Hier ist der Scan es hat alle funktioniert: Code:
OTL logfile created on: 1/16/2012 7:23:56 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows 7 Ultimate (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files
Drive D: | 68.36 Gb Total Space | 4.27 Gb Free Space | 6.25% Space Free | Partition Type: NTFS
Drive E: | 115.69 Gb Total Space | 53.33 Gb Free Space | 46.10% Space Free | Partition Type: NTFS
Drive J: | 1.87 Gb Total Space | 1.79 Gb Free Space | 95.68% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled] -- E:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/09/09 10:11:53 | 004,174,336 | ---- | M] (Native Instruments GmbH) [Disabled] -- E:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2011/08/31 10:00:48 | 000,366,152 | ---- | M] () [Disabled] -- C:\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/19 04:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Disabled] -- E:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/08/04 07:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Disabled] -- C:\hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/04/08 00:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Disabled] -- E:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2009/08/27 10:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto] -- E:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008/08/07 04:10:02 | 003,276,800 | ---- | M] (MAGIX®) [Disabled] -- E:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/09/12 10:15:50 | 000,087,288 | ---- | M] (Valve Corporation) [Disabled] -- E:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2007/05/28 11:57:54 | 000,275,968 | ---- | M] () [Auto] -- C:\Alkohol 120%\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand] -- -- (EagleNT)
DRV - [2012/01/15 08:38:16 | 000,144,384 | ---- | M] () [Kernel | Auto] -- E:\Windows\Temp\5689.sys -- (5689)
DRV - [2011/10/23 10:51:07 | 000,722,416 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- E:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/09/06 05:44:39 | 000,075,344 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ta6usb.sys -- (ta6usb_svc)
DRV - [2011/09/06 05:44:38 | 000,346,192 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ta6avs.sys -- (ta6avs)
DRV - [2011/08/31 10:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- E:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/19 04:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 120(UVC)
DRV - [2011/08/17 04:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011/08/17 04:03:50 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011/04/08 00:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/06/10 07:32:14 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto] -- E:\Windows\system32\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo)
DRV - [2010/04/22 01:20:56 | 000,035,336 | ---- | M] (Saitek) [Kernel | On_Demand] -- E:\Windows\System32\drivers\SaiU0CC3.sys -- (SaiU0CC3)
DRV - [2009/12/23 04:32:26 | 000,086,016 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot] -- E:\Windows\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- E:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:15:13 | 000,387,584 | ---- | M] () [Kernel | System] -- E:\Windows\System32\drivers\csc.sys -- (CSC)
DRV - [2009/07/13 17:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/13 17:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand] -- E:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/03/29 20:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- E:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/03/18 10:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\hamachi.sys -- (hamachi)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Benjamin_ON_E\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/ [binary data]
IE - HKU\Benjamin_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\Benjamin_ON_E\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKU\Benjamin_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: E:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: E:\Users\Benjamin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: E:\Users\Benjamin\AppData\Roaming\Flatcast\NpFv522.dll (1 mal 1 Software GmbH)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
Hosts file not found
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKU\Benjamin_ON_E\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\Benjamin_ON_E\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - E:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4 - HKU\.DEFAULT..\Run: [bhaf] E:\Windows\System32\config\systemprofile\AppData\Local\App\bhaf.dll ()
O4 - HKU\.DEFAULT..\Run: [F2AE843E-8D65-6F6B-59D0-2C74B271AAE2] E:\Windows\System32\config\systemprofile\AppData\Roaming\F2AE843E-8D65-6F6B-59D0-2C74B271AAE2.avi ()
O4 - HKU\Guest_ON_E..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_E..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\Benjamin_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\Benjamin_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Free YouTube to MP3 Converter - E:\Users\Benjamin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - File not found
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB69} hxxp://92.51.137.94/objects/NpFp522.dll (Flatcast Producer 5.2)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} hxxp://operation7.fiaa.eu/OPLauncher.cab (Perparer Class)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} hxxp://92.51.137.94/objects/NpFv522.dll (Flatcast Viewer 5.2)
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} hxxp://92.51.137.94/objects/NpFv530.dll (Flatcast Viewer 5.3)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (E:\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\newasui: DllName - E:\Windows\system32\config\systemprofile\AppData\Local\newasui.dll - E:\Windows\System32\config\systemprofile\AppData\Local\newasui.dll ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/01/29 04:04:48 | 000,000,130 | R--- | M] () - J:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{caa4a224-393e-11e1-a8b0-001bb950cc00}\Shell - "" = AutoRun
