| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Weißer Bildschirm warten Verbindung wird hergestelltWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.05.2012, 13:43
| #1 |
| |  Weißer Bildschirm warten Verbindung wird hergestellt Weißer Bildschirm warten Verbindung wird hergestellt steht auf,m Startbildschirm (nix,s geht mehr). ReatogoPE hab ich Downgelodet (gebrannt) und von CD gebootet. OTL#flythingpc#.txt und Extras#flythingpc#.txt hab ich gefertigt...glaub ich mal. Kann mir jemand weiterhelfen? Danke im voraus flything Hmmm kann mir keiner helfen? Danke im voraus flything[/QUOTE] OTL Logfile: Code:
ATTFilter OTL logfile created on: 5/28/2012 6:12:45 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 100.00 Mb Total Space | 60.95 Mb Free Space | 60.95% Space Free | Partition Type: NTFS
Drive D: | 341.70 Gb Total Space | 196.05 Gb Free Space | 57.37% Space Free | Partition Type: NTFS
Drive E: | 589.71 Gb Total Space | 530.86 Gb Free Space | 90.02% Space Free | Partition Type: NTFS
Drive F: | 14.88 Gb Total Space | 14.46 Gb Free Space | 97.16% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto] -- -- (ZSMC303)
SRV - File not found [Auto] -- -- (zebrmdmc)
SRV - File not found [Auto] -- -- (Xyz777s)
SRV - File not found [Auto] -- -- (x10nets)
SRV - File not found [Auto] -- -- (WLAN_USB)
SRV - File not found [Auto] -- -- (winpowermonitor)
SRV - File not found [Auto] -- -- (wg6n)
SRV - File not found [Auto] -- -- (wg3n)
SRV - File not found [Auto] -- -- (wampmysqld)
SRV - File not found [Auto] -- -- (w800obex)
SRV - File not found [Auto] -- -- (w550mdfl)
SRV - File not found [Auto] -- -- (vpcusb)
SRV - File not found [Auto] -- -- (vetfddnt)
SRV - File not found [Auto] -- -- (usbmate)
SRV - File not found [Auto] -- -- (USB_RNDIS)
SRV - File not found [Auto] -- -- (ultra66)
SRV - File not found [Auto] -- -- (tpkd)
SRV - File not found [Auto] -- -- (tfsnifs)
SRV - File not found [Auto] -- -- (syslogd)
SRV - File not found [Auto] -- -- (SymIMMP)
SRV - File not found [Auto] -- -- (StarOpen)
SRV - File not found [Auto] -- -- (stacsv)
SRV - File not found [Auto] -- -- (stac97)
SRV - File not found [Auto] -- -- (srtspx)
SRV - File not found [Auto] -- -- (sonypvs1)
SRV - File not found [Auto] -- -- (SE26obex)
SRV - File not found [Auto] -- -- (s3savagenb)
SRV - File not found [Auto] -- -- (s117mdm)
SRV - File not found [Auto] -- -- (rslinxng)
SRV - File not found [Auto] -- -- (rnadiagreceiver)
SRV - File not found [Auto] -- -- (RivaTuner32)
SRV - File not found [Auto] -- -- (RecAgent)
SRV - File not found [Auto] -- -- (rapapp)
SRV - File not found [Auto] -- -- (pcampr5)
SRV - File not found [Auto] -- -- (pae_avs)
SRV - File not found [Auto] -- -- (nwlnkipx)
SRV - File not found [Auto] -- -- (NETw5x32)
SRV - File not found [Auto] -- -- (netmdsb)
SRV - File not found [Auto] -- -- (netdevio)
SRV - File not found [Auto] -- -- (milshieldcleaner)
SRV - File not found [Auto] -- -- (merakcontrol)
SRV - File not found [Auto] -- -- (lxbt_device)
SRV - File not found [Auto] -- -- (lwwlicenseservice)
SRV - File not found [Auto] -- -- (lvselsus)
SRV - File not found [Auto] -- -- (LVRS)
SRV - File not found [Auto] -- -- (lmouflt2)
SRV - File not found [Auto] -- -- (KMW_USB)
SRV - File not found [Auto] -- -- (jaguar)
SRV - File not found [Auto] -- -- (ispwdsvc)
SRV - File not found [Auto] -- -- (ipahelper.exe)
SRV - File not found [Auto] -- -- (ilicensesvc)
SRV - File not found [Auto] -- -- (iaimfp2)
SRV - File not found [Auto] -- -- (HpqRemHid)
SRV - File not found [Auto] -- -- (hpn)
SRV - File not found [Auto] -- -- (HPFECP20)
SRV - File not found [Auto] -- -- (hcf_msft)
SRV - File not found [Auto] -- -- (hap16v2k)
SRV - File not found [Auto] -- -- (emAudio)
SRV - File not found [Auto] -- -- (dsunidrv)
SRV - File not found [Auto] -- -- (DMICall)
SRV - File not found [Auto] -- -- (Defrag32b)
SRV - File not found [Auto] -- -- (DBService)
SRV - File not found [Auto] -- -- (db2licd)
SRV - File not found [Auto] -- -- (ctac32k)
SRV - File not found [Auto] -- -- (cmudau)
SRV - File not found [Auto] -- -- (cics.region2)
SRV - File not found [Auto] -- -- (cdvp)
SRV - File not found [Auto] -- -- (ccispwdsvc)
SRV - File not found [Auto] -- -- (Cap7134)
SRV - File not found [Auto] -- -- (ca-messagequeuing)
SRV - File not found [Auto] -- -- (bhmonitorservice)
SRV - File not found [Auto] -- -- (bb-run)
SRV - File not found [Auto] -- -- (avgcoresvc)
SRV - File not found [Auto] -- -- (avg7rsxp)
SRV - File not found [Auto] -- -- (asc3350p)
SRV - File not found [Auto] -- -- (adsservice)
SRV - File not found [Auto] -- -- (admservice)
SRV - [2012/05/16 15:23:05 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/20 21:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/19 07:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto] -- D:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/11/09 23:11:20 | 000,176,128 | ---- | M] (AMD) [Auto] -- D:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/11/09 17:07:44 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto] -- D:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011/08/12 12:13:26 | 000,087,040 | ---- | M] () [Auto] -- D:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011/08/02 05:47:34 | 000,063,488 | ---- | M] () [Auto] -- D:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe -- (CDMA Device Service)
SRV - [2011/06/22 05:17:08 | 000,846,056 | ---- | M] (Acronis) [Auto] -- D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/02/18 10:30:32 | 007,233,952 | ---- | M] () [Auto] -- D:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe -- (SamsungAllShare)
SRV - [2011/02/18 10:30:22 | 000,022,464 | ---- | M] (Samsung Electronics) [Auto] -- D:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011/02/11 03:28:35 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- D:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2011/02/10 17:00:58 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- D:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2011/01/27 11:51:04 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto] -- D:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/05/25 13:53:50 | 002,155,848 | ---- | M] () [Auto] -- D:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector)
SRV - [2010/04/06 11:30:38 | 000,031,272 | ---- | M] () [On_Demand] -- D:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2010/01/18 22:31:26 | 000,072,304 | R--- | M] () [Auto] -- D:\Windows\System32\XSrvSetup.exe -- (JMB36X)
SRV - [2009/12/17 12:04:18 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto] -- D:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009/08/24 09:38:06 | 000,068,136 | ---- | M] () [Auto] -- D:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2009/08/04 12:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto] -- D:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009/07/30 15:20:04 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [On_Demand] -- D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/04/19 03:33:38 | 000,387,616 | ---- | M] () [Auto] -- D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009/04/19 03:33:38 | 000,178,720 | ---- | M] () [Auto] -- D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2008/07/02 17:43:50 | 000,083,248 | ---- | M] (iAnywhere Solutions, Inc.) [Auto] -- D:\Program Files\Sybase\SQL Anywhere 9\Win32\dbsrv9.exe -- (ASANYs_LXDBSRV)
SRV - [2008/02/11 06:58:00 | 000,151,552 | ---- | M] () [On_Demand] -- D:\Program Files\Common Files\BCL Technologies\NitroPDF5\bepldr.exe -- (bepldr)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (VGPU)
DRV - File not found [Kernel | On_Demand] -- -- (VcommMgr)
DRV - File not found [Kernel | On_Demand] -- -- (VComm)
DRV - File not found [Kernel | On_Demand] -- -- (tsusbhub)
DRV - File not found [Kernel | On_Demand] -- -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand] -- -- (dgderdrv)
