So, anbei der Neue LOG, hat etwas gedauert, aber ist übers Wochenende nicht leicht einen PC zu bekommen. Was bisher nach dem FIX passiert ist:
1. Kein automatischer Neustart, aber konnte den PC nach ausschalten im abgesicherten Modus starten ohne dass der weisse Bildschirm erschienen ist.
2. Sobald ich abgesicherten Modus mit Netzwerktreibern oder den normalen Modus gestartet habe, war wieder der Gema-Virus da.OTL Logfile: Code:
OTL logfile created on: 4/17/2012 8:46:43 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 74.33 Mb Free Space | 74.33% Space Free | Partition Type: NTFS
Drive D: | 979.05 Mb Total Space | 942.13 Mb Free Space | 96.23% Space Free | Partition Type: FAT32
Drive E: | 119.14 Gb Total Space | 19.59 Gb Free Space | 16.44% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/12/03 06:00:54 | 000,114,024 | ---- | M] (Lenovo Group Limited) [Disabled] -- E:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2010/12/02 07:55:54 | 000,064,440 | ---- | M] (Lenovo Group Limited) [Disabled] -- E:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2010/11/24 11:34:24 | 000,045,496 | ---- | M] (Lenovo Group Limited) [Disabled] -- E:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2010/10/19 09:51:44 | 001,430,288 | ---- | M] (Intel(R) Corporation) [Disabled] -- E:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:64bit: - [2010/10/19 09:29:38 | 000,838,928 | ---- | M] (Intel(R) Corporation) [Disabled] -- E:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:64bit: - [2010/07/27 08:51:56 | 000,074,088 | ---- | M] (Lenovo Group Limited) [Disabled] -- E:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV:64bit: - [2010/07/27 08:51:42 | 000,050,536 | ---- | M] (Lenovo Group Limited) [Disabled] -- E:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV:64bit: - [2010/06/16 08:44:38 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand] -- E:\Windows\System32\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2010/04/07 08:37:38 | 000,093,032 | ---- | M] (Lenovo Group Limited) [Disabled] -- E:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2010/03/26 15:33:00 | 001,045,504 | ---- | M] ( ) [Disabled] -- E:\Windows\System32\lmabcoms.exe -- (lmab_device)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/02/28 20:16:46 | 000,158,856 | R--- | M] (Skype Technologies) [Disabled] -- E:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/21 10:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Disabled] -- E:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 12:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/10 13:48:07 | 000,075,136 | ---- | M] () [Auto] -- E:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/09/23 13:08:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled] -- E:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/09/23 13:01:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled] -- E:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/06 07:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Disabled] -- E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/21 07:21:24 | 000,632,832 | ---- | M] (Nokia) [Disabled] -- E:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/03/16 04:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [Disabled] -- E:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/18 12:09:02 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Disabled] -- E:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2010/09/17 12:50:54 | 000,259,432 | ---- | M] (Lenovo) [Disabled] -- E:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2010/09/17 12:50:48 | 000,124,264 | ---- | M] (Lenovo) [Disabled] -- E:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2010/08/24 21:30:00 | 000,164,200 | ---- | M] (Lenovo.) [Disabled] -- E:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE -- (DozeSvc)
SRV - [2010/08/24 21:30:00 | 000,075,112 | ---- | M] (Lenovo) [Disabled] -- E:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
SRV - [2010/05/03 07:54:36 | 002,533,400 | ---- | M] (Intel Corporation) [Disabled] -- E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/05/03 07:54:32 | 000,325,656 | ---- | M] (Intel Corporation) [Disabled] -- E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/04/24 06:46:20 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled] -- E:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/26 15:33:00 | 000,593,920 | ---- | M] ( ) [Disabled] -- E:\Windows\SysWow64\lmabcoms.exe -- (lmab_device)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 07:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled] -- E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/18 08:01:06 | 000,462,632 | ---- | M] (Nero AG) [Disabled] -- E:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2003/04/18 14:06:26 | 000,008,192 | ---- | M] () [Auto] -- E:\Windows\SysWOW64\srvany.exe -- (KMService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/02/17 08:17:08 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System] -- E:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/11/12 07:43:05 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2011/09/15 18:55:03 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto] -- E:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/09/15 18:55:03 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- E:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/07/26 08:58:18 | 000,572,336 | ---- | M] (Paragon) [Kernel | System] -- E:\Windows\System32\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2011/07/26 08:58:18 | 000,059,184 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System] -- E:\Windows\System32\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2011/07/26 08:58:16 | 000,352,816 | ---- | M] (Paragon) [Kernel | System] -- E:\Windows\System32\drivers\uim_vimx64.sys -- (Uim_VIM)
DRV:64bit: - [2011/05/10 02:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/01 09:44:53 | 000,314,016 | ---- | M] () [Kernel | Auto] -- E:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/03/01 09:44:53 | 000,043,680 | ---- | M] () [Kernel | Auto] -- E:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/02/28 13:16:45 | 000,513,080 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- E:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/01/13 06:21:28 | 000,166,656 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\5U877.sys -- (5U877)