O33 - MountPoints2\{caa4a224-393e-11e1-a8b0-001bb950cc00}\Shell\AutoRun\command - "" = L:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - E:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - E:\Windows\system32\Rundll32.exe E:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - E:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "E:\Windows\System32\rundll32.exe" "E:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: E:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^F2AE843E-8D65-6F6B-59D0-2C74B271AAE2.lnk - - File not found
MsConfig - StartUpFolder: E:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk - - File not found
MsConfig - StartUpReg: 0PDbrAJDd - hkey= - key= - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AlcoholAutomount - hkey= - key= - C:\Alkohol 120%\Alcohol 120\axcmd.exe ()
MsConfig - StartUpReg: ApnUpdater - hkey= - key= - File not found
MsConfig - StartUpReg: Babylon Client - hkey= - key= - File not found
MsConfig - StartUpReg: F2AE843E-8D65-6F6B-59D0-2C74B271AAE2 - hkey= - key= - File not found
MsConfig - StartUpReg: Iihyhg - hkey= - key= - File not found
MsConfig - StartUpReg: Logitech Vid - hkey= - key= - E:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
MsConfig - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
MsConfig - StartUpReg: LWS - hkey= - key= - E:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
MsConfig - StartUpReg: MozillaAgent - hkey= - key= - E:\Windows\Temp\_ex-68.exe ()
MsConfig - StartUpReg: msnmsgr - hkey= - key= - E:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: O589cqNO - hkey= - key= - File not found
MsConfig - StartUpReg: Pando Media Booster - hkey= - key= - E:\Program Files\Pando Networks\Media Booster\PMB.exe ()
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: Smad - hkey= - key= - E:\Users\Benjamin\AppData\Local\SanctionedMedia\Smad\Smad.exe (SanctionedMedia)
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Steam.exe ()
MsConfig - StartUpReg: swg - hkey= - key= - E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - StartUpReg: winupdater - hkey= - key= - File not found
MsConfig - State: "startup" - 1
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
========== Files/Folders - Created Within 30 Days ==========
[2012/01/15 08:38:03 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Defender
[2012/01/15 08:38:03 | 000,000,000 | ---D | C] -- E:\Program Files\Security Defender
[2012/01/15 08:29:03 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{9B75BAEF-8AE1-445B-88AA-2F264CC1E127}
[2012/01/15 08:28:47 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{4E6A9264-1FCF-4D04-A126-61EBE0971B5D}
[2012/01/14 17:36:16 | 000,000,000 | ---D | C] -- E:\Users\ich bineintest
[2012/01/14 17:33:23 | 000,000,000 | ---D | C] -- E:\Users\Guest
[2012/01/14 17:18:15 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{70FB35FF-65EE-47B1-9C56-414199FBBA30}
[2012/01/14 17:18:02 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{608C2B0F-789C-4448-A917-FB3055C9CF28}
[2012/01/14 14:09:38 | 000,322,048 | ---- | C] (Microsoft Corporation) -- E:\Users\Benjamin\AppData\Local\agt.exe
[2012/01/14 14:09:37 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\SanctionedMedia
[2012/01/14 05:03:54 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{6D85C10B-697B-4975-A1DA-BC5414AD5661}
[2012/01/14 05:03:39 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{45FE3200-FC29-4EDE-A114-7AC9C99617CC}
[2012/01/13 07:47:15 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\devolo
[2012/01/13 07:47:12 | 000,000,000 | ---D | C] -- E:\Program Files\devolo
[2012/01/13 07:36:23 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{E3C3FF58-8486-41AD-99BA-9DE33E011C86}
[2012/01/13 07:36:09 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{D207C6BA-01F3-44F2-8606-252B1342B09D}
[2012/01/12 10:39:15 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{04C18D22-6C0D-4B0E-8B8D-4A0B67E3B483}
[2012/01/12 10:39:03 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{77CEB53E-3083-46FB-9A4A-CDBBB952D3C2}
[2012/01/11 12:09:49 | 000,000,000 | -HSD | C] -- E:\found.002
[2012/01/11 10:21:54 | 000,716,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript.dll
[2012/01/11 10:21:48 | 000,067,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\packager.dll
[2012/01/11 10:21:46 | 001,328,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\quartz.dll
[2012/01/11 10:21:46 | 000,514,560 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\qdvd.dll
[2012/01/11 10:13:35 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{2C6AE76C-9E48-4487-B62B-23AB9F7FF69A}
[2012/01/11 10:13:20 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{905B60B7-0B54-4CEA-9E19-8F545B98E00F}
[2012/01/10 08:14:23 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{25EEB9D6-1C90-4D50-91A3-EEC63437F2EC}
[2012/01/10 08:13:55 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{2C61BB97-96EE-455C-8071-5C3692F50532}
[2012/01/09 09:45:27 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{8948939C-E1A6-4C52-B7E0-2FF66A74EBEC}
[2012/01/09 09:45:11 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{BC11D1A4-31B8-4F50-9713-992F4FC7EE41}
[2012/01/08 08:06:54 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{C7C58FC4-6F3C-48D1-A67F-7C54CA747398}
[2012/01/08 08:06:42 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{230280FF-624E-45A5-A3D8-7CEBC8CCADF6}
[2012/01/07 18:04:19 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\Documents\Command and Conquer Generals Data
[2012/01/07 16:34:08 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\Desktop\CC Generals
[2012/01/07 13:31:29 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{E95CCC84-CE1A-4C2D-A23D-68568072533F}
[2012/01/07 13:30:54 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{89A51398-F9A2-47E1-B09C-B30B9B42EB36}
[2012/01/07 10:00:51 | 000,000,000 | ---D | C] -- E:\Windows\de