DRV - File not found [Kernel | On_Demand] -- -- (Btcsrusb)
DRV - [2012/05/28 09:31:22 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- D:\Windows\gdrv.sys -- (gdrv)
DRV - [2011/12/08 00:22:40 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2011/12/08 00:22:40 | 000,100,352 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssceserd.sys -- (ssceserd) SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM)
DRV - [2011/12/08 00:22:40 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2011/12/08 00:22:40 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2011/12/08 00:22:38 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.)
DRV - [2011/12/08 00:22:38 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2011/12/08 00:22:38 | 000,080,184 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2011/11/09 23:44:12 | 008,913,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/11/09 23:44:12 | 008,913,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/11/09 22:12:20 | 000,263,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/10/03 08:19:10 | 000,601,408 | ---- | M] (Acronis) [Kernel | Boot] -- D:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2011/10/03 08:18:58 | 000,125,472 | ---- | M] (Acronis) [Kernel | Boot] -- D:\Windows\System32\drivers\vididr.sys -- (vididr)
DRV - [2011/10/03 08:18:56 | 000,083,392 | ---- | M] (Acronis) [Kernel | Boot] -- D:\Windows\System32\drivers\vsflt53.sys -- (vidsflt53) Acronis Disk Storage Filter (53)
DRV - [2011/10/03 08:18:54 | 000,169,088 | ---- | M] (Acronis) [Kernel | Boot] -- D:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2011/09/13 03:31:56 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- D:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/06/24 01:25:26 | 000,039,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto] -- D:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.01)
DRV - [2011/05/06 03:35:25 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- D:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2011/02/24 19:02:16 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- D:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2011/02/10 17:00:57 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- D:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2011/02/10 16:59:44 | 000,420,920 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- D:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011/02/10 16:48:47 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- D:\Windows\System32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2011/02/10 16:48:30 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- D:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 06:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/11/17 08:04:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010/06/23 05:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand] -- D:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/04/06 11:30:24 | 000,018,984 | ---- | M] () [Kernel | System] -- D:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010/02/24 06:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- D:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2010/02/18 04:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- D:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2010/01/27 04:58:32 | 000,098,928 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- D:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2010/01/26 23:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009/11/20 07:15:18 | 000,137,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2009/11/20 07:15:16 | 000,058,880 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009/10/26 18:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/09/17 14:02:04 | 001,086,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/07/28 14:01:26 | 000,069,480 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- D:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2009/07/28 12:38:00 | 000,049,016 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2009/07/27 14:09:28 | 000,055,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2009/07/24 05:31:58 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2009/07/13 18:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/07/07 15:38:34 | 000,168,936 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2009/06/30 12:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009/06/19 03:57:20 | 000,079,872 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2009/06/19 03:56:48 | 000,042,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2009/06/17 05:59:46 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2009/04/30 08:06:56 | 000,287,008 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009/01/07 18:39:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot] -- D:\Windows\System32\drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2008/12/07 07:44:54 | 000,030,088 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2008/07/02 09:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2005/12/01 05:49:22 | 000,023,600 | ---- | M] (Licensed for Gebhard Software) [Kernel | On_Demand] -- D:\Windows\System32\drivers\drhard.sys -- (drhard)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\flything_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.freenet.de/
IE - HKU\flything_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\flything_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\flything_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6A 2D EE B2 5D C9 CB 01 [binary data]
IE - HKU\flything_ON_D\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - D:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\flything_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\flything_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: D:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: D:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: D:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: D:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: D:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.9.9: D:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: D:\Users\flything\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/04/13 00:54:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/29 08:48:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/29 08:48:57 | 000,000,000 | ---D | M]
[2011/02/11 06:28:33 | 000,000,000 | ---D | M] (No name found) -- D:\Users\flything\AppData\Roaming\Mozilla\Extensions
[2012/05/19 11:49:28 | 000,000,000 | ---D | M] (No name found) -- D:\Users\flything\AppData\Roaming\Mozilla\Firefox\Profiles\llhfdp20.default\extensions
[2012/04/29 08:48:57 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- D:\USERS\FLYTHING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LLHFDP20.DEFAULT\EXTENSIONS\{0C07EECD-53B6-4748-BB2B-4395BF51DD8B}.XPI
() (No name found) -- D:\USERS\FLYTHING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LLHFDP20.DEFAULT\EXTENSIONS\{B2CEA309-6B58-4B8C-9D0D-6E65D88F6603}.XPI
[2012/04/20 21:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 00:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/04/20 21:54:08 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/04/20 21:54:08 | 000,002,252 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/20 21:54:08 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/04/20 21:54:08 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/04/20 21:54:08 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/04/20 21:54:08 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
Hosts file not found
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [9txXqR9p2lPiFxH] D:\Users\flything\AppData\Roaming\Diablo_III.exe ()
