| Jack9183 | 11.01.2013 17:56 |
OTL Logfile: Code:
OTL logfile created on: 1/11/2013 3:50:01 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): c:\pagefile.sys 4096 8082 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 618.95 Gb Free Space | 66.45% Space Free | Partition Type: NTFS
Drive D: | 736.20 Gb Total Space | 493.47 Gb Free Space | 67.03% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 135.73 Gb Free Space | 14.57% Space Free | Partition Type: NTFS
Drive F: | 7.45 Gb Total Space | 5.85 Gb Free Space | 78.46% Space Free | Partition Type: FAT32
Drive H: | 195.31 Gb Total Space | 195.22 Gb Free Space | 99.95% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/10/17 17:07:00 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/09 04:49:12 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/02 17:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 06:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/25 19:06:27 | 000,076,888 | ---- | M] () [Auto] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/08/14 07:18:20 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/11/19 23:27:26 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2010/03/18 06:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/16 10:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/07/13 20:41:53 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/04/23 01:46:12 | 000,081,920 | ---- | M] (FirebirdSQL Project) [Auto] -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008/04/23 01:46:08 | 002,015,232 | ---- | M] (FirebirdSQL Project) [On_Demand] -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2006/12/19 03:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/07/03 10:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/05/29 08:36:24 | 000,828,912 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/03/22 10:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/24 05:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2009/07/13 19:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Alex_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\Alex_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\Alex_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1E EE 64 51 54 EF CD 01 [binary data]
IE - HKU\Alex_ON_D\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - Reg Error: Key error. File not found
IE - HKU\Alex_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.140.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.2: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: File not found
FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Alex\AppData\Roaming\ProtectDISC\License Helper v2\NPPDLicenseHelper.dll ( )
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: File not found
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/17 17:07:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012/08/24 07:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions
[2012/08/24 07:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions\ideskbrowser@haufe.de
[2011/11/12 15:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\2zh6uscq.default\extensions
[2011/11/12 15:44:15 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\2zh6uscq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/10/11 13:59:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\hcr05ihw.default\extensions
[2012/09/27 03:39:15 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\hcr05ihw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/10/17 17:06:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/17 17:06:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/10/17 17:06:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/10/17 17:07:00 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/04 22:38:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/30 04:56:16 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/04 22:38:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/11/04 22:38:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/04 22:38:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/11/04 22:38:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010/10/10 12:49:34 | 000,000,828 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - File not found
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3:64bit: - HKU\Alex_ON_D\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKU\Alex_ON_D\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKU\Alex_ON_D\..\Toolbar\WebBrowser: (BittorrentBar_DE Toolbar) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - File not found
O4 - HKLM..\Run: [avgnt] File not found
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKU\Alex_ON_D..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\Alex_ON_D..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\Alex_ON_D..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
O4 - HKU\UpdatusUser_ON_D..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_D..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk ()
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ()
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk ()
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TwonkyManager.lnk ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Alex_ON_D\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Alex_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Alex_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_D\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_D\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\systemprofile_ON_D\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\UpdatusUser_ON_D\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
MsConfig:64bit - StartUpReg: BitTorrent - hkey= - key= - C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