[2012/01/07 09:59:37 | 000,000,000 | ---D | C] -- E:\Windows\en
[2012/01/07 09:55:52 | 000,515,416 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\XAudio2_5.dll
[2012/01/07 09:55:52 | 000,453,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3dx10_42.dll
[2012/01/07 09:55:52 | 000,069,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\XAPOFX1_3.dll
[2012/01/07 09:54:50 | 003,426,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3dx9_32.dll
[2012/01/07 09:50:47 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{BF82411C-7F1D-4C51-B696-367C61AB9C8B}
[2012/01/07 09:50:30 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{C022D9BB-AF85-4FED-825A-3F15F4D4E8AE}
[2012/01/07 06:52:00 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{C4D4A507-6BF3-4A24-B775-DA8EB8BCA11B}
[2012/01/07 06:51:42 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{6815BFB2-CAC0-4C60-BBB3-D776D880CC0E}
[2012/01/06 18:19:25 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{17D347F9-1206-4E9A-B7CF-2568B4EE2089}
[2012/01/06 18:18:50 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{99C7DCDB-EC9F-49CE-B783-55292AF6842A}
[2012/01/06 05:11:12 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{4A1B703A-B47F-4F9B-804B-11082F87CBB6}
[2012/01/06 05:10:59 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{B429FDBE-2F51-4D6F-BA1B-35D22DDEA2CE}
[2012/01/05 07:11:35 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{CEB7A12D-3056-4842-8BB5-CE0960CACF72}
[2012/01/05 07:11:22 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{3A7FEE5A-1245-4F9B-BA67-FA1D518F9B2A}
[2012/01/04 13:24:17 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{B2DD42F8-1B8F-41F8-8DC1-1F7F7AEFA83E}
[2012/01/04 13:24:02 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{146F3788-6435-478D-90C4-13E938148F2B}
[2012/01/04 04:03:14 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{5E0C9394-0F5D-4D28-ADFA-0C8A87E71EAA}
[2012/01/04 04:03:02 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{1CA02708-92FA-43BF-9FED-8F6ED01A0FE5}
[2012/01/03 07:34:10 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{A526A5DE-1B08-4737-B94F-5FEF50F24B20}
[2012/01/03 07:33:56 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{F079CFCA-DA06-4283-9B82-2760FF3B7870}
[2012/01/02 14:59:21 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{A0DFDF2E-0AA3-4B3B-96CB-C043A3A65CAB}
[2012/01/02 14:59:08 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{FD2D01BC-33C4-4906-ABF0-36E9F0DCE064}
[2012/01/02 14:24:10 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{6B688B7F-4DF8-48E6-A6D9-4E964C011AA6}
[2012/01/02 12:57:51 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{A771E582-571E-43C6-909A-952B2961F21F}
[2012/01/02 12:57:38 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{F6ECBCBA-F616-4E0E-82BB-16D9A7C301BE}
[2012/01/02 06:26:42 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{B0E27FD0-C111-4113-9DB5-106C4CCB8AB3}
[2012/01/02 06:26:27 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{6ED8EF42-C6DD-42CF-A095-2BDFAC6A366F}
[2012/01/01 11:21:45 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{AD69DB2C-8B81-4598-96F3-458830222093}
[2012/01/01 11:21:11 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{A4786974-B0A4-4922-AA97-210365DCA216}
[2011/12/30 11:00:15 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\Desktop\UL
[2011/12/30 10:58:23 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\Desktop\Inis
[2011/12/30 10:43:10 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{C5E7C3C8-6AA5-45B0-8366-087BF00952E0}
[2011/12/30 10:42:56 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{90E00EA6-5E45-478A-A955-2F7AE46E1229}
[2011/12/30 10:14:09 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{578A4A50-B4A0-4981-B96C-772160EE130D}
[2011/12/30 06:30:52 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{2EF165B2-93A7-4647-BAE6-A9B87E3BA6C8}
[2011/12/30 06:30:40 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{DEC54424-A1DC-4020-921E-6E756EEC878B}
[2011/12/29 12:26:50 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{7C0E2251-0652-4681-9700-AE5EB86A6B94}
[2011/12/29 12:26:38 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{8E2B3EED-3179-4E66-ABB5-5C59C934BE45}
[2011/12/29 09:04:02 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{E12FC19E-3F68-4DCA-945E-037128B2F52F}
[2011/12/29 09:03:50 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{837828D7-B55F-4170-A7B4-F1D02C54EFFE}
[2011/12/29 08:58:03 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- E:\Windows\System32\CmdLineExt.dll
[2011/12/29 05:55:17 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{562C7BE7-56AA-4EE5-A5EA-2980E159D32E}
[2011/12/29 05:55:05 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{19D3730E-27E2-4C69-B936-6B6A645BB00D}
[2011/12/28 12:18:51 | 000,000,000 | -H-D | C] -- E:\ProgramData\{3228023F-23C6-4EE9-B3CC-F35B35213348}
[2011/12/28 12:17:28 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Impulse
[2011/12/28 11:57:10 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{2653716B-08DD-4885-B970-DAF9039DE1E8}
[2011/12/28 11:56:56 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{717A76C9-F849-4D07-9515-8CF8459765F6}
[2011/12/28 06:18:28 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{68F7D97C-1796-42C6-B22C-FBCFA13DE839}
[2011/12/28 06:18:15 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{86160E46-9B0A-4C37-A31D-A09CEBC1B23A}
[2011/12/27 15:08:28 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{9D31CF0A-B6E4-4F07-996B-F5164E20179A}
[2011/12/27 15:08:10 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{B30955C5-BF40-43E0-9433-BDD8B21C5E14}
[2011/12/27 13:50:24 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{68BB738A-76ED-47E0-80C2-3072E6BB1A26}
[2011/12/27 13:50:12 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{08790207-EAD0-48AA-8F22-9D855C457CA3}
[2011/12/27 13:44:18 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{8830F7C9-5CBB-493B-A84F-ACC48E19C2F6}