O4 - HKLM..\Run: [AVG9_TRAY] D:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCU] D:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [HDAudDeck] D:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [ITSecMng] D:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NUSB3MON] D:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKU\flything_ON_D..\Run: [9txXqR9p2lPiFxH] D:\Users\flything\AppData\Roaming\Diablo_III.exe ()
O4 - HKU\flything_ON_D..\Run: [CursorFX] D:\Program Files\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - HKLM..\RunOnce: [GBTUpd] D:\Program Files\Gigabyte\GBTUpd\PreRun.exe (PreRun)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\flything_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\flything_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\flything_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - File not found
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (avgrsstx.dll) - D:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (C:\Users\flything\AppData\Roaming\Diablo_III.exe) - D:\Users\flything\AppData\Roaming\Diablo_III.exe ()
O20 - HKLM Winlogon: UserInit - (C:\Users\flything\AppData\Roaming\Diablo_III.exe) - D:\Users\flything\AppData\Roaming\Diablo_III.exe ()
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\flything_ON_D Winlogon: Shell - (C:\Users\flything\AppData\Roaming\Diablo_III.exe) - D:\Users\flything\AppData\Roaming\Diablo_III.exe ()
O20 - HKU\flything_ON_D Winlogon: UserInit - (C:\Users\flything\AppData\Roaming\Diablo_III.exe) - D:\Users\flything\AppData\Roaming\Diablo_III.exe ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/12/14 10:00:22 | 000,008,192 | ---- | M] (Microsoft) - F:\AutoOff.exe -- [ FAT32 ]
O32 - AutoRun File - [2010/12/14 09:33:52 | 000,000,078 | ---- | M] () - F:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{68aa58cc-41f2-11e0-a1f0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{68aa58cc-41f2-11e0-a1f0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe
O33 - MountPoints2\{7b57d9ba-8ffc-11e0-8e77-6cf049ed0ffc}\Shell - "" = AutoRun
O33 - MountPoints2\{7b57d9ba-8ffc-11e0-8e77-6cf049ed0ffc}\Shell\AutoRun\command - "" = F:\Run.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: lvselsus - File not found
NetSvcs: ispwdsvc - File not found
NetSvcs: KMW_USB - File not found
NetSvcs: avg7rsxp - File not found
NetSvcs: srtspx - File not found
NetSvcs: pcampr5 - File not found
NetSvcs: stac97 - File not found
NetSvcs: sonypvs1 - File not found
NetSvcs: lwwlicenseservice - File not found
NetSvcs: RecAgent - File not found
NetSvcs: stacsv - File not found
NetSvcs: pae_avs - File not found
NetSvcs: bhmonitorservice - File not found
NetSvcs: SymIMMP - File not found
NetSvcs: w800obex - File not found
NetSvcs: lmouflt2 - File not found
NetSvcs: ctac32k - File not found
NetSvcs: adsservice - File not found
NetSvcs: netmdsb - File not found
NetSvcs: LVRS - File not found
NetSvcs: zebrmdmc - File not found
NetSvcs: USB_RNDIS - File not found
NetSvcs: iaimfp2 - File not found
NetSvcs: hap16v2k - File not found
NetSvcs: WLAN_USB - File not found
NetSvcs: ccispwdsvc - File not found
NetSvcs: x10nets - File not found
NetSvcs: ipahelper.exe - File not found
NetSvcs: cmudau - File not found
NetSvcs: admservice - File not found
NetSvcs: bb-run - File not found
NetSvcs: tfsnifs - File not found
NetSvcs: HpqRemHid - File not found
NetSvcs: NETw5x32 - File not found
NetSvcs: emAudio - File not found
NetSvcs: ilicensesvc - File not found
NetSvcs: hpn - File not found
NetSvcs: HPFECP20 - File not found
NetSvcs: SE26obex - File not found
NetSvcs: DMICall - File not found
NetSvcs: vpcusb - File not found
NetSvcs: jaguar - File not found
NetSvcs: merakcontrol - File not found
NetSvcs: hcf_msft - File not found
NetSvcs: rslinxng - File not found
NetSvcs: RivaTuner32 - File not found
NetSvcs: wg6n - File not found
NetSvcs: Defrag32b - File not found
NetSvcs: s3savagenb - File not found
NetSvcs: tpkd - File not found
NetSvcs: w550mdfl - File not found
NetSvcs: db2licd - File not found
NetSvcs: Cap7134 - File not found
NetSvcs: asc3350p - File not found
NetSvcs: syslogd - File not found
NetSvcs: cics.region2 - File not found
NetSvcs: Xyz777s - File not found
NetSvcs: usbmate - File not found
NetSvcs: milshieldcleaner - File not found
NetSvcs: StarOpen - File not found
NetSvcs: winpowermonitor - File not found
NetSvcs: ultra66 - File not found
NetSvcs: wampmysqld - File not found
NetSvcs: dsunidrv - File not found
NetSvcs: rnadiagreceiver - File not found
NetSvcs: netdevio - File not found
NetSvcs: ZSMC303 - File not found
NetSvcs: s117mdm - File not found
NetSvcs: cdvp - File not found
NetSvcs: vetfddnt - File not found
NetSvcs: ca-messagequeuing - File not found
NetSvcs: rapapp - File not found
NetSvcs: avgcoresvc - File not found
NetSvcs: lxbt_device - File not found
NetSvcs: wg3n - File not found
NetSvcs: nwlnkipx - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader - Schnellstart.lnk - D:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk - D:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - ()
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SHIWebOnDiskManager.lnk - - File not found
MsConfig - StartUpReg: Acronis Scheduler2 Service - hkey= - key= - D:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
MsConfig - StartUpReg: AllShareAgent - hkey= - key= - D:\Program Files\Samsung\AllShare\AllShareAgent.exe (Samsung)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: ATICustomerCare - hkey= - key= - D:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
MsConfig - StartUpReg: BCU - hkey= - key= - D:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
MsConfig - StartUpReg: BtTray - hkey= - key= - File not found
MsConfig - StartUpReg: DAEMON Tools Pro Agent - hkey= - key= - D:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
MsConfig - StartUpReg: Device Detector - hkey= - key= - File not found
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - D:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: Facebook Update - hkey= - key= - D:\Users\flything\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - D:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: JMB36X IDE Setup - hkey= - key= - D:\Windows\RaidTool\xInsIDE.exe ()
MsConfig - StartUpReg: KiesHelper - hkey= - key= - D:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - D:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - D:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: LexwareInfoService - hkey= - key= - D:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG)
MsConfig - StartUpReg: Nitro PDF Printer Monitor - hkey= - key= - D:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe ()
MsConfig - StartUpReg: Packtab - hkey= - key= - File not found
MsConfig - StartUpReg: PAS - hkey= - key= - File not found
MsConfig - StartUpReg: RD2011Tray - hkey= - key= - D:\Program Files\DATA BECKER\Rechnungsdruckerei 2011 pro\dbrd2011tray.exe (DATA BECKER)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: StartCCC - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - D:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - D:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TrueImageMonitor.exe - hkey= - key= - D:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
MsConfig - StartUpReg: XFastUsb - hkey= - key= - File not found
MsConfig - StartUpReg: {53C67CA7-EE21-68B3-B30F-FF9548655AC7} - hkey= - key= - File not found
MsConfig - StartUpReg: {A9BCC833-DAA7-1B3C-E8C0-1AD850B0371B} - hkey= - key= - File not found
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetBT - Service
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {Gusfa7ep-lUCJ-Ed2r-Yvs8-fYwL6tnW7CxX} -
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - D:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.ACDV - ACDV.dll File not found
Drivers32: vidc.cvid - D:\Windows\System32\iccvid.dll (Radius Inc.)
