GVU Trojaner WIN 7

OTL logfile created on: 26/01/2013 14:54:13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Fränz\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
 
3,86 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 36,10% Memory free
7,71 Gb Paging File | 4,27 Gb Available in Paging File | 55,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 339,23 Gb Total Space | 240,27 Gb Free Space | 70,83% Space Free | Partition Type: NTFS
Drive D: | 339,77 Gb Total Space | 249,24 Gb Free Space | 73,36% Space Free | Partition Type: NTFS
Drive E: | 6,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 1,88 Gb Total Space | 0,18 Gb Free Space | 9,73% Space Free | Partition Type: FAT
 
Computer Name: FRÄNZ-LAPTOP | User Name: Fränz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/01/26 14:53:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fränz\Desktop\OTL.exe
PRC - [2013/01/19 05:30:35 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/12/20 18:44:32 | 000,844,296 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/12/20 18:44:28 | 000,310,280 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/12/20 18:44:26 | 001,476,104 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/11 15:44:04 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/12/11 15:43:26 | 000,639,264 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
PRC - [2012/12/11 15:43:21 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/12/11 15:43:20 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/12/11 15:43:18 | 000,387,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
PRC - [2012/11/30 03:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2012/09/12 11:17:12 | 000,445,624 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012/07/17 15:14:08 | 000,132,056 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
PRC - [2012/04/30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012/02/27 04:52:20 | 000,038,248 | ---- | M] (Mindjet) -- C:\Program Files (x86)\Mindjet\MindManager 10\MmReminderService.exe
PRC - [2011/07/01 03:51:13 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011/07/01 03:51:12 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011/07/01 03:51:11 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011/07/01 03:51:10 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011/05/30 03:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2011/05/20 09:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/05/12 06:04:12 | 000,723,560 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2011/04/24 02:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/04/24 02:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011/04/22 17:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2011/02/01 22:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 22:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/12/27 09:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010/11/17 02:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/05/20 15:26:26 | 000,119,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
PRC - [2010/01/30 00:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/01/20 13:42:30 | 000,122,880 | ---- | M] () -- C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox\components\CitaviPickerCommunication.dll
MOD - [2013/01/19 05:30:35 | 003,022,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/11/30 03:07:48 | 000,100,248 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2012/11/30 03:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2012/11/07 16:25:36 | 000,204,288 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2012/09/19 19:17:40 | 000,397,088 | ---- | M] () -- C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012/04/30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012/04/30 10:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2012/02/27 04:51:34 | 000,151,376 | ---- | M] () -- C:\Program Files (x86)\Mindjet\MindManager 10\zlib.dll
MOD - [2011/04/24 02:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011/03/13 19:45:12 | 000,158,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/03/13 19:37:06 | 000,197,960 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/01/28 02:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/12/17 00:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV - [2013/01/19 05:30:35 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/09 00:47:31 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/11 15:44:04 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/12/11 15:43:21 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/09/27 07:45:14 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/07/17 15:14:08 | 000,132,056 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2012/01/18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011/07/01 03:51:11 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011/06/21 20:55:04 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2011/05/30 03:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2011/05/20 09:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/05/02 13:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011/05/02 13:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011/05/02 13:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011/04/24 02:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2011/04/22 17:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2011/03/29 05:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/03/28 08:41:00 | 000,799,848 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV - [2011/02/01 22:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 22:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/12/27 09:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/11/29 14:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/06/01 23:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/30 00:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/12/11 15:44:07 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/12/11 15:44:07 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/11/29 20:55:33 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/09/24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/09/20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/09/20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/04/11 12:20:15 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2012/04/11 12:20:15 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2012/04/11 12:20:15 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/20 11:02:55 