MsConfig:64bit - State: "bootini" - 2
MsConfig:64bit - State: "startup" - 2
========== Files/Folders - Created Within 30 Days ==========
[2012/12/27 10:41:06 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012/04/09 09:51:25 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Alex\AppData\Roaming\pcouffin.sys
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/12/20 04:18:59 | 000,000,790 | ---- | M] () -- C:\Users\Alex\Desktop\CCleaner.lnk
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/09/10 05:16:54 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\lirsgt.sys
[2012/06/25 19:06:25 | 003,166,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/06/08 17:16:12 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv6
[2012/04/09 09:51:25 | 000,099,384 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\inst.exe
[2012/04/09 09:51:25 | 000,007,859 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\pcouffin.cat
[2012/04/09 09:51:25 | 000,001,167 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\pcouffin.inf
[2012/01/08 08:25:16 | 000,003,584 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/15 09:52:03 | 000,252,928 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2011/10/14 09:42:27 | 000,000,268 | RH-- | C] () -- C:\ProgramData\MAS
[2011/10/14 09:42:27 | 000,000,268 | RH-- | C] () -- C:\Users\Alex\AppData\Roaming\Licenses
[2011/10/14 09:42:27 | 000,000,012 | RH-- | C] () -- C:\ProgramData\NetServices
[2011/10/14 09:42:04 | 000,000,000 | ---- | C] () -- C:\ProgramData\Licenses
[2011/10/14 09:42:02 | 000,000,000 | ---- | C] () -- C:\ProgramData\Legacy
[2011/09/23 19:40:03 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI
[2011/09/23 07:06:53 | 000,000,268 | RH-- | C] () -- C:\ProgramData\MIDI Configurations
[2011/09/23 07:06:53 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Logs
[2011/09/23 07:06:53 | 000,000,268 | RH-- | C] () -- C:\Users\Alex\AppData\Roaming\Light Machine
[2011/09/23 07:06:53 | 000,000,268 | RH-- | C] () -- C:\Users\Alex\AppData\Roaming\Libraries
[2011/09/23 07:06:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011/09/23 07:06:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011/09/23 07:06:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011/09/23 07:06:53 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Organic
[2011/09/23 07:06:53 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Nature
[2011/09/11 05:45:09 | 000,001,982 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\logs.dat
[2011/08/25 15:46:17 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011/08/13 15:40:27 | 000,141,736 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/06/30 09:23:49 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/06/30 09:19:01 | 000,031,864 | ---- | C] () -- C:\Windows\maxlink.ini
[2011/02/12 18:47:50 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011/01/06 16:19:00 | 000,000,061 | -HS- | C] () -- C:\Windows\cnerolf.dat
[2010/12/17 22:50:52 | 000,552,960 | ---- | C] () -- C:\Windows\SysWow64\FS2AUDIO.dll
[2010/10/14 17:11:40 | 000,000,439 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\TheHunterSettings_live.bin
[2010/10/14 17:07:13 | 000,000,043 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\TheHunterSettings_live.cfg
[2010/10/04 14:11:38 | 000,000,082 | ---- | C] () -- C:\Users\Alex\AppData\Local\X-Plane Installer.prf
[2010/10/04 05:22:35 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2010/09/26 04:31:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/07/09 15:29:23 | 001,648,546 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/07/01 15:55:13 | 002,444,656 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_apb.exe
[2010/06/26 14:09:25 | 000,000,090 | -HS- | C] () -- C:\Windows\cnerolf.bin
[2010/06/23 19:25:23 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/06/18 16:14:32 | 000,000,133 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\default.pls
[2010/06/08 11:31:45 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\prospeed_bmp2jpg.dll
[2010/06/04 03:31:44 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/06/03 10:15:29 | 000,007,867 | ---- | C] () -- C:\Windows\Irremote.ini
[2010/05/29 08:31:34 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/05/29 07:27:52 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/05/29 07:27:51 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/05/29 07:27:51 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/05/28 16:17:57 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/01/15 19:15:58 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2006/04/21 03:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\HtmlHelp.dll
========== LOP Check ==========
[2012/07/20 19:21:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\.mono
[2012/06/18 02:50:17 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\1&1
[2011/10/14 14:16:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\AKVIS
[2012/08/13 13:15:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\AnvSoft
[2010/09/15 12:44:53 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ArmA II Launcher
[2010/06/30 18:27:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\astragon Software GmbH
[2012/05/24 04:32:30 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Atari
[2012/05/13 06:34:20 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Audacity
[2011/11/07 12:02:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BF3CC
[2012/08/10 08:27:01 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BitTorrent
[2010/10/04 15:44:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BlackBean
[2011/04/08 06:39:09 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Bridge!