========== Files/Folders - Created Within 30 Days ==========
[2012/05/28 13:42:33 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2012/05/28 13:20:29 | 000,000,000 | ---D | C] -- D:\Malwarebytes' Anti-Malware
[2012/05/16 15:11:43 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerApp.exe
[2012/05/16 11:00:52 | 000,000,000 | ---D | C] -- D:\Users\flything\Desktop\Erika
[2012/05/16 00:35:52 | 000,000,000 | ---D | C] -- D:\ProgramData\A-PDF
[2012/05/16 00:35:06 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\A-PDF OCR
[2012/05/16 00:35:06 | 000,000,000 | ---D | C] -- D:\Program Files\A-PDF OCR
[2012/05/12 04:36:50 | 003,968,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntkrnlpa.exe
[2012/05/12 04:36:50 | 003,913,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntoskrnl.exe
[2012/05/12 04:36:50 | 002,343,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys
[2012/05/12 04:36:46 | 001,077,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2012/04/29 08:48:59 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Maintenance Service
[2012/04/29 08:48:59 | 000,000,000 | ---D | C] -- D:\ProgramData\Mozilla
========== Files - Modified Within 30 Days ==========
[2012/05/28 09:38:51 | 000,014,192 | ---- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/28 09:38:51 | 000,014,192 | ---- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/28 09:38:27 | 000,654,076 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2012/05/28 09:38:27 | 000,615,958 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012/05/28 09:38:27 | 000,129,948 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2012/05/28 09:38:27 | 000,106,338 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2012/05/28 09:34:48 | 099,347,336 | ---- | M] () -- D:\Windows\System32\drivers\Avg\incavi.avm
[2012/05/28 09:31:22 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- D:\Windows\gdrv.sys
[2012/05/28 09:31:06 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012/05/28 09:31:03 | 2615,320,576 | -HS- | M] () -- D:\hiberfil.sys
[2012/05/27 19:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At26.job
[2012/05/27 19:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At2.job
[2012/05/27 18:54:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At1.job
[2012/05/27 18:39:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At25.job
[2012/05/27 18:11:25 | 000,245,760 | ---- | M] () -- D:\Users\flything\AppData\Roaming\Diablo_III.exe
[2012/05/27 17:54:12 | 000,000,940 | ---- | M] () -- D:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-600050306-3177566232-1765508890-1000UA.job
[2012/05/27 17:23:00 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/27 17:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At48.job
[2012/05/27 17:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At24.job
[2012/05/27 16:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At47.job
[2012/05/27 16:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At23.job
[2012/05/27 15:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At46.job
[2012/05/27 15:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At22.job
[2012/05/27 14:45:13 | 000,001,060 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012/05/27 14:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At45.job
[2012/05/27 14:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At21.job
[2012/05/27 13:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At44.job
[2012/05/27 13:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At20.job
[2012/05/27 12:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At43.job
[2012/05/27 12:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At19.job
[2012/05/27 11:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At42.job
[2012/05/27 11:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At18.job
[2012/05/27 10:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At41.job
[2012/05/27 10:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At17.job
[2012/05/27 09:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At40.job
[2012/05/27 09:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At16.job
[2012/05/27 08:54:00 | 000,000,918 | ---- | M] () -- D:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-600050306-3177566232-1765508890-1000Core.job
[2012/05/27 08:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At39.job
[2012/05/27 08:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At15.job
[2012/05/27 07:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At38.job
[2012/05/27 07:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At14.job
[2012/05/27 06:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At37.job
[2012/05/27 06:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At13.job
[2012/05/27 05:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At36.job
[2012/05/27 05:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At12.job
[2012/05/27 04:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At35.job
[2012/05/27 04:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At11.job
[2012/05/27 03:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At34.job
[2012/05/27 03:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At10.job
[2012/05/27 02:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At33.job
[2012/05/27 02:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At9.job
[2012/05/27 01:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At32.job
[2012/05/27 01:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At8.job
[2012/05/25 06:41:47 | 005,743,903 | ---- | M] () -- D:\Users\flything\Desktop\baby__feat._cathy_nguyen___traphik.mp3
[2012/05/24 11:17:52 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At28.job
[2012/05/24 11:17:52 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At27.job
[2012/05/24 11:17:52 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At4.job
[2012/05/24 11:17:51 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At31.job
[2012/05/24 11:17:51 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At30.job
[2012/05/24 11:17:51 | 000,000,346 | ---- | M] () -- D:\Windows\tasks\At29.job
[2012/05/24 11:17:51 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At7.job
[2012/05/24 11:17:51 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At6.job
[2012/05/24 11:17:51 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At5.job
[2012/05/24 11:17:50 | 000,000,344 | ---- | M] () -- D:\Windows\tasks\At3.job
[2012/05/17 03:27:25 | 000,625,471 | ---- | M] () -- D:\Windows\System32\drivers\Avg\iavifw.avm
[2012/05/16 15:23:04 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerApp.exe
[2012/05/16 15:23:04 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/05/16 00:35:07 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\A-PDF OCR
[2012/05/12 21:24:12 | 000,572,944 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2012/05/12 21:00:38 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/03 04:33:23 | 000,027,648 | ---- | M] () -- D:\Users\flything\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/29 08:49:00 | 000,001,100 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/04/29 08:49:00 | 000,001,088 | ---- | M] () -- D:\Users\Public\Desktop\Mozilla Firefox.lnk
========== Files Created - No Company Name ==========
[2012/05/27 18:11:55 | 000,245,760 | ---- | C] () -- D:\Users\flything\AppData\Roaming\Diablo_III.exe
[2012/05/27 14:45:13 | 000,001,060 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012/05/25 06:41:47 | 005,743,903 | ---- | C] () -- D:\Users\flything\Desktop\baby__feat._cathy_nguyen___traphik.mp3
[2012/05/17 15:15:49 | 000,655,360 | ---- | C] () -- D:\Users\flything\Desktop\myFear.dll