[2011/12/27 13:43:39 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{E277AC13-0CAD-4487-98EF-3F8045382D3B}
[2011/12/27 12:58:18 | 000,000,000 | ---D | C] -- E:\Program Files\Winamp
[2011/12/27 06:32:08 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{719A618A-1317-4358-BEDB-7A5B8B645C74}
[2011/12/27 06:31:56 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{6D892F3B-A75D-44A2-B741-6C948BF7DA7B}
[2011/12/27 04:50:19 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{DCAAA21B-DE30-411A-AA67-EECD08A58D96}
[2011/12/27 04:50:07 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{205E7903-5E3C-4497-B77F-BE075143EFBA}
[2011/12/26 16:20:35 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{CA7F5F56-044D-4405-A13D-F115FB7F57F3}
[2011/12/26 16:20:03 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{44ED5889-9F4D-4753-8E74-80093DFB2286}
[2011/12/26 16:15:48 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{A68A45B2-FC3A-4027-AE8C-037860930DCF}
[2011/12/26 15:58:16 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{A1F04F0B-3054-4EAC-896E-FC9D89318D6F}
[2011/12/26 15:57:34 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{AC97AC78-40DD-4311-9FBE-A564A6271640}
[2011/12/26 15:00:27 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{1407E9F7-A1A3-407F-A33E-DA7591BADBE0}
[2011/12/26 14:59:46 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{7C1124E8-B288-4E10-B92A-729F07A1502D}
[2011/12/26 12:49:44 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{D4F8B9E8-183D-47AA-A576-E5876720CE76}
[2011/12/26 12:49:30 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{87F44B4E-8A3C-46D7-901D-C0AC1CFC46B5}
[2011/12/26 11:28:42 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{E0A08087-0E72-4AED-A460-76D7C19DB48B}
[2011/12/26 11:28:29 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{20CEEBD4-F8F0-4B39-9A5B-5B089D80A094}
[2011/12/26 10:41:52 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{8CFE164B-12FA-4356-9409-A429D78D99DF}
[2011/12/26 10:41:37 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{97E58015-ABB6-4D54-B8B1-2AF543E8FE20}
[2011/12/26 05:48:08 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{E8C6B83F-DD88-4351-BA5C-DF74C094EEC1}
[2011/12/26 05:47:54 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{328A5C37-D91A-4828-87C6-EF38056EC64F}
[2011/12/25 17:23:40 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{7D8D8D35-73EB-4F3E-A0AE-3BF68EC4BE9F}
[2011/12/25 17:23:01 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{D63CF22D-4F3C-47D1-ABA2-073CCB831EF8}
[2011/12/25 16:05:54 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{CDF1057B-61E0-4694-A3A4-284BAAD7F4AB}
[2011/12/25 16:05:18 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{A774ABAC-4A08-4301-9734-30BC5DF9E94E}
[2011/12/25 04:09:29 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{4A9FFD6F-6709-4E3C-8DD2-40AB3A7A9CD7}
[2011/12/25 04:09:16 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{2A4C444B-06BA-43E3-9D7E-A73271957726}
[2011/12/25 04:05:15 | 000,000,000 | -HSD | C] -- E:\found.001
[2011/12/24 15:56:32 | 000,000,000 | -H-D | C] -- E:\ProgramData\{62CAB22A-9020-41D6-A410-EAB112E32063}
[2011/12/24 15:49:56 | 000,000,000 | -H-D | C] -- E:\ProgramData\{D25BF89C-A3A2-4699-9DF9-1A91A6139111}
[2011/12/24 15:49:36 | 000,000,000 | -H-D | C] -- E:\ProgramData\{01AD1010-597E-4367-9DEC-23AD9A33492A}
[2011/12/24 15:48:47 | 000,000,000 | -H-D | C] -- E:\ProgramData\{49FAB1E7-7D4E-4015-BBCA-E52669133FB7}
[2011/12/24 04:10:01 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{5276AF88-BA7B-418F-979A-00650E143A04}
[2011/12/24 04:09:44 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{9747DB93-A193-4950-A8A5-B7330C6E7F24}
[2011/12/23 17:33:26 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{A4621FC6-9E96-408D-AD61-F411A6499DA9}
[2011/12/23 17:32:44 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{7C5EC848-9749-456E-8AE4-5E1915AE1971}
[2011/12/23 11:46:56 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\NSV
[2011/12/23 11:16:22 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{08DFB454-CF00-46E9-AC20-D1E90E9AA80C}
[2011/12/23 11:15:46 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{86771E3C-A0AE-4861-83B5-5E73CDEF1A5C}
[2011/12/23 05:45:02 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{96FB162A-1FAC-46DE-86F8-56EF6127AF5E}
[2011/12/23 05:44:47 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{E1839B94-E11D-4ED4-85D2-3D4B6A129A49}
[2011/12/22 06:13:10 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{9A3969B9-28F4-495E-BFA8-947A4B9F532B}
[2011/12/22 06:12:58 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{B9D83C12-6A77-41D2-B7A3-AAA22C8E359C}
[2011/12/21 13:48:19 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{C9E9B5E7-C244-4F29-881D-9D40755B53C1}
[2011/12/21 13:47:53 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{634FBF00-5AE6-4BD6-AC17-8D8379E9D606}
[2011/12/21 09:43:31 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{57CD898C-17A4-4A9E-8FA2-A0A8654FEAD0}
[2011/12/21 09:43:18 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{D6769276-07C3-4180-A30C-B9233AB3E264}
[2011/12/20 08:43:08 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{93035B2E-B333-4152-819C-5DAFE2CF9E4E}
[2011/12/20 08:42:55 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{5990B149-FEB8-4C04-AEF6-82C9F9DAE695}
[2011/12/19 09:15:36 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{907CCD83-F048-42E0-B7F1-13D768504A26}
[2011/12/19 09:15:24 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{381E686E-C05D-4235-B11C-3D223874EF05}
[2011/12/18 05:56:59 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{D4CAE808-3755-4B62-B6E9-982C0C0A79A6}
[2011/12/18 05:56:47 | 000,000,000 | ---D | C] -- E:\Users\Benjamin\AppData\Local\{F5A4C2E3-7C0D-422A-A09B-12F8C17FEAE8}
[2011/08/11 05:22:04 | 000,868,352 | ---- | C] (Microsoft Corporation) -- E:\Users\Benjamin\AppData\Roaming\kernel33.dll
[1 E:\Windows\*.tmp files -> E:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/16 09:45:32 | 000,008,342 | ---- | M] () -- E:\Users\Benjamin\AppData\Local\90e6b3d7