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011/09/20 11:02:55 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011/07/14 06:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/14 06:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/24 04:22:04 | 001,591,936 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/06/21 14:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/06/21 14:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/06/10 19:16:08 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/05/20 08:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/05/01 07:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/04/05 12:26:26 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011/03/13 19:20:10 | 000,639,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/03/13 19:20:10 | 000,481,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/03/13 19:20:10 | 000,281,928 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/03/13 19:20:10 | 000,156,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/03/13 19:20:10 | 000,098,728 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/02/21 08:30:54 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/02/10 07:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 07:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/01/12 09:10:44 | 000,333,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010/11/29 14:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/08 05:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 09:28:17 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/01/29 01:04:38 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "www.Zeit.de"
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7B01A8CA0A-4C96-465b-A49B-65C46FAD54F9%7D:6.0
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: firefox%40unfriendfinder.com:41.997
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.6
FF - prefs.js..extensions.enabledAddons: %7B8AA36F4F-6DC7-4c06-77AF-5035170634FE%7D:2012.09.13
FF - prefs.js..extensions.enabledAddons: %7Ba95d8332-e4b4-6e7f-98ac-20b733364387%7D:0.6.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/11/05 22:35:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/11/09 22:12:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/11/16 21:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012/11/29 21:38:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012/12/12 14:50:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/19 05:30:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/19 05:30:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/01/09 11:01:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/11/16 21:40:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/19 05:30:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/19 05:30:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/01/09 11:01:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012/11/07 13:54:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\Extensions
[2013/01/23 12:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\Firefox\Profiles\7qmn0jed.default\extensions
[2012/12/30 19:49:38 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Fränz\AppData\Roaming\mozilla\Firefox\Profiles\7qmn0jed.default\extensions\ich@maltegoetz.de
[2012/11/09 22:09:21 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\firefox\profiles\7qmn0jed.default\extensions\DivXWebPlayer@divx.com.xpi
[2012/12/31 13:59:06 | 000,351,151 | ---- | M] () (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\firefox\profiles\7qmn0jed.default\extensions\firefox@unfriendfinder.com.xpi
[2013/01/23 12:31:17 | 000,056,640 | ---- | M] () (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\firefox\profiles\7qmn0jed.default\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi
[2012/11/23 15:14:25 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\firefox\profiles\7qmn0jed.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/16 20:34:39 | 000,266,840 | ---- | M] () (No name found) -- C:\Users\Fränz\AppData\Roaming\mozilla\firefox\profiles\7qmn0jed.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/01/19 05:30:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/11/29 21:38:24 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES (X86)\ADOBE CONTRIBUTE CS5\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9}
[2012/11/09 22:12:04 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/12/12 14:50:37 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX
File not found (No name found) -- C:\USERS\FRäNZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7QMN0JED.DEFAULT\EXTENSIONS\{A95D8332-E4B4-6E7F-98AC-20B733364387}.XPI
File not found (No name found) -- C:\USERS\FRäNZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7QMN0JED.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
File not found (No name found) -- C:\USERS\FRäNZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7QMN0JED.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
File not found (No name found) -- C:\USERS\FRäNZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7QMN0JED.DEFAULT\EXTENSIONS\FIREFOX@UNFRIENDFINDER.COM.XPI
File not found (No name found) -- C:\USERS\FRäNZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7QMN0JED.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE
[2013/01/19 05:30:35 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/10/24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/10/24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/10/24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012/11/29 21:11:33 | 000,001,364 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1				activate.adobe.com
O1 - Hosts: 127.0.0.1				practivate.adobe.com
O1 - Hosts: 127.0.0.1				192.168.112.2O7.net
O1 - Hosts: 127.0.0.1				ereg.adobe.com
O1 - Hosts: 127.0.0.1				activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1				3dns-3.adobe.com
O1 - Hosts: 127.0.0.1				3dns-2.adobe.com
O1 - Hosts: 127.0.0.1				adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1				adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1				ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1				adobeereg.com
O1 - Hosts: 127.0.0.1				Registration
O1 - Hosts: 127.0.0.1				activate-sea.adobe.com
O1 - Hosts: 127.0.0.1				activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1				wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1				192.150.18.108
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found.
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No CLSID value found.