[2012/05/16 15:11:45 | 000,000,884 | ---- | C] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/29 08:49:00 | 000,001,100 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/04/29 08:49:00 | 000,001,088 | ---- | C] () -- D:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/11/09 22:28:32 | 000,204,960 | ---- | C] () -- D:\Windows\System32\ativvsvl.dat
[2011/11/09 22:28:32 | 000,157,152 | ---- | C] () -- D:\Windows\System32\ativvsva.dat
[2011/11/09 17:39:44 | 000,059,904 | ---- | C] () -- D:\Windows\System32\OpenVideo.dll
[2011/11/09 17:39:32 | 000,054,784 | ---- | C] () -- D:\Windows\System32\OVDecode.dll
[2011/10/21 15:30:14 | 000,243,168 | ---- | C] () -- D:\Windows\System32\atiicdxx.dat
[2011/10/18 03:47:53 | 000,000,000 | ---- | C] () -- D:\Users\flything\AppData\Roaming\LhhLIMyKK7EK
[2011/10/15 18:11:43 | 000,000,000 | ---- | C] () -- D:\Users\flything\AppData\Roaming\dh1dg0766Ai6
[2011/10/03 07:05:19 | 000,000,001 | ---- | C] () -- D:\Users\flything\AppData\Local\llftool.4.12.agreement
[2011/09/12 19:06:16 | 000,003,917 | ---- | C] () -- D:\Windows\System32\atipblag.dat
[2011/06/09 05:33:08 | 000,080,896 | ---- | C] () -- D:\Windows\System32\RDVGHelper.exe
[2011/06/09 05:32:57 | 000,252,928 | ---- | C] () -- D:\Windows\System32\DShowRdpFilter.dll
[2011/06/09 05:32:32 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
[2011/02/26 18:21:17 | 000,031,272 | ---- | C] () -- D:\Windows\System32\AppleChargerSrv.exe
[2011/02/26 18:21:17 | 000,018,984 | ---- | C] () -- D:\Windows\System32\drivers\AppleCharger.sys
[2011/02/26 18:20:32 | 000,072,304 | R--- | C] () -- D:\Windows\System32\XSrvSetup.exe
[2011/02/26 18:19:47 | 000,080,416 | ---- | C] () -- D:\Windows\System32\RtNicProp32.dll
[2011/02/26 18:14:43 | 000,000,010 | ---- | C] () -- D:\Windows\GSetup.ini
[2011/02/25 19:02:29 | 000,000,198 | ---- | C] () -- D:\Windows\ODBCINST.ini
[2011/02/24 19:01:02 | 000,016,070 | ---- | C] () -- D:\Windows\German2.ini
[2011/02/24 18:35:15 | 000,027,648 | ---- | C] () -- D:\Users\flything\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/10 16:29:37 | 000,704,512 | ---- | C] () -- D:\Windows\System32\cohelper.dll
[2011/02/10 16:29:37 | 000,005,940 | ---- | C] () -- D:\Windows\System32\drivers\nvphy.bin
[2011/02/10 15:30:19 | 000,000,000 | ---- | C] () -- D:\Windows\ativpsrm.bin
[2011/01/29 11:00:24 | 000,030,568 | ---- | C] () -- D:\Windows\MusiccityDownload.exe
[2011/01/29 11:00:22 | 000,974,848 | ---- | C] () -- D:\Windows\System32\cis-2.4.dll
[2011/01/29 11:00:22 | 000,081,920 | ---- | C] () -- D:\Windows\System32\issacapi_bs-2.3.dll
[2011/01/29 11:00:22 | 000,065,536 | ---- | C] () -- D:\Windows\System32\issacapi_pe-2.3.dll
[2011/01/29 11:00:22 | 000,057,344 | ---- | C] () -- D:\Windows\System32\issacapi_se-2.3.dll
[2009/11/25 11:39:02 | 000,057,344 | ---- | C] () -- D:\Windows\System32\FKStampPainter20.dll
[2009/11/17 12:13:12 | 000,208,896 | ---- | C] () -- D:\Windows\System32\LXPrnUtil10.dll
[2009/11/17 12:11:26 | 000,303,104 | ---- | C] () -- D:\Windows\System32\dnt27VC8.dll
[2009/11/17 12:09:36 | 000,143,360 | ---- | C] () -- D:\Windows\System32\dntvmc27VC8.dll
[2009/11/17 12:09:20 | 000,086,016 | ---- | C] () -- D:\Windows\System32\dntvm27VC8.dll
[2009/08/27 03:04:12 | 000,207,400 | R--- | C] () -- D:\Windows\GSetup.exe
[2009/07/31 18:04:00 | 000,016,059 | ---- | C] () -- D:\Windows\LxFrame.ini
[2009/07/14 04:47:43 | 000,654,076 | ---- | C] () -- D:\Windows\System32\perfh007.dat
[2009/07/14 04:47:43 | 000,295,922 | ---- | C] () -- D:\Windows\System32\perfi007.dat
[2009/07/14 04:47:43 | 000,129,948 | ---- | C] () -- D:\Windows\System32\perfc007.dat
[2009/07/14 04:47:43 | 000,038,104 | ---- | C] () -- D:\Windows\System32\perfd007.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,572,944 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,615,958 | ---- | C] () -- D:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,106,338 | ---- | C] () -- D:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat
[2009/04/19 03:32:44 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResZHT.dll
[2009/04/19 03:32:42 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResZHC.dll
[2009/04/19 03:32:42 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResSV.dll
[2009/04/19 03:32:42 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResRU.dll
[2009/04/19 03:32:40 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResPTB.dll
[2009/04/19 03:32:40 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResNO.dll
[2009/04/19 03:32:40 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResNL.dll
[2009/04/19 03:32:38 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResKO.dll
[2009/04/19 03:32:38 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResJA.dll
[2009/04/19 03:32:38 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResIT.dll
[2009/04/19 03:32:36 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResFR.dll
[2009/04/19 03:32:36 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResFI.dll
[2009/04/19 03:32:36 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResESM.dll
[2009/04/19 03:32:34 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResES.dll
[2009/04/19 03:32:34 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResENG.dll
[2009/04/19 03:32:32 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResDE.dll
[2009/04/19 03:32:32 | 000,041,504 | ---- | C] () -- D:\Windows\System32\namResDA.dll
[2009/04/19 03:32:30 | 000,129,568 | ---- | C] () -- D:\Windows\System32\nam_page.dll
[2008/12/07 07:44:54 | 000,030,088 | ---- | C] () -- D:\Windows\System32\drivers\btnetBus.sys
[2001/12/12 08:41:36 | 000,041,472 | ---- | C] () -- D:\Windows\System32\W32btstp.dll
[2001/12/12 08:41:36 | 000,025,088 | ---- | C] () -- D:\Windows\System32\W32btxlt.dll
========== LOP Check ==========
[2012/05/16 00:35:52 | 000,000,000 | ---D | M] -- D:\ProgramData\A-PDF
[2011/02/10 16:43:12 | 000,000,000 | ---D | M] -- D:\ProgramData\ACD Systems
[2011/10/18 09:26:31 | 000,000,000 | ---D | M] -- D:\ProgramData\Acronis
[2011/02/10 16:35:22 | 000,000,000 | ---D | M] -- D:\ProgramData\AMD
[2011/02/10 15:50:16 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2011/04/25 11:00:02 | 000,000,000 | ---D | M] -- D:\ProgramData\Artweaver
[2011/02/10 16:44:47 | 000,000,000 | ---D | M] -- D:\ProgramData\ashampoo
[2012/04/13 02:02:55 | 000,000,000 | ---D | M] -- D:\ProgramData\autobingooo
[2011/02/10 16:48:30 | 000,000,000 | ---D | M] -- D:\ProgramData\avg9
[2011/02/25 19:02:14 | 000,000,000 | ---D | M] -- D:\ProgramData\BTrieve
[2012/02/20 01:39:06 | 000,000,000 | ---D | M] -- D:\ProgramData\carspider
[2011/03/15 03:57:21 | 000,000,000 | ---D | M] -- D:\ProgramData\Common Files
[2011/02/10 16:59:18 | 000,000,000 | ---D | M] -- D:\ProgramData\DAEMON Tools Pro
[2011/02/27 05:23:27 | 000,000,000 | ---D | M] -- D:\ProgramData\DATA BECKER Downloads
[2011/02/10 15:50:16 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2011/02/10 15:50:16 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2011/02/10 15:50:16 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2011/02/10 16:34:05 | 000,000,000 | ---D | M] -- D:\ProgramData\FNET
[2011/12/27 10:28:11 | 000,000,000 | ---D | M] -- D:\ProgramData\iRinger
[2011/02/27 12:36:10 | 000,000,000 | ---D | M] -- D:\ProgramData\Lexware
[2011/06/22 00:40:47 | 000,000,000 | ---D | M] -- D:\ProgramData\MWM
[2011/02/11 03:32:11 | 000,000,000 | ---D | M] -- D:\ProgramData\Nitro PDF
[2011/09/04 04:45:27 | 000,000,000 | ---D | M] -- D:\ProgramData\Samsung
[2011/02/10 15:50:16 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2011/11/22 15:25:48 | 000,000,000 | ---D | M] -- D:\ProgramData\TEMP
[2012/04/01 05:06:06 | 000,000,000 | ---D | M] -- D:\ProgramData\TOSHIBA
[2011/02/10 15:50:16 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2011/12/20 18:44:33 | 000,000,000 | ---D | M] -- D:\ProgramData\VOWSoft