[2012/01/16 09:45:32 | 000,008,228 | ---- | M] () -- E:\Users\Benjamin\AppData\Roaming\b3a45dc0
[2012/01/16 09:45:32 | 000,008,188 | ---- | M] () -- E:\ProgramData\96f2afb4
[2012/01/16 09:36:54 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2012/01/16 09:12:32 | 000,014,016 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/16 09:12:32 | 000,014,016 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/16 09:04:58 | 2918,047,744 | -HS- | M] () -- E:\hiberfil.sys
[2012/01/15 14:20:09 | 217,222,605 | ---- | M] () -- E:\Windows\MEMORY.DMP
[2012/01/15 13:26:46 | 000,000,000 | ---- | M] () -- E:\Windows\ativpsrm.bin
[2012/01/15 13:26:46 | 000,000,000 | ---- | M] () -- E:\Windows\System32\atiicdxx.dat
[2012/01/15 09:38:29 | 000,000,000 | ---- | M] () -- E:\Windows\System32\drivers\lvuvc.hs
[2012/01/15 09:31:19 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/01/15 09:25:39 | 000,001,098 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/15 09:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At16.job
[2012/01/15 08:38:03 | 000,042,496 | -HS- | M] () -- E:\Windows\System32\F2AE843E-8D65-6F6B-59D0-2C74B271AAE2.avi
[2012/01/15 08:38:03 | 000,042,496 | -HS- | M] () -- E:\ProgramData\F2AE843E-8D65-6F6B-59D0-2C74B271AAE2.avi
[2012/01/15 08:38:03 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Defender
[2012/01/14 17:39:05 | 000,717,660 | ---- | M] () -- E:\Windows\System32\perfh009.dat
[2012/01/14 17:39:05 | 000,145,682 | ---- | M] () -- E:\Windows\System32\perfc009.dat
[2012/01/14 15:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At22.job
[2012/01/14 14:57:00 | 000,001,102 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/14 14:09:38 | 000,322,048 | ---- | M] (Microsoft Corporation) -- E:\Users\Benjamin\AppData\Local\agt.exe
[2012/01/14 14:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At21.job
[2012/01/13 17:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At24.job
[2012/01/13 16:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At23.job
[2012/01/13 13:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At20.job
[2012/01/13 12:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At19.job
[2012/01/13 10:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At17.job
[2012/01/13 08:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At15.job
[2012/01/13 07:48:10 | 000,002,441 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/01/13 07:47:16 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\devolo
[2012/01/12 11:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At18.job
[2012/01/10 14:51:56 | 000,000,937 | ---- | M] () -- E:\Windows\System32\0.0649901459453942.exe.lnk
[2012/01/10 12:21:59 | 000,000,937 | ---- | M] () -- E:\Users\Benjamin\Desktop\0.0649901459453942.exe.lnk
[2012/01/08 11:54:06 | 000,396,712 | ---- | M] () -- E:\Windows\System32\FNTCACHE.DAT
[2012/01/08 08:24:28 | 000,000,979 | ---- | M] () -- E:\Windows\eReg.dat
[2012/01/08 08:10:48 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[2012/01/07 18:41:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At1.job
[2012/01/07 10:00:09 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/01/07 09:59:29 | 000,001,251 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/01/07 09:59:14 | 000,001,320 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/01/07 09:58:40 | 000,001,404 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/01/07 09:58:04 | 000,002,432 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/01/07 07:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At14.job
[2012/01/07 06:59:23 | 000,002,286 | ---- | M] () -- E:\Users\Public\Desktop\Google Chrome.lnk
[2012/01/06 07:22:11 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At13.job
[2012/01/04 05:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\tasks\At12.job
[2012/01/03 17:11:02 | 000,000,151 | ---- | M] () -- E:\Windows\PhotoSnapViewer.INI
[2011/12/30 11:16:44 | 000,007,618 | ---- | M] () -- E:\Users\Benjamin\AppData\Local\Resmon.ResmonCfg
[2011/12/29 08:58:03 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- E:\Windows\System32\CmdLineExt.dll
[2011/12/29 06:44:56 | 000,070,583 | ---- | M] () -- E:\Users\Benjamin\Desktop\Backup vom Backup.pwn
[2011/12/28 18:01:10 | 003,624,325 | ---- | M] () -- E:\Users\Benjamin\Desktop\Mono & Nikitaman Zeit Steht Still.mp3
[2011/12/28 12:18:50 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Impulse
[2011/12/28 08:24:16 | 001,050,546 | ---- | M] () -- E:\test.amx
[2011/12/24 17:29:08 | 000,000,000 | -H-- | M] () -- E:\Windows\System32\drivers\Msft_Kernel_ta6usb_01009.Wdf
[2011/12/24 15:56:22 | 000,000,622 | ---- | M] () -- E:\Users\Public\Desktop\Traktor 2.lnk
[2011/12/24 15:52:39 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
[2011/12/24 15:49:34 | 000,001,094 | ---- | M] () -- E:\Users\Public\Desktop\Controller Editor.lnk
[2011/12/24 15:48:44 | 000,001,059 | ---- | M] () -- E:\Users\Public\Desktop\Service Center.lnk
[1 E:\Windows\*.tmp files -> E:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/15 13:26:46 | 000,000,000 | ---- | C] () -- E:\Windows\ativpsrm.bin
[2012/01/15 13:26:46 | 000,000,000 | ---- | C] () -- E:\Windows\System32\atiicdxx.dat
[2012/01/15 08:38:03 | 000,042,496 | -HS- | C] () -- E:\Windows\System32\F2AE843E-8D65-6F6B-59D0-2C74B271AAE2.avi
[2012/01/15 08:38:03 | 000,042,496 | -HS- | C] () -- E:\ProgramData\F2AE843E-8D65-6F6B-59D0-2C74B271AAE2.avi
[2012/01/14 14:09:39 | 000,008,342 | ---- | C] () -- E:\Users\Benjamin\AppData\Local\90e6b3d7
[2012/01/14 14:09:39 | 000,008,228 | ---- | C] () -- E:\Users\Benjamin\AppData\Roaming\b3a45dc0
[2012/01/14 14:09:39 | 000,008,188 | ---- | C] () -- E:\ProgramData\96f2afb4
[2012/01/10 14:51:56 | 000,000,937 | ---- | C] () -- E:\Windows\System32\0.0649901459453942.exe.lnk
[2012/01/10 12:21:59 | 000,000,937 | ---- | C] () -- E:\Users\Benjamin\Desktop\0.0649901459453942.exe.lnk
[2011/12/30 11:16:44 | 000,007,618 | ---- | C] () -- E:\Users\Benjamin\AppData\Local\Resmon.ResmonCfg