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe (Microsoft)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MMReminderService] C:\Program Files (x86)\Mindjet\MindManager 10\MMReminderService.exe (Mindjet)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] "J:\Festplatte\Programme\DAEMON Tools Lite\DTLite.exe" -autorun File not found
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Send Image To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Link To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Page To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8:64bit: - Extra context menu item: Send Text To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Send Image To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Link To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Page To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O8 - Extra context menu item: Send Text To MindManager - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9326996-06D4-4DB3-A26D-9C1A403B10D1}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/06 19:00:54 | 000,131,720 | R--- | M] (InstallShield Software Corporation) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008/02/22 16:08:27 | 000,058,601 | R--- | M] () - E:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2008/02/22 16:08:27 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008/02/22 16:08:44 | 000,000,382 | R--- | M] () - E:\autorun.ini -- [ UDF ]
O32 - Unable to obtain root file information for disk G:\
O33 - MountPoints2\{4f7e4448-086e-11e2-a508-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4f7e4448-086e-11e2-a508-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2008/03/06 19:00:54 | 000,131,720 | R--- | M] (InstallShield Software Corporation)
O33 - MountPoints2\{95cba820-3a54-11e2-a4d9-dc0ea12e6964}\Shell - "" = AutoRun
O33 - MountPoints2\{95cba820-3a54-11e2-a4d9-dc0ea12e6964}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{95cba820-3a54-11e2-a4d9-dc0ea12e6964}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{95cba820-3a54-11e2-a4d9-dc0ea12e6964}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/26 14:53:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Fränz\Desktop\OTL.exe
[2013/01/26 00:38:40 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Wirtschaftsprivatrecht
[2013/01/25 02:03:41 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\CByeByeMaxiUnofficaltrYmewarez
[2013/01/24 15:33:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013/01/20 15:59:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013/01/20 15:58:57 | 000,203,104 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2013/01/20 15:58:57 | 000,102,368 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013/01/20 15:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2013/01/20 15:57:57 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2013/01/20 15:57:44 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2013/01/20 15:57:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2013/01/20 15:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013/01/20 15:50:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/01/20 13:29:31 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Konstruktion I
[2013/01/20 13:13:58 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Hausaufgabe 2
[2013/01/20 11:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PC Checkup 3.0
[2013/01/20 11:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup 3.0
[2013/01/20 11:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/01/19 20:31:37 | 000,000,000 | ---D | C] -- C:\Users\Fränz\AppData\Local\{A87D4020-576E-44AB-8D0B-8D61C9A7DD2F}
[2013/01/19 20:31:37 | 000,000,000 | ---D | C] -- C:\Users\Fränz\AppData\Local\{532F5448-BD2D-4F05-A88B-C4F7FAAD96DC}
[2013/01/19 05:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/16 12:32:47 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Keine Panik vor Thermodynamik
[2013/01/16 11:16:33 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Fotos New York
[2013/01/14 17:02:06 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Fotostrecke Flip-Charts
[2013/01/11 22:17:51 | 000,000,000 | ---D | C] -- C:\Users\Fränz\AppData\Roaming\dvdcss
[2013/01/09 14:25:18 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Grundlagenseminare
