- H:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- H:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- H:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/01/13 09:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- H:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- H:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- H:\Windows\ERDNT\cache64\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- H:\Windows\System32\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- H:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- H:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- H:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
Invalid Environment Variable: %USERPROFILE%\*.*
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
< End of report >
|
OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.