[2011/12/29 07:12:18 | 000,070,583 | ---- | C] () -- E:\Users\Benjamin\Desktop\Backup vom Backup.pwn
[2011/12/28 08:24:16 | 001,050,546 | ---- | C] () -- E:\test.amx
[2011/12/27 08:21:31 | 003,624,325 | ---- | C] () -- E:\Users\Benjamin\Desktop\Mono & Nikitaman Zeit Steht Still.mp3
[2011/12/24 17:29:08 | 000,000,000 | -H-- | C] () -- E:\Windows\System32\drivers\Msft_Kernel_ta6usb_01009.Wdf
[2011/12/24 15:56:22 | 000,000,622 | ---- | C] () -- E:\Users\Public\Desktop\Traktor 2.lnk
[2011/12/24 15:48:44 | 000,001,059 | ---- | C] () -- E:\Users\Public\Desktop\Service Center.lnk
[2011/10/29 07:39:39 | 000,000,151 | ---- | C] () -- E:\Windows\PhotoSnapViewer.INI
[2011/10/16 14:44:20 | 000,138,056 | ---- | C] () -- E:\Users\Benjamin\AppData\Roaming\PnkBstrK.sys
[2011/10/15 15:36:13 | 000,000,979 | ---- | C] () -- E:\Windows\eReg.dat
[2011/10/13 12:15:25 | 000,089,088 | ---- | C] () -- E:\Windows\System32\mbr.exe
[2011/10/13 07:46:42 | 000,175,104 | ---- | C] () -- E:\Windows\sqlite3.dll
[2011/10/10 11:51:31 | 000,000,001 | ---- | C] () -- E:\ProgramData\DaLDN8xX.exe.b
[2011/10/10 11:49:39 | 000,000,112 | ---- | C] () -- E:\ProgramData\dGYBb7FT1.dat
[2011/09/19 13:31:54 | 000,695,578 | ---- | C] () -- E:\Windows\unins000.exe
[2011/09/19 13:31:54 | 000,000,865 | ---- | C] () -- E:\Windows\unins000.dat
[2011/08/19 04:26:20 | 010,898,456 | ---- | C] () -- E:\Windows\System32\LogiDPP.dll
[2011/08/19 04:26:20 | 000,336,408 | ---- | C] () -- E:\Windows\System32\DevManagerCore.dll
[2011/08/19 04:26:20 | 000,104,472 | ---- | C] () -- E:\Windows\System32\LogiDPPApp.exe
[2011/08/12 06:20:14 | 000,015,896 | ---- | C] () -- E:\Windows\System32\drivers\iKeyLFT2.dll
[2011/07/26 01:48:54 | 000,028,418 | ---- | C] () -- E:\Windows\System32\lvcoinst.ini
[2011/06/22 12:22:10 | 000,043,520 | ---- | C] () -- E:\Windows\System32\CmdLineExt03.dll
[2011/06/16 16:32:26 | 000,138,264 | ---- | C] () -- E:\Windows\System32\drivers\PnkBstrK.sys
[2011/06/16 16:31:43 | 000,234,768 | ---- | C] () -- E:\Windows\System32\PnkBstrB.exe
[2011/06/16 16:31:35 | 000,075,136 | ---- | C] () -- E:\Windows\System32\PnkBstrA.exe
[2011/06/03 05:29:39 | 000,005,632 | ---- | C] () -- E:\Users\Benjamin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/25 13:51:20 | 000,170,027 | ---- | C] () -- E:\Windows\hpwins26.dat
[2011/05/25 13:51:20 | 000,000,370 | ---- | C] () -- E:\Windows\hpwmdl26.dat
[2011/05/24 10:41:56 | 000,000,097 | ---- | C] () -- E:\Users\Benjamin\AppData\default.pls
[2011/04/29 06:49:26 | 000,000,520 | ---- | C] () -- E:\Windows\System32\drivers\SamSfPa.dat
[2011/04/29 02:58:39 | 000,065,536 | ---- | C] () -- E:\Windows\IFinst27.exe
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,396,712 | ---- | C] () -- E:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,717,660 | ---- | C] () -- E:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- E:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,145,682 | ---- | C] () -- E:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- E:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- E:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- E:\Windows\System32\dssec.dat
[2009/07/13 19:19:49 | 000,066,048 | ---- | C] () -- E:\Windows\System32\PrintBrmUi.exe
[2009/07/13 19:02:54 | 000,245,248 | ---- | C] () -- E:\Windows\System32\DShowRdpFilter.dll
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- E:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\System32\BWContextHandler.dll
[2009/07/13 18:15:13 | 000,387,584 | ---- | C] () -- E:\Windows\System32\drivers\csc.sys
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\System32\mlang.dat
[2007/04/27 03:43:58 | 000,120,200 | ---- | C] () -- E:\Windows\System32\DLLDEV32i.dll
[2005/08/20 10:51:19 | 000,569,960 | -H-- | C] () -- E:\Users\Benjamin\AppData\Roaming\logs.dat
[2005/04/07 21:16:43 | 000,004,039 | -H-- | C] () -- E:\Users\Benjamin\AppData\Roaming\Benjaminlog.dat
========== LOP Check ==========
[2011/11/28 12:36:42 | 000,000,000 | -HSD | M] -- E:\Users\Benjamin\AppData\Roaming\.#
[2011/08/27 04:14:28 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\.minecraft
[2011/10/26 08:19:02 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Acoustica
[2011/10/26 08:58:14 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Antares
[2011/06/30 13:44:27 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Armagetron
[2011/06/22 12:22:19 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Atari
[2011/04/29 04:59:29 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Babylon
[2011/10/21 12:04:50 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\DAEMON Tools
[2011/06/08 11:12:46 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/01/04 05:36:49 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\FileZilla
[2011/09/19 13:31:54 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Flatcast
[2011/12/27 13:00:05 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\GetRightToGo
[2011/12/21 17:30:40 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\gtk-2.0
[2011/11/09 12:13:11 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Image-Line
[2011/05/02 12:22:26 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\JonDo
[2011/11/12 17:47:48 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Juce VST Host
[2011/06/22 12:21:07 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Leadertech
[2011/05/09 14:37:36 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\MAGIX
[2011/09/12 13:41:38 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\MonoDevelop-Unity
[2011/10/16 10:15:01 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Need for Speed World
[2011/05/19 08:59:41 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\OpenOffice.org
[2011/10/26 08:58:52 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\PACE Anti-Piracy
[2011/06/17 13:59:59 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Stardock
[2011/12/02 08:56:28 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Synthesia