[2011/12/19 15:59:46 | 000,000,000 | ---D | M] -- D:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/03/05 01:28:51 | 000,000,000 | ---D | M] -- D:\ProgramData\{E568B6A0-8E02-46C8-8954-00ECD7CD3554}
[2012/05/27 18:54:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At1.job
[2012/05/27 03:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At10.job
[2012/05/27 04:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At11.job
[2012/05/27 05:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At12.job
[2012/05/27 06:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At13.job
[2012/05/27 07:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At14.job
[2012/05/27 08:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At15.job
[2012/05/27 09:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At16.job
[2012/05/27 10:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At17.job
[2012/05/27 11:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At18.job
[2012/05/27 12:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At19.job
[2012/05/27 19:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At2.job
[2012/05/27 13:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At20.job
[2012/05/27 14:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At21.job
[2012/05/27 15:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At22.job
[2012/05/27 16:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At23.job
[2012/05/27 17:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At24.job
[2012/05/27 18:39:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At25.job
[2012/05/27 19:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At26.job
[2012/05/24 11:17:52 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At27.job
[2012/05/24 11:17:52 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At28.job
[2012/05/24 11:17:51 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At29.job
[2012/05/24 11:17:50 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At3.job
[2012/05/24 11:17:51 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At30.job
[2012/05/24 11:17:51 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At31.job
[2012/05/27 01:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At32.job
[2012/05/27 02:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At33.job
[2012/05/27 03:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At34.job
[2012/05/27 04:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At35.job
[2012/05/27 05:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At36.job
[2012/05/27 06:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At37.job
[2012/05/27 07:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At38.job
[2012/05/27 08:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At39.job
[2012/05/24 11:17:52 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At4.job
[2012/05/27 09:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At40.job
[2012/05/27 10:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At41.job
[2012/05/27 11:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At42.job
[2012/05/27 12:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At43.job
[2012/05/27 13:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At44.job
[2012/05/27 14:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At45.job
[2012/05/27 15:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At46.job
[2012/05/27 16:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At47.job
[2012/05/27 17:00:00 | 000,000,346 | ---- | M] () -- D:\Windows\Tasks\At48.job
[2012/05/24 11:17:51 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At5.job
[2012/05/24 11:17:51 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At6.job
[2012/05/24 11:17:51 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At7.job
[2012/05/27 01:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At8.job
[2012/05/27 02:00:00 | 000,000,344 | ---- | M] () -- D:\Windows\Tasks\At9.job
[2012/05/27 08:54:00 | 000,000,918 | ---- | M] () -- D:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-600050306-3177566232-1765508890-1000Core.job
[2012/05/27 17:54:12 | 000,000,940 | ---- | M] () -- D:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-600050306-3177566232-1765508890-1000UA.job
[2012/05/09 01:04:00 | 000,032,640 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/29 21:38:00 | 000,000,440 | ---- | M] () -- D:\Windows\Tasks\SOS Online Backup - flything.job
========== Purity Check ==========
========== Custom Scans ==========
< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- D:\Windows\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/11/09 05:38:18 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/11/09 05:38:18 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: LSASS.EXE >
[2011/11/17 03:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- D:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- D:\Windows\System32\lsass.exe
[2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- D:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011/11/17 01:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- D:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2009/07/13 21:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- D:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009/07/13 21:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- D:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009/07/13 21:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- D:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009/07/13 21:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- D:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2011/11/17 01:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- D:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- D:\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- D:\Windows\System32\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- D:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- D:\Windows\System32\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- D:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- D:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WININIT.EXE >
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- D:\Windows\System32\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- D:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- D:\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 02:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 01:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- D:\Windows\System32\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 21:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
Invalid Environment Variable: %APPDATA%\*.exe
Invalid Environment Variable: %APPDATA%\Adobe\Update\*.*
Invalid Environment Variable: %APPDATA%\Update\*.*
Invalid Environment Variable: %APPDATA%\Microsoft\*.*
Invalid Environment Variable: %ALLUSERSPROFILE%\Favorites\*.*
Invalid Environment Variable: %ALLUSERSPROFILE%\*.*
< %SYSTEMDRIVE%\*.* >
[2009/06/10 17:42:20 | 000,000,024 | ---- | M] () -- D:\autoexec.bat
[2009/06/10 17:42:20 | 000,000,010 | ---- | M] () -- D:\config.sys
[2011/02/26 18:21:20 | 000,000,180 | ---- | M] () -- D:\csb.log
[2012/05/28 13:33:48 | 000,038,064 | ---- | M] () -- D:\Extras.Txt
[2012/05/28 09:31:03 | 2615,320,576 | -HS- | M] () -- D:\hiberfil.sys
[2011/02/26 18:20:02 | 000,000,217 | ---- | M] () -- D:\Install.log
[2011/08/06 15:58:12 | 000,000,207 | ---- | M] () -- D:\navistart.rar
[2012/05/28 13:33:46 | 000,109,396 | ---- | M] () -- D:\OTL.Txt
[2012/05/28 09:31:04 | 3487,096,832 | -HS- | M] () -- D:\pagefile.sys
[2011/02/26 18:17:27 | 000,003,159 | ---- | M] () -- D:\RHDSetup.log