[2013/01/09 11:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013/01/09 09:54:51 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/01/09 09:54:51 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/01/09 09:54:41 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/01/09 09:54:41 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/01/09 09:54:38 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/01/09 09:54:38 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/01/09 09:54:38 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/01/09 09:54:38 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/01/09 09:54:38 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/01/09 09:54:38 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/01/09 09:54:38 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/01/09 09:54:38 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/01/09 09:54:38 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/01/09 09:54:38 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/01/09 09:54:38 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/01/09 09:54:38 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/01/09 09:54:38 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/01/09 09:54:38 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/01/09 09:54:37 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/01/09 09:54:37 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/01/09 09:54:37 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/01/09 09:54:37 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/01/09 09:54:37 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/01/09 09:54:37 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/01/09 09:54:37 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/01/09 09:54:37 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/01/09 09:54:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/01/09 09:54:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/01/09 09:54:37 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/01/09 09:54:37 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/01/09 09:54:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/01/09 09:54:14 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/01/09 09:54:14 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/01/09 09:54:14 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/01/09 09:54:14 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/01/09 09:54:14 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/01/09 09:54:14 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/01/09 09:54:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/01/09 09:54:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/01/09 09:54:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/01/09 09:54:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 09:54:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 09:54:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 09:54:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/01/09 09:54:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 09:54:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 09:54:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 09:54:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 09:54:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 09:54:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/01/09 09:54:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/01/09 09:54:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 09:54:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 09:54:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 09:54:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/01/09 09:53:56 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/01/07 23:06:17 | 000,000,000 | ---D | C] -- C:\Users\Fränz\AppData\Roaming\InstallShield
[2013/01/07 15:22:29 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\VL Projektmanagement WS 2012-13
[2013/01/07 14:58:37 | 000,000,000 | ---D | C] -- C:\Users\Fränz\AppData\Roaming\Ubisoft
[2013/01/07 14:56:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2013/01/07 14:54:19 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013/01/07 14:54:19 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013/01/07 14:54:18 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013/01/07 14:54:18 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013/01/07 14:54:18 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013/01/07 14:54:18 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013/01/07 14:54:18 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013/01/07 14:54:18 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013/01/07 14:54:17 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013/01/07 14:54:17 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013/01/07 14:54:16 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013/01/07 14:54:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013/01/07 