DRV:64bit: - [2010/12/02 09:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2010/12/02 09:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010/12/02 09:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010/12/02 09:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010/11/28 16:23:16 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/20 06:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/10/17 21:21:32 | 008,153,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2010/10/14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/09/07 09:09:34 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System] -- E:\Windows\System32\drivers\smiifx64.sys -- (lenovo.smi)
DRV:64bit: - [2010/08/25 05:46:18 | 000,682,624 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/08/24 21:30:00 | 000,030,320 | ---- | M] (Lenovo.) [Kernel | Boot] -- E:\Windows\System32\drivers\DZHDD64.SYS -- (DzHDD64)
DRV:64bit: - [2010/08/24 21:30:00 | 000,013,104 | ---- | M] () [Kernel | System] -- E:\Windows\System32\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2010/07/22 04:39:10 | 000,295,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\e1k62x64.sys -- (e1kexpress) Intel(R)
DRV:64bit: - [2010/07/21 10:58:50 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010/06/16 08:44:38 | 000,136,816 | ---- | M] (Lenovo.) [Kernel | Boot] -- E:\Windows\System32\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2010/06/16 08:44:38 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot] -- E:\Windows\System32\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2010/04/28 02:57:50 | 000,061,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/04/23 18:52:57 | 000,040,512 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2010/03/26 03:39:50 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand] -- E:\Windows\System32\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010/03/25 07:09:06 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/03/25 07:09:06 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010/03/25 07:09:06 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/03/17 16:21:58 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2010/02/26 10:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/18 23:01:42 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto] -- E:\Windows\System32\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2009/09/17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Dot4Scan.sys -- (Dot4Scan)
DRV:64bit: - [2009/07/13 19:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- E:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/03/13 07:47:34 | 000,013,840 | ---- | M] (UPEK Inc.) [Kernel | Auto] -- E:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp2) SMI Helper Driver (smihlp2)
DRV:64bit: - [2008/08/28 06:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2011/12/10 16:27:25 | 000,120,320 | ---- | M] () [Kernel | System] -- E:\Windows\SysWOW64\drivers\SSHDRV65.sys -- (SSHDRV65)
DRV - [2010/03/26 03:39:50 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand] -- E:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\AS_ON_E\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie9hp
IE - HKU\AS_ON_E\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKU\AS_ON_E\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\AS_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1060933
IE - HKU\AS_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\AS_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\AS_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 4F 61 57 37 ED CB 01 [binary data]
IE - HKU\AS_ON_E\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - Reg Error: Key error. File not found
IE - HKU\AS_ON_E\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKU\AS_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\AS_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "handelsblatt.com|www.nzz.ch|www.sz.de|faz.net|tagblatt.ch"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.3.7
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=6073ee7d0000000000000024d70ad4e5&tlver=1.4.19.19&instlRef=sst&ss=1&affID=17395&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF64_11_1_102.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: E:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: E:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: E:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@idsoftware.com/QuakeLive: E:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: E:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: E:\Users\AS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: File not found
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/10/07 16:36:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/01/10 16:13:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/01/10 16:13:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/06/08 05:39:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/19 01:10:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/28 08:33:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/06/08 05:40:00 | 000,000,000 | ---D | M]
[2010/04/23 18:53:39 | 000,000,000 | ---D | M] (No name found) -- E:\Users\AS\AppData\Roaming\Mozilla\Extensions
[2012/03/01 07:50:22 | 000,000,000 | ---D | M] (No name found) -- E:\Users\AS\AppData\Roaming\Mozilla\Firefox\Profiles\gobmsww8.default\extensions
[2012/02/15 22:04:22 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- E:\Users\AS\AppData\Roaming\Mozilla\Firefox\Profiles\gobmsww8.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2011/10/12 13:21:36 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- E:\Users\AS\AppData\Roaming\Mozilla\Firefox\Profiles\gobmsww8.default\extensions\battlefieldplay4free@ea.com
[2010/09/09 15:35:09 | 000,002,101 | ---- | M] () -- E:\Users\AS\AppData\Roaming\Mozilla\Firefox\Profiles\gobmsww8.default\searchplugins\googlede.xml
[2011/10/25 00:45:58 | 000,003,915 | ---- | M] () -- E:\Users\AS\AppData\Roaming\Mozilla\Firefox\Profiles\gobmsww8.default\searchplugins\sweetim.xml
[2012/01/11 01:45:38 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/28 19:26:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- E:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) --
() (No name found) -- E:\USERS\AS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GOBMSWW8.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI
[2012/03/19 01:10:31 | 000,097,208 | ---- | M] (Mozilla Foundation) -- E:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/12/15 09:06:27 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/13 08:27:49 | 000,001,392 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/02/13 08:27:49 | 000,002,252 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/13 08:27:49 | 000,001,153 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/13 08:27:49 | 000,006,805 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/13 08:27:49 | 000,001,178 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/13 08:27:49 | 000,001,105 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | R--- | M]) - E:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - E:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - File not found