[2012/05/28 09:31:48 | 000,000,144 | ---- | M] () -- D:\service.log
< %PROGRAMFILES%\*.* >
[2009/07/14 00:41:57 | 000,000,174 | -HS- | M] () -- D:\Program Files\desktop.ini
< %PROGRAMFILES%\Internet Explorer\*.* >
[2011/03/19 15:39:55 | 000,022,016 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\ExtExport.exe
[2011/03/19 15:39:55 | 000,002,535 | ---- | M] () -- D:\Program Files\Internet Explorer\ie9props.propdesc
[2011/03/19 15:39:55 | 000,107,008 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\iecleanup.exe
[2011/03/19 15:39:55 | 000,307,200 | ---- | M] () -- D:\Program Files\Internet Explorer\iediagcmd.exe
[2012/02/27 21:13:13 | 000,678,912 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\iedvtool.dll
[2011/03/19 15:39:54 | 000,466,432 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\ieinstal.exe
[2011/03/19 15:39:54 | 000,222,720 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\ielowutil.exe
[2011/03/19 15:39:54 | 000,193,536 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\ieproxy.dll
[2010/12/18 01:29:18 | 000,163,328 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\ieproxy.dll_old0
[2012/02/27 21:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\IEShims.dll
[2010/11/04 22:20:53 | 000,005,436 | ---- | M] () -- D:\Program Files\Internet Explorer\iessetup.ceb
[2009/07/13 21:15:28 | 000,016,384 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\iessetup.dll
[2011/03/19 15:39:55 | 000,748,336 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\iexplore.exe
[2011/03/19 15:39:55 | 000,386,560 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\jsdbgui.dll
[2011/03/19 15:39:54 | 000,104,448 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\jsdebuggeride.dll
[2011/03/19 15:39:54 | 000,049,664 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\JSProfilerCore.dll
[2011/03/19 15:39:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\jsprofilerui.dll
[2009/06/10 17:14:14 | 000,265,720 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\msdbg2.dll
[2011/03/19 15:39:54 | 000,301,056 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\networkinspection.dll
[2009/06/10 17:14:15 | 000,355,832 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\pdm.dll
[2012/02/27 21:58:29 | 000,141,112 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\sqmapi.dll
[2009/07/13 21:16:15 | 000,189,440 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Internet Explorer\sqmapi.dll_old0
Invalid Environment Variable: %USERPROFILE%\*.*
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
< %systemroot%\*. /mp /s >
< %systemroot%\*.exe /90 >
< %systemroot%\system32\*.dll /lockedfiles >
[2010/11/20 08:19:02 | 000,828,928 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\Windows\system32\fontext.dll
[2012/01/04 04:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\Windows\system32\shell32.dll
< %systemroot%\system32\*.dll /90 >
[2012/03/03 01:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\DWrite.dll
[2012/03/01 01:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\imagehlp.dll
[2012/03/01 01:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\wintrust.dll
[2012/03/01 01:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\wmi.dll
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\drivers\*.sys /90 >
[2012/03/01 01:46:57 | 000,019,824 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\drivers\fs_rec.sys
[2012/05/06 08:57:38 | 000,187,904 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\drivers\netbt.sys
[2012/03/17 03:27:18 | 000,056,176 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\drivers\partmgr.sys
[2012/03/30 06:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\drivers\tcpip.sys
< %systemroot%\system32\*.exe /90 >
[2012/05/16 15:23:04 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\system32\FlashPlayerApp.exe
[2012/05/12 21:05:45 | 055,656,824 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\MRT.exe
[2012/03/31 00:39:37 | 003,968,368 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\ntkrnlpa.exe
[2012/03/31 00:39:37 | 003,913,072 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\ntoskrnl.exe
< %systemroot%\system32\config\*.sav >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/07/13 21:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 14:58:12 | 000,030,512 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\spool\prtprocs\w32x86\mdippr.dll
[2010/11/20 08:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- D:\Windows\system32\spool\prtprocs\w32x86\winprint.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\assembly\tmp\*.* /S /MD5 >
< %systemroot%\assembly\GAC_32\*.* /S /MD5 >
[2009/07/13 21:19:59 | 000,004,608 | ---- | M] ( ) MD5=2CBEAFED3233C20DF11B88DF909CD74F -- D:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35\AuditPolicyGPManagedStubs.Interop.dll
[2010/11/20 08:32:20 | 000,238,080 | ---- | M] (Microsoft Corporation) MD5=D6D26A698BCCD17AB0761E6221C5F3C4 -- D:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35\BDATunePIA.dll
[2010/11/04 21:57:39 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=C80DA476BFBAD97D874A0EFE037D7113 -- D:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
[2011/02/25 19:02:19 | 000,238,896 | ---- | M] (iAnywhere Solutions, Inc.) MD5=FC7AA4B1D69D83478313B2BE94A6BD73 -- D:\Windows\assembly\GAC_32\iAnywhere.Data.AsaClient\9.0.2.3687__f222fc4333e0d400\iAnywhere.Data.AsaClient.dll
[2010/11/04 21:57:43 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=D58D4E4AA8D6146D838BE02500F50B27 -- D:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
[2010/11/20 08:32:22 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=7D8676EC6A6ABCF57E1F6CA5372E56EE -- D:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll
[2010/11/20 08:32:22 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=F65CFF843B6E073A4F8188E19EC538D2 -- D:\Windows\assembly\GAC_32\mcupdate\6.1.0.0__31bf3856ad364e35\mcupdate.exe
[2010/11/20 08:32:22 | 000,121,856 | ---- | M] (Microsoft Corporation) MD5=6B35B443F4EF4AA695487BC83EADAEC6 -- D:\Windows\assembly\GAC_32\Mcx2Dvcs\6.1.0.0__31bf3856ad364e35\Mcx2Dvcs.dll
[2009/07/14 04:47:23 | 000,090,112 | ---- | M] (Microsoft Corporation) MD5=3994CBC9EC487E167992FC1D169A32AC -- D:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_de_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll
[2010/11/20 08:35:58 | 000,189,952 | ---- | M] (Microsoft Corporation) MD5=38D88B9F15909C5EB12543B9ADD60665 -- D:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.dll
[2010/11/20 08:35:58 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=7473DCFFD01F73BA2B2621555B02E09A -- D:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.Interop.dll
[2009/07/13 21:24:14 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=269691AFEE6C44C52CDCA23C24BDBB0C -- D:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll
[2009/07/13 21:24:28 | 000,077,824 | ---- | M] (Microsoft Corporation) MD5=BB2BB7BFE455562249E922A7AA4493A5 -- D:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll
[2011/08/17 00:28:53 | 000,280,576 | ---- | M] (Microsoft Corporation) MD5=6A700621ECF04A54DB76EE9D1ADC79B7 -- D:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll
[2010/11/20 08:35:58 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=796046D31F7CEEFFF6243A98FABA290B -- D:\Windows\assembly\GAC_32\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.iTV.Media.dll
[2010/11/20 08:35:58 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=700A8CF1409EBEEAD7D20B704C338C57 -- D:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Mheg\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Mheg.dll
[2010/11/20 08:35:59 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=3B3D543F595910584AC45C75186CD3DA -- D:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Playback\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Playback.dll