14:54:16 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013/01/07 14:54:16 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013/01/07 14:54:16 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013/01/07 14:54:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013/01/07 14:54:16 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013/01/07 14:54:16 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013/01/07 14:54:16 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013/01/07 14:54:16 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013/01/07 14:54:15 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013/01/07 14:54:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013/01/07 14:54:15 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013/01/07 14:54:15 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013/01/07 14:54:15 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013/01/07 14:54:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013/01/06 18:49:02 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\material für walter
[2013/01/06 18:49:02 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\material für die tn vom gls i
[2013/01/06 18:43:50 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Weiteres
[2013/01/06 18:38:21 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\Selbstwert und Selbstwirksamkeit
[2013/01/06 09:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013/01/06 09:25:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2013/01/06 09:25:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013/01/05 16:18:59 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Desktop\WPR
[2013/01/03 20:27:45 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Documents\ToDos
[2013/01/03 16:57:16 | 000,000,000 | ---D | C] -- C:\Users\Fränz\Application Data
[2013/01/03 15:09:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012/12/29 12:29:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest update
[2012/12/29 12:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest
 
========== Files - Modified Within 30 Days ==========
 
[2013/01/26 14:58:47 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2013/01/26 14:53:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fränz\Desktop\OTL.exe
[2013/01/26 14:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/26 10:29:42 | 000,002,915 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2013/01/26 10:29:42 | 000,000,159 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.reg
[2013/01/26 10:29:42 | 000,000,067 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.bat
[2013/01/26 10:29:17 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/26 10:29:17 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/26 10:27:04 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/26 10:27:04 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/01/26 10:27:04 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/26 10:27:04 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/01/26 10:27:04 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/26 10:21:55 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/01/26 10:21:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/26 10:21:10 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/26 02:03:56 | 001,405,658 | ---- | M] () -- C:\Users\Fränz\Desktop\tafeln-sbf-see.pdf
[2013/01/26 02:03:49 | 000,212,374 | ---- | M] () -- C:\Users\Fränz\Desktop\praktische-pruefung-sportbootfuehrerschein-see-ab-mai-2012.pdf
[2013/01/26 02:00:01 | 000,917,201 | ---- | M] () -- C:\Users\Fränz\Desktop\Fragenkatalog-See-Mai-2012.pdf
[2013/01/26 01:13:10 | 000,156,160 | ---- | M] () -- C:\Users\Fränz\Desktop\Schallsignale_Schulung.pps
[2013/01/26 01:13:07 | 000,316,416 | ---- | M] () -- C:\Users\Fränz\Desktop\Verkehrszeichen_Schulung.pps
[2013/01/26 01:13:03 | 001,041,920 | ---- | M] () -- C:\Users\Fränz\Desktop\Praxis_des_Segelns_Schulung.pps
[2013/01/26 01:12:44 | 001,432,064 | ---- | M] () -- C:\Users\Fränz\Desktop\Wegerecht_Schulung.pps
[2013/01/26 00:14:50 | 006,819,143 | ---- | M] () -- C:\Users\Fränz\Desktop\VID-20130125-00012.3GP
[2013/01/26 00:04:35 | 008,267,054 | ---- | M] () -- C:\Users\Fränz\Desktop\VID-20130125-00009.3GP
[2013/01/25 20:32:12 | 000,044,635 | ---- | M] () -- C:\Users\Fränz\Desktop\BVG.de - Fahrplanauskunft.pdf
[2013/01/25 04:58:55 | 000,000,173 | ---- | M] () -- C:\Users\Fränz\AppData\Local\msmathematics.qat.Fränz
[2013/01/25 01:58:34 | 031,165,163 | ---- | M] () -- C:\Users\Fränz\Desktop\CByeByeMaxiUnofficaltrYmewarez.zip
[2013/01/24 22:58:59 | 002,959,867 | ---- | M] () -- C:\Users\Fränz\Desktop\Vorlesung_LO_WS12_13_16102012_Kompatibilitaetsmodus_.pdf