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - E:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - E:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - E:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - File not found
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - E:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - File not found
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - File not found
O3 - HKU\AS_ON_E\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKU\AS_ON_E\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\AS_ON_E\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\AS_ON_E\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - File not found
O4:64bit: - HKLM..\Run: [AcWin7Hlpr] E:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] E:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [LMPSSDMON] E:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe ()
O4:64bit: - HKLM..\Run: [SmartAudio] E:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [WrtMon.exe] E:\Windows\System32\spool\drivers\x64\3\WrtMon.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] E:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Freecorder FLV Service] File not found
O4 - HKLM..\Run: [gema.] E:\ProgramData\gema\gema.exe (A Lf)
O4 - HKLM..\Run: [IMSS] E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [PWMTRV] E:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [RotateImage] E:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.)
O4 - HKU\AS_ON_E..\Run: [] File not found
O4 - HKU\AS_ON_E..\Run: [AdobeBridge] File not found
O4 - HKU\AS_ON_E..\Run: [gema] E:\Users\AS\AppData\Roaming\gema\gema.exe (A Lf)
O4 - HKU\LocalService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\AS_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - E:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - E:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - E:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - E:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - E:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - AS_ON_E\..Trusted Domains: unisg.ch ([serviceportal] https in Vertrauenswürdige Sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 220.220.248.1 220.220.248.9
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (acaptuser64.dll) - E:\Windows\System32\acaptuser64.dll (Adobe Systems, Inc.)
O20 - AppInit_DLLs: (acaptuser32.dll) - E:\Windows\SysWow64\acaptuser32.dll (Adobe Systems Incorporated)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\ProgramData\gema\gema.exe) - E:\ProgramData\gema\gema.exe (A Lf)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\AS_ON_E Winlogon: Shell - (C:\Users\AS\AppData\Roaming\gema\gema.exe) - E:\Users\AS\AppData\Roaming\gema\gema.exe (A Lf)
O20 - HKU\AS_ON_E Winlogon: Shell - (Explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll - E:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{18244e10-8acf-11df-b97d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{18244e10-8acf-11df-b97d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\T3AP.exe
O33 - MountPoints2\{18244e11-8acf-11df-b97d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{18244e11-8acf-11df-b97d-806e6f6e6963}\Shell\AutoRun\command - "" = F:\EpaNt908\Setup.exe
O33 - MountPoints2\{2e68fbae-a13e-11df-93a0-002713968e1c}\Shell - "" = AutoRun
O33 - MountPoints2\{2e68fbae-a13e-11df-93a0-002713968e1c}\Shell\AutoRun\command - "" = D:\Setup_German.exe
O33 - MountPoints2\{6226b780-4afd-11e0-8bef-002713968e1c}\Shell - "" = AutoRun
O33 - MountPoints2\{6226b780-4afd-11e0-8bef-002713968e1c}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{b010b641-b932-11df-9295-002713968e1c}\Shell - "" = AutoRun
O33 - MountPoints2\{b010b641-b932-11df-9295-002713968e1c}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{be0377c0-435e-11e0-8ae2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{be0377c0-435e-11e0-8ae2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{be0377c0-435e-11e0-8ae2-806e6f6e6963}\Shell\configure\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{be0377c0-435e-11e0-8ae2-806e6f6e6963}\Shell\install\command - "" = D:\SETUP.EXE
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\reatogoMenu.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found 64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found 64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45BFEAA3-0A52-F305-91ED-982AC6122D5B} - Offline Browsing Pack
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {735CE95D-B0BD-9427-9419-CD9C0959DCCE} - Themes Setup
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {BCE2E75D-EE14-48F8-990E-AC87C57FFB84} - Bing Bar
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX:64bit: >{BB89BA8E-2153-4651-A4EC-E63ED120FA89} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45BFEAA3-0A52-F305-91ED-982AC6122D5B} - Offline Browsing Pack
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {735CE95D-B0BD-9427-9419-CD9C0959DCCE} - Themes Setup
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {BCE2E75D-EE14-48F8-990E-AC87C57FFB84} - Bing Bar
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX: >{BB89BA8E-2153-4651-A4EC-E63ED120FA89} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
NetSvcs:64bit: AppMgmt - E:\Windows\System32\appmgmts.dll (Microsoft Corporation)
MsConfig:64bit - StartUpFolder: C:^Users^AS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - E:\Users\AS\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
MsConfig:64bit - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig:64bit - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - E:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: AutoStartNPSAgent - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: BabylonToolbar - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: BCSSync - hkey= - key= - E:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: DivX Download Manager - hkey= - key= - E:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - E:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - E:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: LMab1err - hkey= - key= - E:\Program Files\Lexmark\ErrorApp\lmab1err.exe ( )
MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - E:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: NBAgent - hkey= - key= - E:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
MsConfig:64bit - StartUpReg: NokiaMServer - hkey= - key= - E:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig:64bit - StartUpReg: NokiaOviSuite2 - hkey= - key= - E:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: PDFServiceEngine - hkey= - key= - E:\Program Files (x86)\PDF Suite\PDFServiceEngine.exe ()
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - E:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - E:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: SweetIM - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig:64bit - State: "startup" - 2
========== Files/Folders - Created Within 30 Days ==========
[2012/04/13 18:00:08 | 000,000,000 | ---D | C] -- E:\Users\AS\AppData\Roaming\gema
[2012/04/08 20:05:47 | 002,237,440 | R--- | C] (OldTimer Tools) -- E:\OTLPE.exe
[2012/04/08 20:05:44 | 000,000,000 | ---D | C] -- E:\_OTL
[2012/04/06 10:19:37 | 000,000,000 | -HSD | C] -- E:\RECYCLER
[2012/04/06 08:42:05 | 000,000,000 | -HSD | C] -- E:\found.004
[2012/04/06 00:44:36 | 000,000,000 | ---D | C] -- E:\ProgramData\gema
[2012/03/28 19:25:47 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/03/28 19:25:47 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Skype
[2012/03/22 15:12:12 | 004,435,968 | ---- | C] (Google Inc.) -- E:\Windows\SysWow64\GPhotos.scr
[2012/03/21 00:59:34 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone
[2012/03/21 00:59:03 | 000,000,000 | ---D | C] -- E:\ProgramData\Rosetta Stone
[2012/03/21 00:59:03 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Rosetta Stone
[2012/03/19 23:53:35 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012/03/19 23:52:20 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Google
[2010/10/02 04:09:16 | 001,044,480 | ---- | C] ( ) -- E:\Windows\SysWow64\lmabserv.dll
[2010/10/02 04:09:16 | 000,802,816 | ---- | C] ( ) -- E:\Windows\SysWow64\lmabcomc.dll
[2010/10/02 04:09:16 | 000,372,736 | ---- | C] ( ) -- E:\Windows\SysWow64\lmabcomm.dll
[2010/10/02 04:09:16 | 000,356,352 | ---- | C] ( ) -- E:\Windows\SysWow64\lmabhcp.dll
[2010/10/02 04:09:15 | 000,593,920 | ---- | C] ( ) -- E:\Windows\SysWow64\lmabcoms.exe
[2005/12/05 13:00:46 | 002,247,888 | ---- | C] (Microsoft Corporation) -- E:\Program Files (x86)\dsetup32.dll
[2005/12/05 13:00:46 | 000,484,560 | ---- | C] (Microsoft Corporation) -- E:\Program Files (x86)\DXSETUP.exe
[2005/12/05 13:00:46 | 000,074,448 | ---- | C] (Microsoft Corporation) -- E:\Program Files (x86)\DSETUP.dll
[2 E:\Users\AS\Documents\*.tmp files -> E:\Users\AS\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/04/13 19:12:55 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2012/04/13 19:12:36 | 3060,535,296 | -HS- | M] () -- E:\hiberfil.sys
[2012/04/13 17:59:57 | 000,000,418 | RHS- | M] () -- E:\ProgramData\ntuser.pol
[2012/04/06 10:31:05 | 000,000,648 | ---- | M] () -- E:\Notes
[2012/04/06 00:51:27 | 000,017,360 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/06 00:51:27 | 000,017,360 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/03 00:09:43 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/04/02 23:58:05 | 000,419,952 | ---- | M] () -- E:\Windows\System32\gema.exe
[2012/04/02 23:58:00 | 000,000,528 | ---- | M] () -- E:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/04/02 23:53:00 | 000,000,466 | ---- | M] () -- E:\Windows\tasks\SystemToolsDailyTest.job
[2012/04/02 18:30:10 | 000,715,660 | ---- | M] () -- E:\Windows\System32\perfh007.dat
[2012/04/02 18:30:10 | 000,669,726 | ---- | M] () -- E:\Windows\System32\perfh009.dat
[2012/04/02 18:30:10 | 000,154,264 | ---- | M] () -- E:\Windows\System32\perfc007.dat
[2012/04/02 18:30:10 | 000,126,878 | ---- | M] () -- E:\Windows\System32\perfc009.dat
[2012/03/28 19:25:47 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/03/23 03:07:30 | 000,806,384 | ---- | M] () -- E:\Users\AS\Desktop\Direction Softbank Store.jpg
[2012/03/22 15:12:12 | 004,435,968 | ---- | M] (Google Inc.) -- E:\Windows\SysWow64\GPhotos.scr
[2012/03/21 00:59:34 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone
[2012/03/20 20:46:18 | 000,167,551 | ---- | M] () -- E:\Users\AS\Documents\Application_for_Japanese_Language_Program(CEMS)_A_S.pdf
[2012/03/19 23:53:50 | 000,001,070 | ---- | M] () -- E:\Users\Public\Desktop\Picasa 3.lnk
[2012/03/19 23:53:35 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2 E:\Users\AS\Documents\*.tmp files -> E:\Users\AS\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/04/06 10:31:05 | 000,000,648 | ---- | C] () -- E:\Notes
[2012/04/06 00:44:36 | 000,419,952 | ---- | C] () -- E:\Windows\System32\gema.exe
[2012/03/23 03:07:30 | 000,806,384 | ---- | C] () -- E:\Users\AS\Desktop\Direction Softbank Store.jpg
[2012/03/20 20:46:17 | 000,167,551 | ---- | C] () -- E:\Users\AS\Documents\Application_for_Japanese_Language_Program(CEMS)_A_S.pdf
[2012/03/19 23:53:50 | 000,001,070 | ---- | C] () -- E:\Users\Public\Desktop\Picasa 3.lnk
[2012/02/15 06:05:17 | 000,077,824 | ---- | C] () -- E:\Windows\KMService.exe
[2012/02/15 06:05:17 | 000,008,192 | ---- | C] () -- E:\Windows\SysWow64\srvany.exe
[2011/12/29 09:14:11 | 000,000,023 | ---- | C] () -- E:\Windows\BlendSettings.ini
[2011/12/12 13:00:53 | 000,043,520 | ---- | C] () -- E:\Windows\SysWow64\CmdLineExt03.dll
[2011/12/10 16:27:25 | 000,120,320 | ---- | C] () -- E:\Windows\SysWow64\drivers\SSHDRV65.sys
[2011/09/19 09:58:14 | 000,000,418 | RHS- | C] () -- E:\ProgramData\ntuser.pol
[2011/06/07 01:32:29 | 000,252,928 | ---- | C] () -- E:\Windows\SysWow64\DShowRdpFilter.dll
[2011/05/25 17:14:12 | 000,010,240 | ---- | C] () -- E:\Windows\SysWow64\vidx16.dll
[2011/04/09 12:55:28 | 000,179,261 | ---- | C] () -- E:\Windows\SysWow64\xlive.dll.cat
[2011/03/19 10:18:57 | 000,066,856 | ---- | C] () -- E:\Windows\SysWow64\SynTPEnhPS.dll
[2011/03/19 09:54:55 | 000,867,020 | ---- | C] () -- E:\Windows\SysWow64\igkrng575.bin
[2011/03/19 09:54:44 | 000,105,408 | ---- | C] () -- E:\Windows\SysWow64\igfcg575m.bin
[2011/03/19 09:54:42 | 000,128,204 | ---- | C] () -- E:\Windows\SysWow64\igcompkrng575.bin
[2010/12/10 09:09:45 | 000,234,768 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrB.exe
[2010/12/10 09:09:42 | 000,075,136 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrA.exe
[2010/11/10 17:05:39 | 000,000,132 | ---- | C] () -- E:\Users\AS\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2010/10/02 04:07:09 | 000,028,672 | ---- | C] () -- E:\Windows\hookdllX.dll
[2010/10/02 04:07:09 | 000,011,776 | ---- | C] () -- E:\Windows\SysWow64\pmsbfn32.dll