[2011/07/20 12:23:18 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\TeamViewer
[2011/07/12 10:36:46 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\ts3overlay
[2011/12/09 14:17:12 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\UDC Profiles
[2011/09/09 16:42:12 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Unity
[2012/01/07 18:35:56 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\uTorrent
[2011/07/14 12:45:26 | 000,000,000 | ---D | M] -- E:\Users\Benjamin\AppData\Roaming\Windows Live Writer
[2011/10/26 08:18:54 | 000,000,000 | ---D | M] -- E:\ProgramData\Acoustica
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2011/06/30 13:42:37 | 000,000,000 | ---D | M] -- E:\ProgramData\Armagetron
[2011/08/13 16:28:36 | 000,000,000 | ---D | M] -- E:\ProgramData\Ask
[2011/04/29 04:56:38 | 000,000,000 | ---D | M] -- E:\ProgramData\Babylon
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2011/06/17 13:54:39 | 000,000,000 | ---D | M] -- E:\ProgramData\Gibraltar
[2011/06/17 14:19:25 | 000,000,000 | ---D | M] -- E:\ProgramData\Ironclad Games
[2011/05/09 14:37:36 | 000,000,000 | ---D | M] -- E:\ProgramData\MAGIX
[2011/12/24 15:52:40 | 000,000,000 | ---D | M] -- E:\ProgramData\Native Instruments
[2011/10/26 08:58:52 | 000,000,000 | ---D | M] -- E:\ProgramData\PACE Anti-Piracy
[2011/10/16 10:10:27 | 000,000,000 | ---D | M] -- E:\ProgramData\PMB Files
[2011/09/25 05:20:19 | 000,000,000 | ---D | M] -- E:\ProgramData\SimCity Societies
[2011/10/12 09:24:05 | 000,000,000 | ---D | M] -- E:\ProgramData\Simply Super Software
[2011/06/17 13:54:21 | 000,000,000 | ---D | M] -- E:\ProgramData\Stardock
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2011/06/03 05:08:41 | 000,000,000 | ---D | M] -- E:\ProgramData\TechSmith
[2011/10/12 09:44:31 | 000,000,000 | ---D | M] -- E:\ProgramData\TEMP
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2011/05/26 07:10:49 | 000,000,000 | ---D | M] -- E:\ProgramData\TrackMania
[2011/12/24 15:49:36 | 000,000,000 | -H-D | M] -- E:\ProgramData\{01AD1010-597E-4367-9DEC-23AD9A33492A}
[2011/10/18 06:45:54 | 000,000,000 | -H-D | M] -- E:\ProgramData\{12C9D0C8-20A9-478B-A1E2-4A2B318DEF2E}
[2011/12/28 12:18:51 | 000,000,000 | -H-D | M] -- E:\ProgramData\{3228023F-23C6-4EE9-B3CC-F35B35213348}
[2011/12/24 15:48:48 | 000,000,000 | -H-D | M] -- E:\ProgramData\{49FAB1E7-7D4E-4015-BBCA-E52669133FB7}
[2011/10/18 06:52:23 | 000,000,000 | -H-D | M] -- E:\ProgramData\{4E1B117F-A681-406A-88B5-AF868CF9CB04}
[2011/12/24 15:56:34 | 000,000,000 | -H-D | M] -- E:\ProgramData\{62CAB22A-9020-41D6-A410-EAB112E32063}
[2011/06/17 12:55:44 | 000,000,000 | -H-D | M] -- E:\ProgramData\{A4B500C8-F3EB-4AD9-9762-515CCA35FD16}
[2011/12/24 15:49:57 | 000,000,000 | -H-D | M] -- E:\ProgramData\{D25BF89C-A3A2-4699-9DF9-1A91A6139111}
[2012/01/07 18:41:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At1.job
[2011/10/10 14:48:54 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At10.job
[2011/10/15 03:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At11.job
[2012/01/04 05:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At12.job
[2012/01/06 07:22:11 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At13.job
[2012/01/07 07:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At14.job
[2012/01/13 08:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At15.job
[2012/01/15 09:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At16.job
[2012/01/13 10:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At17.job
[2012/01/12 11:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At18.job
[2012/01/13 12:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At19.job
[2011/10/10 14:48:55 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At2.job
[2012/01/13 13:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At20.job
[2012/01/14 14:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At21.job
[2012/01/14 15:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At22.job
[2012/01/13 16:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At23.job
[2012/01/13 17:00:00 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At24.job
[2011/10/10 14:48:55 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At3.job
[2011/10/10 14:48:55 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At4.job
[2011/10/10 14:48:55 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At5.job
[2011/10/10 14:48:55 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At6.job
[2011/10/10 14:48:55 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At7.job
[2011/10/10 14:48:55 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At8.job
[2011/10/10 14:48:55 | 000,000,340 | ---- | M] () -- E:\Windows\Tasks\At9.job
[2012/01/08 11:25:40 | 000,032,608 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011/04/28 16:36:58 | 000,000,000 | -HSD | M] -- E:\$Recycle.Bin
[2011/08/08 05:01:35 | 000,000,000 | ---D | M] -- E:\3D Model Viewer
[2011/05/12 10:08:16 | 000,000,000 | ---D | M] -- E:\ATI
[2012/01/13 11:33:24 | 000,000,000 | -HSD | M] -- E:\Config.Msi
[2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\Documents and Settings
[2011/04/29 02:54:18 | 000,000,000 | ---D | M] -- E:\Fiaa
[2011/10/15 11:25:34 | 000,000,000 | -HSD | M] -- E:\found.000
[2011/12/25 04:05:15 | 000,000,000 | -HSD | M] -- E:\found.001
[2012/01/11 12:09:49 | 000,000,000 | -HSD | M] -- E:\found.002
[2011/05/09 14:34:16 | 000,000,000 | -H-D | M] -- E:\IORRT
[2011/05/12 10:27:23 | 000,000,000 | ---D | M] -- E:\NVIDIA
[2009/07/13 21:37:05 | 000,000,000 | ---D | M] -- E:\PerfLogs
[2011/04/28 14:51:47 | 000,000,000 | ---D | M] -- E:\PowerISO
[2012/01/15 08:38:03 | 000,000,000 | R--D | M] -- E:\Program Files
[2012/01/15 08:38:03 | 000,000,000 | -H-D | M] -- E:\ProgramData
[2011/04/28 11:27:01 | 000,000,000 | -HSD | M] -- E:\Recovery
[2010/07/30 04:38:07 | 000,000,000 | -HSD | M] -- E:\RECYCLER
[2012/01/13 09:04:40 | 000,000,000 | -HSD | M] -- E:\System Volume Information
[2011/11/29 12:01:39 | 000,000,000 | ---D | M] -- E:\tmp
[2012/01/14 17:36:16 | 000,000,000 | R--D | M] -- E:\Users