[2012/08/19 04:17:26 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Broad Intelligence
[2011/06/26 12:59:17 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BuddyW
[2010/11/12 10:41:22 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ChartViewer
[2010/05/29 08:45:54 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2011/07/11 09:48:01 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Day 1 Studios
[2012/09/21 19:00:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2012/10/18 10:05:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DNA
[2012/09/29 13:00:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoft
[2012/08/19 04:25:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/09/20 03:33:07 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Freemium
[2011/10/13 01:42:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\gtk-2.0
[2011/06/19 10:46:08 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Gutscheinmieze
[2012/08/24 07:01:57 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Haufe Mediengruppe
[2010/07/24 10:29:11 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\HU2011
[2012/05/27 19:32:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Kalypso Media
[2010/07/15 12:01:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Laix
[2010/11/18 17:37:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Leadertech
[2012/03/16 16:42:09 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\lennox
[2012/08/24 06:55:26 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Lexware
[2011/09/29 20:57:09 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LimeWire
[2012/06/07 11:09:02 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Lockheed Martin
[2010/07/16 12:27:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Metaversum
[2012/08/13 12:51:19 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\MOVAVI
[2012/06/23 09:05:40 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\MyPhoneExplorer
[2010/07/28 02:34:33 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Need for Speed World
[2011/09/29 11:35:07 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Nikon
[2011/05/29 17:04:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Notepad++
[2012/08/10 14:29:05 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Origin
[2010/12/07 09:11:22 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ProtectDISC
[2010/08/26 09:38:02 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Quest3D
[2010/12/12 13:32:22 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\RapidCRC
[2010/05/29 09:21:43 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\RigNRoll_ger
[2010/08/26 09:38:31 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Roaming
[2010/09/04 16:46:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\six-rsync
[2010/11/17 11:50:40 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\six-updater
[2010/09/04 18:06:15 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Spirited Machine
[2011/01/23 18:33:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sytexis Software
[2012/03/11 07:51:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TeamViewer
[2011/01/25 16:10:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Thunderbird
[2012/08/04 06:16:28 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TS3Client
[2011/11/13 02:19:29 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ts3overlay
[2012/08/14 08:32:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Tunngle
[2012/06/25 18:59:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Ubisoft
[2012/07/12 17:28:44 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Unity
[2012/06/07 11:07:49 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\VAT-Spy
[2012/06/07 11:18:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Virtuali
[2012/04/09 10:09:09 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Vso
[2010/12/28 13:49:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\wargaming.net
[2012/04/28 06:17:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\YoudaGames
[2012/07/20 19:21:18 | 000,000,000 | ---D | M] -- C:\ProgramData\.mono
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2011/12/18 07:15:41 | 000,000,000 | ---D | M] -- C:\ProgramData\ClubSanDisk
[2011/09/21 17:59:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Codemasters
[2011/01/23 10:24:07 | 000,000,000 | ---D | M] -- C:\ProgramData\createpart
[2010/05/29 08:42:33 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2010/12/07 09:11:24 | 000,000,000 | ---D | M] -- C:\ProgramData\DATA BECKER Downloads
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2010/10/12 12:20:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\DSS
[2010/05/29 05:21:14 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Core
[2012/02/24 18:11:39 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Logs
[2011/09/29 21:26:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2011/09/23 07:06:53 | 000,000,000 | ---D | M] -- C:\ProgramData\EnterNHelp
[2012/09/07 05:35:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Esellerate
[2011/01/23 10:17:09 | 000,000,000 | ---D | M] -- C:\ProgramData\explauncher
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2012/08/24 06:52:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Haufe
[2010/10/14 15:35:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Hunter
[2012/04/28 06:17:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Intenium
[2011/01/23 10:17:08 | 000,000,000 | ---D | M] -- C:\ProgramData\launcher
[2012/08/24 06:55:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Lexware
[2011/09/23 19:40:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Nikon
[2012/03/16 17:01:03 | 000,000,000 | ---D | M] -- C:\ProgramData\OMSI AM
[2012/09/22 17:01:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Origin
[2011/10/21 20:22:32 | 000,000,000 | ---D | M] -- C:\ProgramData\RELOADED
[2011/12/03 18:33:56 | 000,000,000 | ---D | M] -- C:\ProgramData\ROCCAT
[2011/07/01 11:55:30 | 000,000,000 | ---D | M] -- C:\ProgramData\ScanSoft
[2010/06/26 09:58:56 | 000,000,000 | ---D | M] -- C:\ProgramData\SEGA Corporation
[2011/09/30 10:51:48 | 000,000,000 | ---D | M] -- C:\ProgramData\sgs
[2011/08/14 05:23:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Solidshield
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2012/10/16 17:09:17 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2012/08/29 14:58:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Tunngle
[2012/10/18 10:39:32 | 000,000,000 | ---D | M] -- C:\ProgramData\twonkymedia
[2010/05/29 07:42:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Ubisoft
[2011/09/23 07:06:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Ultima_T15
[2012/01/08 08:24:08 | 000,000,000 | ---D | M] -- C:\ProgramData\VideoConverter
[2012/06/07 11:14:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Virtuali
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012/04/09 10:03:14 | 000,000,000 | ---D | M] -- C:\ProgramData\vsosdk
[2010/06/21 13:53:15 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/10/17 16:40:01 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4073651736-2417090932-1084573536-1001Core.job
[2012/10/18 07:40:01 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4073651736-2417090932-1084573536-1001UA.job
[2012/10/18 10:39:05 | 000,000,310 | -HS- | M] () -- C:\Windows\Tasks\fsiyim.job
[2012/09/19 10:42:50 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< Code:Alles auswählenAufklappen >
< %SYSTEMDRIVE%\*. >
[2012/11/15 10:09:59 | 000,000,000 | ---D | M] -- C:\$Recycle.Bin
[2010/09/04 16:42:31 | 000,000,000 | ---D | M] -- C:\.gem
[2011/10/15 11:53:18 | 000,000,000 | ---D | M] -- C:\Boot
[2012/12/23 18:06:54 | 000,000,000 | ---D | M] -- C:\Config.Msi
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012/11/15 10:28:05 | 000,000,000 | ---D | M] -- C:\DOSBox-0.72
[2012/08/23 05:53:56 | 000,000,000 | ---D | M] -- C:\Games
[2010/05/21 07:56:20 | 000,000,000 | ---D | M] -- C:\Intel
[2012/12/27 16:06:19 | 000,000,000 | ---D | M] -- C:\Kaspersky Rescue Disk 10.0
[2010/07/15 13:29:22 | 000,000,000 | ---D | M] -- C:\Lichterfelde
[2011/04/17 05:06:20 | 000,000,000 | ---D | M] -- C:\m-r-software
[2012/12/20 18:17:09 | 000,000,000 | ---D | M] -- C:\msdownld.tmp
[2010/06/13 04:13:46 | 000,000,000 | R--D | M] -- C:\MSOCache
[2012/05/05 05:17:16 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009/07/13 22:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012/10/01 14:38:55 | 000,000,000 | ---D | M] -- C:\Planer2
[2012/09/07 07:34:40 | 000,000,000 | ---D | M] -- C:\Program Files
[2012/11/22 07:55:02 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012/10/09 05:02:16 | 000,000,000 | ---D | M] -- C:\ProgramData
[2010/07/15 11:27:19 | 000,000,000 | ---D | M] -- C:\ProgramData (x86)
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\Programme
[2010/10/02 04:33:17 | 000,000,000 | ---D | M] -- C:\Python26
[2010/05/28 16:17:57 | 000,000,000 | ---D | M] -- C:\RaidTool
[2010/05/28 16:17:29 | 000,000,000 | ---D | M] -- C:\Recovery
[2012/09/06 15:49:29 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012/10/05 02:50:07 | 000,000,000 | ---D | M] -- C:\temp
[2010/06/03 10:29:45 | 000,000,000 | ---D | M] -- C:\TempDump
[2011/09/11 05:45:09 | 000,000,000 | ---D | M] -- C:\timer2tray
[2010/11/20 18:15:10 | 000,000,000 | ---D | M] -- C:\tmp
[2012/08/04 20:21:49 | 000,000,000 | ---D | M] -- C:\Ubisoft
[2012/02/24 06:47:30 | 000,000,000 | R--D | M] -- C:\Users
[2012/10/16 21:01:17 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\System32\cngaudit.dll
[2009/07/13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/02/18 03:03:10 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/10/26 01:46:20 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/02/18 03:03:10 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/10/26 01:46:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/02/18 03:03:10 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/10/26 01:46:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/02/18 03:03:10 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/10/26 01:46:20 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: IASTOR.SYS >
[2009/10/02 06:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\OemDrv\iaStor.sys
[2009/10/02 06:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\System32\drivers\iaStor.sys
[2009/10/02 06:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b03f80929ac23556\iaStor.sys
[2009/10/02 06:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_amd64_neutral_093f326ff5f9285e\iaStor.sys
[2009/10/02 06:40:50 | 000,432,664 | ---- | M] (Intel Corporation) MD5=D5EDB998656E6ECF1A17C78DAB019A3C -- C:\Windows\Drivers\iastor\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010/11/20 08:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 08:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 01:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 01:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 01:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 01:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 01:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 01:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/07/13 20:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 08:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\System32\netlogon.dll
[2010/11/20 08:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 07:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 07:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 01:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 01:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 01:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 01:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 01:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 01:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 08:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 08:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 20:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 07:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 07:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 08:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\System32\scecli.dll
[2010/11/20 08:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010/11/20 07:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/20 07:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009/07/13 20:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/13 20:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010/11/20 08:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\System32\user32.dll
[2010/11/20 08:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\System32\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\System32\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/02/18 03:03:10 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/02/18 03:03:10 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009/07/13 19:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/13 19:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
Invalid Environment Variable: %USERPROFILE%\*.*
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 234 bytes -> C:\ProgramData\TEMP:0BB9B46A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:74603393
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:054B9966
< End of report >
--- --- --- |