[2010/09/27 14:38:27 | 000,001,025 | ---- | C] () -- E:\Windows\SysWow64\sysprs7.dll
[2010/09/27 14:38:27 | 000,000,205 | ---- | C] () -- E:\Windows\SysWow64\lsprst7.dll
[2010/09/26 13:06:58 | 000,000,132 | ---- | C] () -- E:\Users\AS\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/08/03 10:25:00 | 000,000,756 | ---- | C] () -- E:\Users\AS\AppData\Eudora.lnk
[2010/07/10 10:04:47 | 000,320,000 | ---- | C] () -- E:\Windows\SysWow64\roboex32.dll
[2010/07/10 10:04:21 | 000,000,750 | RH-- | C] () -- E:\Windows\SysWow64\ttri.dat
[2010/06/02 00:22:54 | 001,412,902 | ---- | C] () -- E:\Program Files (x86)\OCT2006_d3dx9_31_x64.cab
[2010/06/02 00:22:54 | 001,127,217 | ---- | C] () -- E:\Program Files (x86)\OCT2006_d3dx9_31_x86.cab
[2010/06/02 00:22:54 | 000,273,960 | ---- | C] () -- E:\Program Files (x86)\Nov2008_XAudio_x64.cab
[2010/06/02 00:22:54 | 000,272,611 | ---- | C] () -- E:\Program Files (x86)\Nov2008_XAudio_x86.cab
[2010/06/02 00:22:54 | 000,182,361 | ---- | C] () -- E:\Program Files (x86)\OCT2006_XACT_x64.cab
[2010/06/02 00:22:54 | 000,138,017 | ---- | C] () -- E:\Program Files (x86)\OCT2006_XACT_x86.cab
[2010/06/02 00:22:52 | 001,906,878 | ---- | C] () -- E:\Program Files (x86)\Nov2008_d3dx9_40_x64.cab
[2010/06/02 00:22:52 | 001,550,796 | ---- | C] () -- E:\Program Files (x86)\Nov2008_d3dx9_40_x86.cab
[2010/06/02 00:22:52 | 000,965,421 | ---- | C] () -- E:\Program Files (x86)\Nov2008_d3dx10_40_x86.cab
[2010/06/02 00:22:52 | 000,121,794 | ---- | C] () -- E:\Program Files (x86)\Nov2008_XACT_x64.cab
[2010/06/02 00:22:52 | 000,092,684 | ---- | C] () -- E:\Program Files (x86)\Nov2008_XACT_x86.cab
[2010/06/02 00:22:52 | 000,054,522 | ---- | C] () -- E:\Program Files (x86)\Nov2008_X3DAudio_x64.cab
[2010/06/02 00:22:52 | 000,021,851 | ---- | C] () -- E:\Program Files (x86)\Nov2008_X3DAudio_x86.cab
[2010/06/02 00:22:50 | 000,994,154 | ---- | C] () -- E:\Program Files (x86)\Nov2008_d3dx10_40_x64.cab
[2010/06/02 00:22:50 | 000,196,762 | ---- | C] () -- E:\Program Files (x86)\NOV2007_XACT_x64.cab
[2010/06/02 00:22:50 | 000,148,264 | ---- | C] () -- E:\Program Files (x86)\NOV2007_XACT_x86.cab
[2010/06/02 00:22:50 | 000,046,144 | ---- | C] () -- E:\Program Files (x86)\NOV2007_X3DAudio_x64.cab
[2010/06/02 00:22:50 | 000,018,496 | ---- | C] () -- E:\Program Files (x86)\NOV2007_X3DAudio_x86.cab
[2010/06/02 00:22:48 | 001,802,058 | ---- | C] () -- E:\Program Files (x86)\Nov2007_d3dx9_36_x64.cab
[2010/06/02 00:22:48 | 001,709,360 | ---- | C] () -- E:\Program Files (x86)\Nov2007_d3dx9_36_x86.cab
[2010/06/02 00:22:48 | 000,864,600 | ---- | C] () -- E:\Program Files (x86)\Nov2007_d3dx10_36_x64.cab
[2010/06/02 00:22:48 | 000,803,884 | ---- | C] () -- E:\Program Files (x86)\Nov2007_d3dx10_36_x86.cab
[2010/06/02 00:22:48 | 000,273,018 | ---- | C] () -- E:\Program Files (x86)\Mar2009_XAudio_x86.cab
[2010/06/02 00:22:46 | 000,275,044 | ---- | C] () -- E:\Program Files (x86)\Mar2009_XAudio_x64.cab
[2010/06/02 00:22:46 | 000,121,506 | ---- | C] () -- E:\Program Files (x86)\Mar2009_XACT_x64.cab
[2010/06/02 00:22:46 | 000,092,740 | ---- | C] () -- E:\Program Files (x86)\Mar2009_XACT_x86.cab
[2010/06/02 00:22:38 | 000,054,600 | ---- | C] () -- E:\Program Files (x86)\Mar2009_X3DAudio_x64.cab
[2010/06/02 00:22:38 | 000,021,298 | ---- | C] () -- E:\Program Files (x86)\Mar2009_X3DAudio_x86.cab
[2010/06/02 00:22:36 | 001,973,702 | ---- | C] () -- E:\Program Files (x86)\Mar2009_d3dx9_41_x64.cab
[2010/06/02 00:22:36 | 001,612,446 | ---- | C] () -- E:\Program Files (x86)\Mar2009_d3dx9_41_x86.cab
[2010/06/02 00:22:36 | 001,067,160 | ---- | C] () -- E:\Program Files (x86)\Mar2009_d3dx10_41_x64.cab
[2010/06/02 00:22:36 | 001,040,745 | ---- | C] () -- E:\Program Files (x86)\Mar2009_d3dx10_41_x86.cab
[2010/06/02 00:22:36 | 000,251,194 | ---- | C] () -- E:\Program Files (x86)\Mar2008_XAudio_x64.cab
[2010/06/02 00:22:36 | 000,226,250 | ---- | C] () -- E:\Program Files (x86)\Mar2008_XAudio_x86.cab
[2010/06/02 00:22:36 | 000,122,336 | ---- | C] () -- E:\Program Files (x86)\Mar2008_XACT_x64.cab
[2010/06/02 00:22:36 | 000,093,734 | ---- | C] () -- E:\Program Files (x86)\Mar2008_XACT_x86.cab
[2010/06/02 00:22:34 | 001,769,862 | ---- | C] () -- E:\Program Files (x86)\Mar2008_d3dx9_37_x64.cab
[2010/06/02 00:22:34 | 001,443,282 | ---- | C] () -- E:\Program Files (x86)\Mar2008_d3dx9_37_x86.cab
[2010/06/02 00:22:34 | 000,818,260 | ---- | C] () -- E:\Program Files (x86)\Mar2008_d3dx10_37_x86.cab
[2010/06/02 00:22:34 | 000,055,058 | ---- | C] () -- E:\Program Files (x86)\Mar2008_X3DAudio_x64.cab
[2010/06/02 00:22:34 | 000,021,867 | ---- | C] () -- E:\Program Files (x86)\Mar2008_X3DAudio_x86.cab
[2010/06/02 00:22:32 | 000,937,246 | ---- | C] () -- E:\Program Files (x86)\Jun2010_d3dx9_43_x64.cab
[2010/06/02 00:22:32 | 000,844,884 | ---- | C] () -- E:\Program Files (x86)\Mar2008_d3dx10_37_x64.cab
[2010/06/02 00:22:32 | 000,768,036 | ---- | C] () -- E:\Program Files (x86)\Jun2010_d3dx9_43_x86.cab
[2010/06/02 00:22:32 | 000,278,060 | ---- | C] () -- E:\Program Files (x86)\Jun2010_XAudio_x86.cab
[2010/06/02 00:22:32 | 000,277,338 | ---- | C] () -- E:\Program Files (x86)\Jun2010_XAudio_x64.cab
[2010/06/02 00:22:32 | 000,124,596 | ---- | C] () -- E:\Program Files (x86)\Jun2010_XACT_x64.cab
[2010/06/02 00:22:32 | 000,093,686 | ---- | C] () -- E:\Program Files (x86)\Jun2010_XACT_x86.cab
[2010/06/02 00:22:30 | 000,762,188 | ---- | C] () -- E:\Program Files (x86)\Jun2010_d3dcsx_43_x86.cab
[2010/06/02 00:22:30 | 000,235,955 | ---- | C] () -- E:\Program Files (x86)\Jun2010_d3dx10_43_x64.cab
[2010/06/02 00:22:30 | 000,197,283 | ---- | C] () -- E:\Program Files (x86)\Jun2010_d3dx10_43_x86.cab
[2010/06/02 00:22:30 | 000,138,205 | ---- | C] () -- E:\Program Files (x86)\Jun2010_d3dx11_43_x64.cab
[2010/06/02 00:22:30 | 000,109,445 | ---- | C] () -- E:\Program Files (x86)\Jun2010_d3dx11_43_x86.cab
[2010/06/02 00:22:28 | 000,944,460 | ---- | C] () -- E:\Program Files (x86)\Jun2010_D3DCompiler_43_x64.cab
[2010/06/02 00:22:28 | 000,931,471 | ---- | C] () -- E:\Program Files (x86)\Jun2010_D3DCompiler_43_x86.cab
[2010/06/02 00:22:28 | 000,752,783 | ---- | C] () -- E:\Program Files (x86)\Jun2010_d3dcsx_43_x64.cab
[2010/06/02 00:22:20 | 000,269,024 | ---- | C] () -- E:\Program Files (x86)\JUN2008_XAudio_x86.cab
[2010/06/02 00:22:18 | 001,792,608 | ---- | C] () -- E:\Program Files (x86)\JUN2008_d3dx9_38_x64.cab
[2010/06/02 00:22:18 | 001,463,878 | ---- | C] () -- E:\Program Files (x86)\JUN2008_d3dx9_38_x86.cab
[2010/06/02 00:22:18 | 000,867,828 | ---- | C] () -- E:\Program Files (x86)\JUN2008_d3dx10_38_x64.cab
[2010/06/02 00:22:18 | 000,849,919 | ---- | C] () -- E:\Program Files (x86)\JUN2008_d3dx10_38_x86.cab
[2010/06/02 00:22:18 | 000,269,628 | ---- | C] () -- E:\Program Files (x86)\JUN2008_XAudio_x64.cab
[2010/06/02 00:22:18 | 000,152,909 | ---- | C] () -- E:\Program Files (x86)\JUN2007_XACT_x86.cab
[2010/06/02 00:22:18 | 000,121,054 | ---- | C] () -- E:\Program Files (x86)\JUN2008_XACT_x64.cab
[2010/06/02 00:22:18 | 000,093,128 | ---- | C] () -- E:\Program Files (x86)\JUN2008_XACT_x86.cab
[2010/06/02 00:22:18 | 000,055,154 | ---- | C] () -- E:\Program Files (x86)\JUN2008_X3DAudio_x64.cab
[2010/06/02 00:22:18 | 000,021,905 | ---- | C] () -- E:\Program Files (x86)\JUN2008_X3DAudio_x86.cab
[2010/06/02 00:22:16 | 001,607,774 | ---- | C] () -- E:\Program Files (x86)\JUN2007_d3dx9_34_x64.cab
[2010/06/02 00:22:16 | 001,607,286 | ---- | C] () -- E:\Program Files (x86)\JUN2007_d3dx9_34_x86.cab
[2010/06/02 00:22:16 | 000,699,044 | ---- | C] () -- E:\Program Files (x86)\JUN2007_d3dx10_34_x64.cab
[2010/06/02 00:22:16 | 000,698,472 | ---- | C] () -- E:\Program Files (x86)\JUN2007_d3dx10_34_x86.cab
[2010/06/02 00:22:16 | 000,197,122 | ---- | C] () -- E:\Program Files (x86)\JUN2007_XACT_x64.cab
[2010/06/02 00:22:16 | 000,180,785 | ---- | C] () -- E:\Program Files (x86)\JUN2006_XACT_x64.cab
[2010/06/02 00:22:16 | 000,133,671 | ---- | C] () -- E:\Program Files (x86)\JUN2006_XACT_x86.cab
[2010/06/02 00:22:14 | 000,277,191 | ---- | C] () -- E:\Program Files (x86)\Feb2010_XAudio_x86.cab
[2010/06/02 00:22:14 | 000,276,960 | ---- | C] () -- E:\Program Files (x86)\Feb2010_XAudio_x64.cab
[2010/06/02 00:22:14 | 000,122,446 | ---- | C] () -- E:\Program Files (x86)\Feb2010_XACT_x64.cab
[2010/06/02 00:22:14 | 000,093,180 | ---- | C] () -- E:\Program Files (x86)\Feb2010_XACT_x86.cab
[2010/06/02 00:22:12 | 000,194,675 | ---- | C] () -- E:\Program Files (x86)\FEB2007_XACT_x64.cab
[2010/06/02 00:22:12 | 000,147,983 | ---- | C] () -- E:\Program Files (x86)\FEB2007_XACT_x86.cab
[2010/06/02 00:22:12 | 000,054,678 | ---- | C] () -- E:\Program Files (x86)\Feb2010_X3DAudio_x64.cab
[2010/06/02 00:22:12 | 000,020,713 | ---- | C] () -- E:\Program Files (x86)\Feb2010_X3DAudio_x86.cab
[2010/06/02 00:22:10 | 000,178,359 | ---- | C] () -- E:\Program Files (x86)\Feb2006_XACT_x64.cab
[2010/06/02 00:22:10 | 000,132,409 | ---- | C] () -- E:\Program Files (x86)\Feb2006_XACT_x86.cab
[2010/06/02 00:22:04 | 001,084,720 | ---- | C] () -- E:\Program Files (x86)\Feb2006_d3dx9_29_x86.cab
[2010/06/02 00:22:02 | 001,574,376 | ---- | C] () -- E:\Program Files (x86)\DEC2006_d3dx9_32_x86.cab
[2010/06/02 00:22:02 | 001,362,796 | ---- | C] () -- E:\Program Files (x86)\Feb2006_d3dx9_29_x64.cab
[2010/06/02 00:22:02 | 000,192,475 | ---- | C] () -- E:\Program Files (x86)\DEC2006_XACT_x64.cab
[2010/06/02 00:22:02 | 000,145,599 | ---- | C] () -- E:\Program Files (x86)\DEC2006_XACT_x86.cab
[2010/06/02 00:22:00 | 001,571,154 | ---- | C] () -- E:\Program Files (x86)\DEC2006_d3dx9_32_x64.cab
[2010/06/02 00:22:00 | 000,273,264 | ---- | C] () -- E:\Program Files (x86)\Aug2009_XAudio_x64.cab
[2010/06/02 00:22:00 | 000,272,642 | ---- | C] () -- E:\Program Files (x86)\Aug2009_XAudio_x86.cab
[2010/06/02 00:22:00 | 000,212,807 | ---- | C] () -- E:\Program Files (x86)\DEC2006_d3dx10_00_x64.cab
[2010/06/02 00:22:00 | 000,191,720 | ---- | C] () -- E:\Program Files (x86)\DEC2006_d3dx10_00_x86.cab
[2010/06/02 00:22:00 | 000,122,408 | ---- | C] () -- E:\Program Files (x86)\Aug2009_XACT_x64.cab
[2010/06/02 00:22:00 | 000,093,106 | ---- | C] () -- E:\Program Files (x86)\Aug2009_XACT_x86.cab
[2010/06/02 00:21:58 | 000,930,116 | ---- | C] () -- E:\Program Files (x86)\Aug2009_d3dx9_42_x64.cab
[2010/06/02 00:21:58 | 000,728,456 | ---- | C] () -- E:\Program Files (x86)\Aug2009_d3dx9_42_x86.cab
[2010/06/02 00:21:58 | 000,232,635 | ---- | C] () -- E:\Program Files (x86)\Aug2009_d3dx10_42_x64.cab
[2010/06/02 00:21:58 | 000,192,131 | ---- | C] () -- E:\Program Files (x86)\Aug2009_d3dx10_42_x86.cab
[2010/06/02 00:21:58 | 000,136,301 | ---- | C] () -- E:\Program Files (x86)\Aug2009_d3dx11_42_x64.cab
[2010/06/02 00:21:58 | 000,105,044 | ---- | C] () -- E:\Program Files (x86)\Aug2009_d3dx11_42_x86.cab
[2010/06/02 00:21:56 | 003,319,740 | ---- | C] () -- E:\Program Files (x86)\Aug2009_d3dcsx_42_x86.cab
[2010/06/02 00:21:56 | 003,112,111 | ---- | C] () -- E:\Program Files (x86)\Aug2009_d3dcsx_42_x64.cab
[2010/06/02 00:21:56 | 000,900,598 | ---- | C] () -- E:\Program Files (x86)\Aug2009_D3DCompiler_42_x86.cab
[2010/06/02 00:21:46 | 000,919,044 | ---- | C] () -- E:\Program Files (x86)\Aug2009_D3DCompiler_42_x64.cab
[2010/06/02 00:21:46 | 000,271,412 | ---- | C] () -- E:\Program Files (x86)\Aug2008_XAudio_x64.cab
[2010/06/02 00:21:46 | 000,271,038 | ---- | C] () -- E:\Program Files (x86)\Aug2008_XAudio_x86.cab
[2010/06/02 00:21:44 | 001,794,084 | ---- | C] () -- E:\Program Files (x86)\Aug2008_d3dx9_39_x64.cab
[2010/06/02 00:21:44 | 001,464,672 | ---- | C] () -- E:\Program Files (x86)\Aug2008_d3dx9_39_x86.cab
[2010/06/02 00:21:44 | 000,849,167 | ---- | C] () -- E:\Program Files (x86)\Aug2008_d3dx10_39_x86.cab
[2010/06/02 00:21:44 | 000,198,096 | ---- | C] () -- E:\Program Files (x86)\AUG2007_XACT_x64.cab
[2010/06/02 00:21:44 | 000,153,012 | ---- | C] () -- E:\Program Files (x86)\AUG2007_XACT_x86.cab
[2010/06/02 00:21:44 | 000,121,772 | ---- | C] () -- E:\Program Files (x86)\Aug2008_XACT_x64.cab
[2010/06/02 00:21:44 | 000,092,996 | ---- | C] () -- E:\Program Files (x86)\Aug2008_XACT_x86.cab
[2010/06/02 00:21:42 | 001,800,160 | ---- | C] () -- E:\Program Files (x86)\AUG2007_d3dx9_35_x64.cab
[2010/06/02 00:21:42 | 001,708,152 | ---- | C] () -- E:\Program Files (x86)\AUG2007_d3dx9_35_x86.cab
[2010/06/02 00:21:42 | 000,867,612 | ---- | C] () -- E:\Program Files (x86)\Aug2008_d3dx10_39_x64.cab
[2010/06/02 00:21:42 | 000,852,286 | ---- | C] () -- E:\Program Files (x86)\AUG2007_d3dx10_35_x64.cab
[2010/06/02 00:21:42 | 000,796,867 | ---- | C] () -- E:\Program Files (x86)\AUG2007_d3dx10_35_x86.cab
[2010/06/02 00:21:40 | 000,182,903 | ---- | C] () -- E:\Program Files (x86)\AUG2006_XACT_x64.cab
[2010/06/02 00:21:40 | 000,137,235 | ---- | C] () -- E:\Program Files (x86)\AUG2006_XACT_x86.cab
[2010/06/02 00:21:40 | 000,087,142 | ---- | C] () -- E:\Program Files (x86)\AUG2006_xinput_x64.cab
[2010/06/02 00:21:40 | 000,053,302 | ---- | C] () -- E:\Program Files (x86)\APR2007_xinput_x86.cab
[2010/06/02 00:21:40 | 000,046,058 | ---- | C] () -- E:\Program Files (x86)\AUG2006_xinput_x86.cab
[2010/06/02 00:21:38 | 001,606,039 | ---- | C] () -- E:\Program Files (x86)\APR2007_d3dx9_33_x86.cab
[2010/06/02 00:21:38 | 000,195,766 | ---- | C] () -- E:\Program Files (x86)\APR2007_XACT_x64.cab