[2013/01/21 23:08:30 | 000,039,496 | ---- | M] () -- C:\Users\Fränz\Desktop\550052_522660267766295_205696153_n.jpg
[2013/01/21 22:56:50 | 000,011,789 | ---- | M] () -- C:\Users\Fränz\Desktop\399405_10151093813300676_1861637810_n.jpg
[2013/01/20 23:50:26 | 000,030,278 | ---- | M] () -- C:\Users\Fränz\Desktop\1Termine-Nielsen.pdf
[2013/01/20 15:54:46 | 001,590,378 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/20 15:40:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/01/20 13:42:31 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\Citavi 3.lnk
[2013/01/20 11:31:06 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\Norton PC Checkup 3.0.lnk
[2013/01/18 19:53:49 | 273,720,374 | R--- | M] () -- C:\Users\Fränz\Desktop\tk_hv_2013_01_18.mp4
[2013/01/18 11:09:28 | 002,481,271 | ---- | M] () -- C:\Users\Fränz\Desktop\Get-Together WS 2012-2013.pdf
[2013/01/17 21:12:13 | 000,365,847 | ---- | M] () -- C:\Users\Fränz\Desktop\Toolbox.pdf
[2013/01/17 21:02:19 | 001,777,815 | ---- | M] () -- C:\Users\Fränz\Desktop\Master_Leitfaden_121010.pdf
[2013/01/17 20:13:17 | 000,151,977 | ---- | M] () -- C:\Users\Fränz\Desktop\244047_10151351294554486_1227174146_o.jpg
[2013/01/17 09:03:56 | 000,300,409 | ---- | M] () -- C:\Users\Fränz\Desktop\2013-01-17.pdf
[2013/01/16 11:38:45 | 000,009,280 | ---- | M] () -- C:\Users\Fränz\Desktop\632_240x240_Front_Color-White.jpg
[2013/01/16 11:38:35 | 000,408,389 | ---- | M] () -- C:\Users\Fränz\Desktop\MG_6081.jpg
[2013/01/16 11:38:26 | 000,018,308 | ---- | M] () -- C:\Users\Fränz\Desktop\wanderlust-definition-dico.png
[2013/01/16 11:20:35 | 000,178,579 | ---- | M] () -- C:\Users\Fränz\Desktop\Fernweh-a18283518.jpg
[2013/01/15 19:59:21 | 000,060,443 | ---- | M] () -- C:\Users\Fränz\Desktop\Organization TK old.pdf
[2013/01/15 19:57:33 | 000,871,395 | ---- | M] () -- C:\Users\Fränz\Desktop\Organization TK new.pdf
[2013/01/15 19:55:25 | 000,882,851 | ---- | M] () -- C:\Users\Fränz\Desktop\Bild1.jpg
[2013/01/15 17:37:04 | 000,032,336 | ---- | M] () -- C:\Users\Fränz\Desktop\321041_467821476614565_1565470527_n.jpg
[2013/01/14 22:33:28 | 000,096,749 | ---- | M] () -- C:\Users\Fränz\Desktop\426786_542925929051829_1542651037_n.jpg
[2013/01/14 17:10:36 | 001,355,015 | ---- | M] () -- C:\Users\Fränz\Desktop\Fotostrecke Flip-Chart.pdf
[2013/01/14 11:09:37 | 000,114,487 | ---- | M] () -- C:\Users\Fränz\Desktop\Infoblätter für Coaches.pdf
[2013/01/14 10:59:07 | 023,759,309 | ---- | M] () -- C:\Users\Fränz\Desktop\Fotostrecke Flip-Charts.rar
[2013/01/13 12:06:16 | 106,203,887 | ---- | M] () -- C:\Users\Fränz\Desktop\Mic Do - Plenty Of L (Ama Edi) (2012).rar
[2013/01/13 10:14:24 | 350,315,347 | ---- | M] () -- C:\Users\Fränz\Desktop\5141414108.Rmmstn-GrtstHts.zip
[2013/01/11 22:04:25 | 046,114,786 | ---- | M] () -- C:\Users\Fränz\Desktop\Make It Count.avi
[2013/01/10 19:03:59 | 000,043,938 | ---- | M] () -- C:\Users\Fränz\Desktop\734986_477331422304164_1239645383_n.jpg
[2013/01/10 12:46:02 | 000,021,111 | ---- | M] () -- C:\Users\Fränz\Desktop\768_10200367504657345_1269863194_n.jpg
[2013/01/09 23:08:40 | 000,006,104 | ---- | M] () -- C:\Users\Fränz\Desktop\218088_10200296573763848_1901334179_n.jpg
[2013/01/09 23:07:49 | 000,023,882 | ---- | M] () -- C:\Users\Fränz\Desktop\148919_10151331107452332_40365430_n.jpg
[2013/01/09 23:03:49 | 000,042,541 | ---- | M] () -- C:\Users\Fränz\Desktop\400075_411994568878146_957912623_n.jpg
[2013/01/09 22:57:43 | 005,015,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/09 00:47:28 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/01/09 00:47:28 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/01/08 15:06:37 | 000,052,623 | ---- | M] () -- C:\Users\Fränz\Desktop\Bestaetigung.pdf
[2013/01/08 14:35:08 | 000,816,817 | ---- | M] () -- C:\Users\Fränz\Desktop\Protokoll_Vorstandsstrategie.pdf
[2013/01/06 18:34:14 | 000,000,492 | ---- | M] () -- C:\Windows\wininit.ini
[2013/01/06 09:25:16 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013/01/03 22:40:56 | 003,139,304 | ---- | M] () -- C:\Users\Fränz\Desktop\MS_Project_Tutorial.pdf
[2013/01/03 21:56:01 | 000,044,006 | ---- | M] () -- C:\Users\Fränz\Desktop\Finanzreport_Nr.12_vom_31.12.2012740148.pdf
[2013/01/03 21:19:22 | 000,025,306 | ---- | M] () -- C:\Users\Fränz\Desktop\ToDo for you.dotm
[2013/01/03 17:04:18 | 000,025,285 | ---- | M] () -- C:\Users\Fränz\Documents\ToDo for you.dotm
[2013/01/03 16:48:22 | 000,025,348 | ---- | M] () -- C:\Users\Fränz\Documents\ToDo for you.dotx
[2013/01/02 23:22:39 | 000,025,525 | ---- | M] () -- C:\Users\Fränz\Desktop\418606_485733534811724_1437033175_n.jpg