[2012/01/15 14:20:09 | 000,000,000 | ---D | M] -- E:\Windows
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- E:\Windows\System32\drivers\AGP440.sys
[2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- E:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- E:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- E:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- E:\Windows\System32\drivers\atapi.sys
[2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- E:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- E:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- E:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\System32\cngaudit.dll
[2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- E:\Windows\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- E:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- E:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: IASTORV.SYS >
[2011/03/11 00:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- E:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 00:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- E:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 00:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- E:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys
[2011/03/11 00:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- E:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 00:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- E:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- E:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- E:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 07:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- E:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 00:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- E:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010/11/20 07:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- E:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- E:\Windows\System32\netlogon.dll
[2009/07/13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- E:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011/03/11 00:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- E:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 00:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- E:\Windows\System32\drivers\nvstor.sys
[2011/03/11 00:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- E:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys
[2011/03/11 00:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- E:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 00:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- E:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 00:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- E:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 07:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- E:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- E:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- E:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- E:\Windows\System32\scecli.dll
[2009/07/13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- E:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 07:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- E:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: USER32.DLL >
[2009/07/13 20:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- E:\Windows\System32\user32.dll
[2009/07/13 20:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- E:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010/11/20 07:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- E:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- E:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- E:\Windows\System32\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- E:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- E:\Windows\System32\winlogon.exe
[2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- E:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 00:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- E:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- E:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 20:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- E:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009/07/13 18:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- E:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/13 18:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- E:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/13 20:15:21 | 000,828,928 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\system32\fontext.dll
[2010/07/27 09:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\system32\shell32.dll
Invalid Environment Variable: %USERPROFILE%\*.*
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
========== Files - Unicode (All) ==========
[2011/11/03 16:50:58 | 000,177,595 | ---- | M] ()(E:\Users\Benjamin\Desktop\?????????·S ???.mid) -- E:\Users\Benjamin\Desktop\?????????·S ???.mid
[2011/11/03 16:50:53 | 000,177,595 | ---- | C] ()(E:\Users\Benjamin\Desktop\?????????·S ???.mid) -- E:\Users\Benjamin\Desktop\?????????·S ???.mid
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[E:\Windows\$NtUninstallKB25778$] -> -> Unknown point type
========== Alternate Data Streams ==========
@Alternate Data Stream - 1215 bytes -> E:\Users\Benjamin\AppData\Local\GSVhTwd5KAnCa7:Wryq8mNC7yzMUU1vXupmPble
@Alternate Data Stream - 1135 bytes -> E:\ProgramData\Microsoft:5yUtLOxYpA12yaPyhGkM2sOx3Ssu
@Alternate Data Stream - 1108 bytes -> E:\ProgramData\Microsoft:voadnbRM7zSzsNCVd
@Alternate Data Stream - 1082 bytes -> E:\ProgramData\Microsoft:36guaRVBW0aq4Vffr
@Alternate Data Stream - 1081 bytes -> E:\Users\Benjamin\AppData\Local\Temp:gCuWnZQfhqRLmf4rfxA2
@Alternate Data Stream - 1051 bytes -> E:\ProgramData\Microsoft:OTuibfhYKSxTcby5OV89i
< End of report >
Zum Verständnis, mein system windows 7 ist auf Partition E: |
OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.