[2010/06/02 00:21:38 | 000,151,225 | ---- | C] () -- E:\Program Files (x86)\APR2007_XACT_x86.cab
[2010/06/02 00:21:38 | 000,096,817 | ---- | C] () -- E:\Program Files (x86)\APR2007_xinput_x64.cab
[2010/06/02 00:21:36 | 001,607,358 | ---- | C] () -- E:\Program Files (x86)\APR2007_d3dx9_33_x64.cab
[2010/06/02 00:21:36 | 000,698,612 | ---- | C] () -- E:\Program Files (x86)\APR2007_d3dx10_33_x64.cab
[2010/06/02 00:21:36 | 000,695,865 | ---- | C] () -- E:\Program Files (x86)\APR2007_d3dx10_33_x86.cab
[2010/06/02 00:21:34 | 000,046,010 | ---- | C] () -- E:\Program Files (x86)\Apr2006_xinput_x86.cab
[2010/06/02 00:21:20 | 000,087,101 | ---- | C] () -- E:\Program Files (x86)\Apr2006_xinput_x64.cab
[2010/06/02 00:21:18 | 004,162,630 | ---- | C] () -- E:\Program Files (x86)\Apr2006_MDX1_x86_Archive.cab
[2010/06/02 00:21:18 | 000,916,430 | ---- | C] () -- E:\Program Files (x86)\Apr2006_MDX1_x86.cab
[2010/06/02 00:21:18 | 000,179,133 | ---- | C] () -- E:\Program Files (x86)\Apr2006_XACT_x64.cab
[2010/06/02 00:21:18 | 000,133,103 | ---- | C] () -- E:\Program Files (x86)\Apr2006_XACT_x86.cab
[2010/06/02 00:21:16 | 001,397,830 | ---- | C] () -- E:\Program Files (x86)\Apr2006_d3dx9_30_x64.cab
[2010/06/02 00:21:16 | 001,115,221 | ---- | C] () -- E:\Program Files (x86)\Apr2006_d3dx9_30_x86.cab
[2010/05/09 06:49:16 | 000,000,162 | ---- | C] () -- E:\Windows\Readiris.ini
[2010/05/09 06:07:39 | 000,120,200 | ---- | C] () -- E:\Windows\SysWow64\DLLDEV32i.dll
[2010/05/09 06:07:27 | 000,007,103 | ---- | C] () -- E:\Windows\mgxoschk.ini
[2010/05/08 14:34:23 | 000,000,069 | ---- | C] () -- E:\Windows\NeroDigital.ini
[2010/05/02 09:16:44 | 000,006,144 | ---- | C] () -- E:\Users\AS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/30 13:17:23 | 000,000,056 | -H-- | C] () -- E:\Windows\SysWow64\ezsidmv.dat
[2010/04/28 05:44:54 | 001,639,670 | ---- | C] () -- E:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- E:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- E:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- E:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- E:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\SysWow64\mlang.dat
[2009/06/07 07:27:20 | 000,073,728 | ---- | C] () -- E:\Windows\SysWow64\vbzlib1.dll
[2007/10/25 11:26:10 | 000,005,632 | ---- | C] () -- E:\Windows\SysWow64\drivers\StarOpen.sys
[2005/12/05 13:28:30 | 003,673,932 | ---- | C] () -- E:\Program Files (x86)\Dec2005_MDX1_x86_Archive.cab
[2005/12/05 13:28:04 | 001,358,864 | ---- | C] () -- E:\Program Files (x86)\Dec2005_d3dx9_28_x64.cab
[2005/12/05 13:28:02 | 000,086,925 | ---- | C] () -- E:\Program Files (x86)\Oct2005_xinput_x64.cab
[2005/12/05 13:28:02 | 000,046,247 | ---- | C] () -- E:\Program Files (x86)\Oct2005_xinput_x86.cab
[2005/12/05 13:28:02 | 000,041,888 | ---- | C] () -- E:\Program Files (x86)\dxdllreg_x86.cab
[2005/12/05 13:28:00 | 000,916,806 | ---- | C] () -- E:\Program Files (x86)\Dec2005_MDX1_x86.cab
[2005/12/05 13:27:58 | 001,080,344 | ---- | C] () -- E:\Program Files (x86)\Dec2005_d3dx9_28_x86.cab
[2005/12/05 13:00:46 | 000,081,092 | ---- | C] () -- E:\Program Files (x86)\dxupdate.cab
[2005/12/05 13:00:44 | 001,351,430 | ---- | C] () -- E:\Program Files (x86)\Aug2005_d3dx9_27_x64.cab
[2005/12/05 13:00:44 | 001,348,242 | ---- | C] () -- E:\Program Files (x86)\Apr2005_d3dx9_25_x64.cab
[2005/12/05 13:00:44 | 001,336,890 | ---- | C] () -- E:\Program Files (x86)\Jun2005_d3dx9_26_x64.cab
[2005/12/05 13:00:44 | 001,248,387 | ---- | C] () -- E:\Program Files (x86)\Feb2005_d3dx9_24_x64.cab
[2005/12/05 13:00:44 | 001,079,850 | ---- | C] () -- E:\Program Files (x86)\Apr2005_d3dx9_25_x86.cab
[2005/12/05 13:00:44 | 001,078,532 | ---- | C] () -- E:\Program Files (x86)\Aug2005_d3dx9_27_x86.cab
[2005/12/05 13:00:44 | 001,065,813 | ---- | C] () -- E:\Program Files (x86)\Jun2005_d3dx9_26_x86.cab
[2005/12/05 13:00:44 | 001,014,113 | ---- | C] () -- E:\Program Files (x86)\Feb2005_d3dx9_24_x86.cab
[2005/12/05 13:00:42 | 013,265,040 | ---- | C] () -- E:\Program Files (x86)\dxnt.cab
[2005/12/05 13:00:40 | 015,493,481 | ---- | C] () -- E:\Program Files (x86)\DirectX.cab
[2005/12/05 13:00:40 | 001,156,363 | ---- | C] () -- E:\Program Files (x86)\BDANT.cab
[2005/12/05 13:00:40 | 000,976,020 | ---- | C] () -- E:\Program Files (x86)\BDAXP.cab
[2005/12/05 13:00:40 | 000,703,080 | ---- | C] () -- E:\Program Files (x86)\BDA.cab
[2003/11/17 10:30:01 | 000,286,208 | ---- | C] () -- E:\Windows\SysWow64\CNCS232.DLL
========== LOP Check ==========
[2011/10/15 08:10:36 | 000,000,000 | ---D | M] -- E:\ProgramData\Age of Empires 3
[2012/01/07 17:00:37 | 000,000,000 | ---D | M] -- E:\ProgramData\Airline Tycoon 2
[2010/04/23 17:51:00 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2011/12/10 11:15:02 | 000,000,000 | ---D | M] -- E:\ProgramData\BioWare
[2011/03/10 05:02:00 | 000,000,000 | -H-D | M] -- E:\ProgramData\CanonBJ
[2011/10/10 12:13:42 | 000,000,000 | ---D | M] -- E:\ProgramData\Conexant
[2012/03/21 21:16:03 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Lite
[2010/07/08 16:24:40 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Pro
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2010/04/23 17:51:00 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2011/09/19 05:20:09 | 000,000,000 | ---D | M] -- E:\ProgramData\explauncher
[2010/04/23 17:51:00 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2011/11/27 08:09:52 | 000,000,000 | ---D | M] -- E:\ProgramData\Firefly Studios
[2012/04/06 00:44:36 | 000,000,000 | ---D | M] -- E:\ProgramData\gema
[2011/10/05 05:20:17 | 000,000,000 | ---D | M] -- E:\ProgramData\id Software
[2011/02/14 18:13:03 | 000,000,000 | ---D | M] -- E:\ProgramData\Installations
[2010/07/10 10:00:04 | 000,000,000 | ---D | M] -- E:\ProgramData\LANGMaster
[2011/09/19 05:20:09 | 000,000,000 | ---D | M] -- E:\ProgramData\launcher
[2010/05/02 09:22:10 | 000,000,000 | ---D | M] -- E:\ProgramData\Lenovo
[2010/05/09 06:19:37 | 000,000,000 | ---D | M] -- E:\ProgramData\MAGIX
[2011/02/14 18:09:41 | 000,000,000 | ---D | M] -- E:\ProgramData\Nokia
[2011/06/08 05:48:32 | 000,000,000 | ---D | M] -- E:\ProgramData\NokiaAccount
[2010/09/20 12:46:55 | 000,000,000 | ---D | M] -- E:\ProgramData\NokiaInstallerCache
[2010/04/24 04:48:04 | 000,000,000 | ---D | M] -- E:\ProgramData\OviInstallerCache
[2011/09/19 05:20:25 | 000,000,000 | ---D | M] -- E:\ProgramData\p2panalysis
[2010/09/20 03:20:18 | 000,000,000 | ---D | M] -- E:\ProgramData\PC Suite
[2011/05/06 04:56:48 | 000,000,000 | ---D | M] -- E:\ProgramData\PC-Doctor for Windows
[2012/03/19 23:23:16 | 000,000,000 | ---D | M] -- E:\ProgramData\PCDr
[2010/10/04 05:08:14 | 000,000,000 | ---D | M] -- E:\ProgramData\PCSettings