[2013/01/02 11:50:28 | 000,110,298 | ---- | M] () -- C:\Users\Fränz\Desktop\736011_504370986264197_1610935081_o.jpg
[2012/12/31 17:43:55 | 000,029,964 | ---- | M] () -- C:\Users\Fränz\Desktop\b2-l_p_457378_2_frittenbudebildermitkatzevideoaudiolithbratze.jpg
[2012/12/31 15:33:02 | 000,144,059 | ---- | M] () -- C:\Users\Fränz\Desktop\399286_510607585646210_1644454261_n.jpg
[2012/12/30 23:15:58 | 000,038,450 | ---- | M] () -- C:\Users\Fränz\Desktop\534685_478544048856585_1245799438_n.jpg
[2012/12/30 21:25:46 | 000,157,436 | ---- | M] () -- C:\Users\Fränz\Desktop\736363_526210054064014_461172559_o.jpg
[2012/12/30 13:20:29 | 014,585,520 | ---- | M] () -- C:\Users\Fränz\Desktop\Jung von MattLimmat Pro Infirmis Kommen Sie näher.avi
[2012/12/30 13:16:40 | 031,314,882 | ---- | M] () -- C:\Users\Fränz\Desktop\What if money was no object.avi
[2012/12/29 20:48:21 | 000,029,156 | ---- | M] () -- C:\Users\Fränz\Desktop\531232_574480222569243_2097776549_n.jpg
 
========== Files Created - No Company Name ==========
 
[2013/01/26 10:29:42 | 000,002,915 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2013/01/26 10:29:42 | 000,000,159 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.reg
[2013/01/26 10:29:42 | 000,000,067 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.bat
[2013/01/26 10:29:41 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2013/01/26 02:03:56 | 001,405,658 | ---- | C] () -- C:\Users\Fränz\Desktop\tafeln-sbf-see.pdf
[2013/01/26 02:03:49 | 000,212,374 | ---- | C] () -- C:\Users\Fränz\Desktop\praktische-pruefung-sportbootfuehrerschein-see-ab-mai-2012.pdf
[2013/01/26 02:00:00 | 000,917,201 | ---- | C] () -- C:\Users\Fränz\Desktop\Fragenkatalog-See-Mai-2012.pdf
[2013/01/26 01:13:10 | 000,156,160 | ---- | C] () -- C:\Users\Fränz\Desktop\Schallsignale_Schulung.pps
[2013/01/26 01:13:07 | 000,316,416 | ---- | C] () -- C:\Users\Fränz\Desktop\Verkehrszeichen_Schulung.pps
[2013/01/26 01:13:03 | 001,041,920 | ---- | C] () -- C:\Users\Fränz\Desktop\Praxis_des_Segelns_Schulung.pps
[2013/01/26 01:12:44 | 001,432,064 | ---- | C] () -- C:\Users\Fränz\Desktop\Wegerecht_Schulung.pps
[2013/01/26 00:14:49 | 006,819,143 | ---- | C] () -- C:\Users\Fränz\Desktop\VID-20130125-00012.3GP
[2013/01/26 00:04:33 | 008,267,054 | ---- | C] () -- C:\Users\Fränz\Desktop\VID-20130125-00009.3GP
[2013/01/25 20:32:09 | 000,044,635 | ---- | C] () -- C:\Users\Fränz\Desktop\BVG.de - Fahrplanauskunft.pdf
[2013/01/25 01:51:25 | 031,165,163 | ---- | C] () -- C:\Users\Fränz\Desktop\CByeByeMaxiUnofficaltrYmewarez.zip
[2013/01/24 22:58:56 | 002,959,867 | ---- | C] () -- C:\Users\Fränz\Desktop\Vorlesung_LO_WS12_13_16102012_Kompatibilitaetsmodus_.pdf
[2013/01/21 23:08:29 | 000,039,496 | ---- | C] () -- C:\Users\Fränz\Desktop\550052_522660267766295_205696153_n.jpg
[2013/01/21 22:56:48 | 000,011,789 | ---- | C] () -- C:\Users\Fränz\Desktop\399405_10151093813300676_1861637810_n.jpg
[2013/01/20 23:50:25 | 000,030,278 | ---- | C] () -- C:\Users\Fränz\Desktop\1Termine-Nielsen.pdf
[2013/01/20 15:40:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/01/20 13:42:31 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\Citavi 3.lnk
[2013/01/20 11:31:06 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\Norton PC Checkup 3.0.lnk
[2013/01/18 19:56:52 | 273,720,374 | R--- | C] () -- C:\Users\Fränz\Desktop\tk_hv_2013_01_18.mp4
[2013/01/18 11:08:44 | 002,481,271 | ---- | C] () -- C:\Users\Fränz\Desktop\Get-Together WS 2012-2013.pdf
[2013/01/17 21:12:13 | 000,365,847 | ---- | C] () -- C:\Users\Fränz\Desktop\Toolbox.pdf
[2013/01/17 21:02:18 | 001,777,815 | ---- | C] () -- C:\Users\Fränz\Desktop\Master_Leitfaden_121010.pdf
[2013/01/17 20:13:16 | 000,151,977 | ---- | C] () -- C:\Users\Fränz\Desktop\244047_10151351294554486_1227174146_o.jpg
[2013/01/17 09:03:52 | 000,300,409 | ---- | C] () -- C:\Users\Fränz\Desktop\2013-01-17.pdf
[2013/01/16 11:38:45 | 000,009,280 | ---- | C] () -- C:\Users\Fränz\Desktop\632_240x240_Front_Color-White.jpg
[2013/01/16 11:38:34 | 000,408,389 | ---- | C] () -- C:\Users\Fränz\Desktop\MG_6081.jpg
[2013/01/16 11:38:25 | 000,018,308 | ---- | C] () -- C:\Users\Fränz\Desktop\wanderlust-definition-dico.png
[2013/01/16 11:20:35 | 000,178,579 | ---- | C] () -- C:\Users\Fränz\Desktop\Fernweh-a18283518.jpg
[2013/01/15 19:59:18 | 000,060,443 | ---- | C] () -- C:\Users\Fränz\Desktop\Organization TK old.pdf
[2013/01/15 19:57:31 | 000,871,395 | ---- | C] () -- C:\Users\Fränz\Desktop\Organization TK new.pdf
[2013/01/15 19:54:50 | 000,882,851 | ---- | C] () -- C:\Users\Fränz\Desktop\Bild1.jpg
[2013/01/15 17:37:03 | 000,032,336 | ---- | C] () -- C:\Users\Fränz\Desktop\321041_467821476614565_1565470527_n.jpg