[2010/11/20 08:35:58 | 000,307,712 | ---- | M] (Microsoft Corporation) MD5=C6F74E2405934514BB0434B7FCF7B7ED -- D:\Windows\assembly\GAC_32\Microsoft.MediaCenter.TV.Tuners.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.TV.Tuners.Interop.dll
[2009/07/13 21:23:55 | 000,008,192 | ---- | M] ( ) MD5=79D7E7A3CB56C91FE9030C5EFE2DC13C -- D:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.dll
[2010/11/04 21:52:36 | 000,163,840 | ---- | M] (Microsoft Corporation) MD5=059B857CCA35C20F06B5DEBD51C4FB38 -- D:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
[2009/07/13 21:26:31 | 000,008,192 | ---- | M] ( ) MD5=FA44A672F1C12791984D9ECAB7DC3177 -- D:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDEngine.dll
[2010/11/20 08:32:22 | 000,019,968 | ---- | M] ( ) MD5=36D6B6EFE1AFD20700DB4C4E20F400A7 -- D:\Windows\assembly\GAC_32\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.dll
[2009/06/10 17:14:52 | 000,087,888 | ---- | M] (Microsoft Corporation) MD5=2E5F1CF69F92392F8829FC9C9263AE9B -- D:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe
[2009/06/10 17:14:53 | 000,001,581 | ---- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 -- D:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\msbuild.exe.config
[2009/06/10 17:22:47 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp
[2009/06/10 17:22:47 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp
[2009/06/10 17:22:58 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp
[2012/01/03 22:50:59 | 004,550,656 | ---- | M] (Microsoft Corporation) MD5=C850A6041F5AEDE21C53514BBE9AB09D -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
[2009/06/10 17:23:13 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp
[2009/06/10 17:23:13 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp
[2009/06/10 17:23:13 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp
[2009/06/10 17:23:13 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp
[2009/06/10 17:23:13 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp
[2009/06/10 17:23:14 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp
[2009/06/10 17:23:14 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp
[2009/06/10 17:23:17 | 000,262,148 | ---- | M] () MD5=FB59D247F7143C3B9683A547E808A88B -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
[2009/06/10 17:23:17 | 000,020,320 | ---- | M] () MD5=FF13BA175F0013D2311827E0D438C60B -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
[2009/06/10 17:23:23 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- D:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp
[2010/11/20 08:36:00 | 000,046,080 | ---- | M] (Microsoft Corporation) MD5=93C4029DABC19166076BE347283AB969 -- D:\Windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35\NAPCRYPT.DLL
[2010/11/20 08:36:00 | 000,107,008 | ---- | M] (Microsoft Corporation) MD5=E9CFC1884D1E579E82073103827FA62B -- D:\Windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35\NAPHLPR.DLL
[2009/07/13 18:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- D:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.config
[2009/07/13 21:25:25 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=608232474C33C71F863B0866E5165C1C -- D:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.dll
[2009/06/10 17:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- D:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
[2009/07/13 21:26:15 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2641880E8C12BEE37DDC2813908A2A0F -- D:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll
[2009/06/10 17:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- D:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config
[2009/07/13 21:23:30 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=D6C077082EAA747911C212A9EB64A813 -- D:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll
[2009/07/13 18:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- D:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.config
[2009/07/13 21:22:54 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=331021DA8B00A9ADCDD54B5782943204 -- D:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.dll
[2009/07/13 18:04:08 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- D:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.config
[2009/07/13 21:23:04 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=B3DB67C90DBBB75BFE110A86E951C2EC -- D:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.dll
[2012/02/10 19:31:40 | 004,218,880 | ---- | M] (Microsoft Corporation) MD5=AEDDFD540E3E6BECDB14C30D1F12B78A -- D:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
[2009/06/10 17:14:51 | 000,000,161 | ---- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 -- D:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config
[2012/02/10 19:31:42 | 001,737,496 | ---- | M] (Microsoft Corporation) MD5=DDFBFD8959F32AC0CF3947F36BAC3081 -- D:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
[2010/11/04 21:58:05 | 000,486,400 | ---- | M] (Microsoft Corporation) MD5=ED40D020A6A82748394F1653CE324CE4 -- D:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
[2010/11/04 21:58:05 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=35CAB7CF3754C41AEB69DCE1D5ACA5A4 -- D:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
[2010/11/04 21:58:08 | 000,258,048 | ---- | M] (Microsoft Corporation) MD5=6DB969DF540BC71722848940D180AC08 -- D:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
[2010/11/20 00:12:59 | 000,113,664 | ---- | M] (Microsoft Corporation) MD5=C865DC05ADE0B41A9E14DD585E0CDF94 -- D:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
[2012/02/10 19:31:41 | 000,372,736 | ---- | M] (Microsoft Corporation) MD5=A151947AD131A883870A6174CACF423B -- D:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
[2009/06/10 17:23:19 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=5F3F1BF5F5B43293953FC915845910C4 -- D:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
[2011/12/25 16:42:15 | 005,255,168 | ---- | M] (Microsoft Corporation) MD5=7D2B8E2CE3EF2DC633689F1E1F4A7504 -- D:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
< %systemroot%\assembly\GAC_64\*.* /S /MD5 >
< CREATERESTOREPOINT >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
"DefaultConnectionSettings" = [Binary data over 100 bytes]
"SavedLegacySettings" = [Binary data over 100 bytes]
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows >
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Help]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\HTML Help]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ITStorage]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ScheduledDiagnostics]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Tablet PC]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\TabletPC]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Search]
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[D:\Windows\$NtUninstallKB44326$] -> -> Unknown point type
< End of report >
|
|
30.05.2012, 13:48
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Weißer Bildschirm warten Verbindung wird hergestellt Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung?
__________________Abgesicherter Modus zur Bereinigung
__________________ |
|
| Themen zu Weißer Bildschirm warten Verbindung wird hergestellt |
| 4d36e972-e325-11ce-bfc1-08002be10318, becker, bildschirm, device driver, disabletaskmgr, extras, hergestellt, langs, limited.com/facebook, plug-in, staropen, startbildschirm, tablet, usb 3.0, vdeck.exe, verbindung, verbindung wird hergestellt, version=1.0, weiterhelfen, weißer, weißer bildschirm, wrapper |
Linear-Darstellung