[2011/03/16 07:43:02 | 000,000,000 | ---D | M] -- E:\ProgramData\PMB Files
[2010/09/20 01:46:38 | 000,000,000 | ---D | M] -- E:\ProgramData\regid.1986-12.com.adobe
[2010/09/10 10:19:03 | 000,000,000 | ---D | M] -- E:\ProgramData\Roaming
[2012/03/25 17:34:38 | 000,000,000 | ---D | M] -- E:\ProgramData\Rosetta Stone
[2010/09/27 14:44:01 | 000,000,000 | ---D | M] -- E:\ProgramData\SafeNet Sentinel
[2010/04/24 05:29:16 | 000,000,000 | ---D | M] -- E:\ProgramData\Samsung
[2010/09/27 14:39:58 | 000,000,000 | ---D | M] -- E:\ProgramData\SPSS
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2010/04/23 17:51:00 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2011/12/13 18:03:58 | 000,000,000 | ---D | M] -- E:\ProgramData\Tages
[2010/09/14 04:48:02 | 000,000,000 | ---D | M] -- E:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2011/04/06 04:04:34 | 000,000,000 | ---D | M] -- E:\ProgramData\Ubisoft
[2010/04/23 17:51:00 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2010/10/26 08:24:41 | 000,000,000 | -H-D | M] -- E:\ProgramData\{51FF211C-C5CA-4891-947B-39860CCE391A}
[2010/04/24 05:18:26 | 000,000,000 | ---D | M] -- E:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/04/02 23:58:00 | 000,000,528 | ---- | M] () -- E:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/12/10 16:30:09 | 000,032,640 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT
[2012/04/02 23:53:00 | 000,000,466 | ---- | M] () -- E:\Windows\Tasks\SystemToolsDailyTest.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2010/12/11 08:12:18 | 000,000,000 | -HSD | M] -- E:\$Recycle.Bin
[2011/09/19 05:20:44 | 000,000,000 | ---D | M] -- E:\archive_db
[2012/04/02 14:18:55 | 000,000,000 | -HSD | M] -- E:\Config.Msi
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\Documents and Settings
[2010/04/23 17:51:00 | 000,000,000 | -HSD | M] -- E:\Dokumente und Einstellungen
[2010/04/23 18:34:32 | 000,000,000 | ---D | M] -- E:\DRIVERS
[2010/09/19 08:22:53 | 000,000,000 | ---D | M] -- E:\faed1437818ec439abe50a
[2010/12/20 02:13:09 | 000,000,000 | -HSD | M] -- E:\found.000
[2011/02/03 15:56:23 | 000,000,000 | -HSD | M] -- E:\found.001
[2011/03/17 07:39:23 | 000,000,000 | -HSD | M] -- E:\found.002
[2011/10/10 12:09:18 | 000,000,000 | -HSD | M] -- E:\found.003
[2012/04/06 08:42:05 | 000,000,000 | -HSD | M] -- E:\found.004
[2011/09/28 04:13:22 | 000,000,000 | ---D | M] -- E:\Games
[2010/04/24 01:10:48 | 000,000,000 | ---D | M] -- E:\Intel
[2010/11/02 05:52:38 | 000,000,000 | RH-D | M] -- E:\MSOCache
[2009/07/13 23:20:08 | 000,000,000 | ---D | M] -- E:\PerfLogs
[2011/12/31 09:31:34 | 000,000,000 | R--D | M] -- E:\Program Files
[2012/03/21 00:59:03 | 000,000,000 | ---D | M] -- E:\Program Files (x86)
[2012/04/13 17:59:57 | 000,000,000 | -H-D | M] -- E:\ProgramData
[2010/04/23 17:51:00 | 000,000,000 | -HSD | M] -- E:\Programme
[2010/04/23 17:51:00 | 000,000,000 | -HSD | M] -- E:\Recovery
[2012/04/06 10:19:37 | 000,000,000 | -HSD | M] -- E:\RECYCLER
[2011/03/19 10:06:37 | 000,000,000 | ---D | M] -- E:\SWTOOLS
[2012/04/02 14:10:26 | 000,000,000 | -HSD | M] -- E:\System Volume Information
[2011/09/19 13:19:06 | 000,000,000 | ---D | M] -- E:\temp
[2011/12/02 03:39:36 | 000,000,000 | ---D | M] -- E:\Users
[2012/04/10 23:57:26 | 000,000,000 | ---D | M] -- E:\Windows
[2012/04/08 20:05:44 | 000,000,000 | ---D | M] -- E:\_OTL
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\System32\drivers\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\System32\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- E:\Windows\System32\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- E:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- E:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- E:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: IASTOR.SYS >
[2010/01/15 06:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- E:\DRIVERS\WIN\IRST64\iaStor.sys
[2010/01/15 06:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- E:\Program Files (x86)\Lenovo\System Update\session\6mio25ww\iaStor.sys
[2010/01/15 06:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- E:\Windows\System32\drivers\iaStor.sys
[2010/01/15 06:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- E:\Windows\System32\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4bd470085ec821d5\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- E:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- E:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 02:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- E:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- E:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- E:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- E:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- E:\Windows\System32\netlogon.dll
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- E:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- E:\Windows\SysWOW64\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- E:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011/03/11 02:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- E:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- E:\Windows\System32\drivers\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- E:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- E:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- E:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- E:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- E:\Windows\SysWOW64\scecli.dll
[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- E:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- E:\Windows\System32\scecli.dll
[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- E:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- E:\Windows\SysWOW64\user32.dll
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- E:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- E:\Windows\System32\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- E:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- E:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- E:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- E:\Windows\System32\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- E:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- E:\Windows\System32\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- E:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- E:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
Invalid Environment Variable: %USERPROFILE%\*.*
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
< End of report > --- --- ---
Vielen Dank nochmals für eure Hilfe! |