[2013/01/14 22:33:28 | 000,096,749 | ---- | C] () -- C:\Users\Fränz\Desktop\426786_542925929051829_1542651037_n.jpg
[2013/01/14 17:10:32 | 001,355,015 | ---- | C] () -- C:\Users\Fränz\Desktop\Fotostrecke Flip-Chart.pdf
[2013/01/14 11:10:44 | 023,759,309 | ---- | C] () -- C:\Users\Fränz\Desktop\Fotostrecke Flip-Charts.rar
[2013/01/14 11:09:36 | 000,114,487 | ---- | C] () -- C:\Users\Fränz\Desktop\Infoblätter für Coaches.pdf
[2013/01/13 11:39:30 | 106,203,887 | ---- | C] () -- C:\Users\Fränz\Desktop\Mic Do - Plenty Of L (Ama Edi) (2012).rar
[2013/01/13 10:09:46 | 350,315,347 | ---- | C] () -- C:\Users\Fränz\Desktop\5141414108.Rmmstn-GrtstHts.zip
[2013/01/11 22:03:50 | 046,114,786 | ---- | C] () -- C:\Users\Fränz\Desktop\Make It Count.avi
[2013/01/10 19:03:57 | 000,043,938 | ---- | C] () -- C:\Users\Fränz\Desktop\734986_477331422304164_1239645383_n.jpg
[2013/01/10 12:46:01 | 000,021,111 | ---- | C] () -- C:\Users\Fränz\Desktop\768_10200367504657345_1269863194_n.jpg
[2013/01/09 23:08:39 | 000,006,104 | ---- | C] () -- C:\Users\Fränz\Desktop\218088_10200296573763848_1901334179_n.jpg
[2013/01/09 23:07:49 | 000,023,882 | ---- | C] () -- C:\Users\Fränz\Desktop\148919_10151331107452332_40365430_n.jpg
[2013/01/09 23:03:45 | 000,042,541 | ---- | C] () -- C:\Users\Fränz\Desktop\400075_411994568878146_957912623_n.jpg
[2013/01/09 12:11:35 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2013/01/08 15:06:33 | 000,052,623 | ---- | C] () -- C:\Users\Fränz\Desktop\Bestaetigung.pdf
[2013/01/08 14:35:01 | 000,816,817 | ---- | C] () -- C:\Users\Fränz\Desktop\Protokoll_Vorstandsstrategie.pdf
[2013/01/06 09:25:16 | 000,002,102 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013/01/03 22:40:55 | 003,139,304 | ---- | C] () -- C:\Users\Fränz\Desktop\MS_Project_Tutorial.pdf
[2013/01/03 21:56:00 | 000,044,006 | ---- | C] () -- C:\Users\Fränz\Desktop\Finanzreport_Nr.12_vom_31.12.2012740148.pdf
[2013/01/03 18:53:14 | 000,025,306 | ---- | C] () -- C:\Users\Fränz\Desktop\ToDo for you.dotm
[2013/01/03 16:51:04 | 000,025,285 | ---- | C] () -- C:\Users\Fränz\Documents\ToDo for you.dotm
[2013/01/03 16:48:22 | 000,025,348 | ---- | C] () -- C:\Users\Fränz\Documents\ToDo for you.dotx
[2013/01/02 23:22:38 | 000,025,525 | ---- | C] () -- C:\Users\Fränz\Desktop\418606_485733534811724_1437033175_n.jpg
[2013/01/02 11:50:27 | 000,110,298 | ---- | C] () -- C:\Users\Fränz\Desktop\736011_504370986264197_1610935081_o.jpg
[2012/12/31 17:57:26 | 001,494,054 | ---- | C] () -- C:\Users\Fränz\Desktop\Desktop-Hintergrund.bmp
[2012/12/31 17:43:54 | 000,029,964 | ---- | C] () -- C:\Users\Fränz\Desktop\b2-l_p_457378_2_frittenbudebildermitkatzevideoaudiolithbratze.jpg
[2012/12/31 15:33:01 | 000,144,059 | ---- | C] () -- C:\Users\Fränz\Desktop\399286_510607585646210_1644454261_n.jpg
[2012/12/30 23:15:57 | 000,038,450 | ---- | C] () -- C:\Users\Fränz\Desktop\534685_478544048856585_1245799438_n.jpg
[2012/12/30 21:25:45 | 000,157,436 | ---- | C] () -- C:\Users\Fränz\Desktop\736363_526210054064014_461172559_o.jpg
[2012/12/30 13:20:18 | 014,585,520 | ---- | C] () -- C:\Users\Fränz\Desktop\Jung von MattLimmat Pro Infirmis Kommen Sie näher.avi
[2012/12/30 13:16:12 | 031,314,882 | ---- | C] () -- C:\Users\Fränz\Desktop\What if money was no object.avi
[2012/12/29 20:48:20 | 000,029,156 | ---- | C] () -- C:\Users\Fränz\Desktop\531232_574480222569243_2097776549_n.jpg
[2012/12/18 10:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/12/18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/12/18 10:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/12/18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/12/18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012/12/08 22:15:00 | 000,000,173 | ---- | C] () -- C:\Users\Fränz\AppData\Local\msmathematics.qat.Fränz
[2012/11/29 21:23:09 | 000,007,605 | ---- | C] () -- C:\Users\Fränz\AppData\Local\Resmon.ResmonCfg
[2012/11/25 15:46:48 | 000,000,076 | ---- | C] () -- C:\Users\Fränz\AppData\Roaming\AVSDVDPlayer.m3u
[2012/11/25 13:27:02 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/11/25 13:27:02 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/11/16 21:33:41 | 000,233,464 | ---- | C] () -- C:\Windows\hpoins47.dat
[2012/11/10 13:41:38 | 000,000,492 | ---- | C] () -- C:\Windows\wininit.ini
[2012/11/06 23:29:02 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/11 12:16:39 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/04/11 12:16:38 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/04/11 12:16:38 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/04/11 12:16:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/04/11 12:16:36 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >