Spybot SD macht immer das Admin-Fenster auf

Dännis · 07.07.2013, 11:52

Hallo,

ich habe ein Problem mit Spybot. Ich habe SPybot mein System scannen lassen und es hat auch einige Einträge gefunden, die ich entfernen lassen wollte. Seitdem geht immer das Admin-fenster auf. Egal ob ich es zulasse oder verweigere, es öffnet sich sofort wieder.
Ich vermute das Spybot versucht, eine Datei zu löschen, die irgendwie nicht löschbar ist.
Leider konnte ich es auch in der Aufgabenplanung von Spybot nicht deaktivieren, weil ich nicht weiß, welcher Prozess es ist. (Es stehen sehr viel Aufgaben in der Planung).

Ich bin echt überfordert damit, egal wie lange ich es mir anschaue und versuche, da irgendwas zu machen, ich komme nicht weiter.

Bitte entschuldigt wenn ich das Thema in der falschen Kategorie gepostet habe. Es ist mein erstes Thema hier im Forum.
Ich weiß auch nicht, ob ich jetzt Logfiles posten sollte oder sowas.
Wäre super, wenn ihr mir weiterhelfen könntet.

Danke im Voraus und einen schönen Sonntag noch...

M-K-D-B · 07.07.2013, 11:53

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden. Es können mehrere Analyse- und Bereinigungsschritte erforderlich sein.
Abschließend entfernen wir wieder alle verwendeten Programme und ich gebe dir ein paar Tipps für die Zukunft mit auf den Weg.
Bei Anzeichen von illegaler Software wird der Support ohne Diskussion eingestellt.
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Führe nur Scans durch, zu denen du von mir oder einem anderen Helfer aufgefordert wirst.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software außer du wirst dazu aufgefordert.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Ich habe dein Thema in Arbeit und melde mich so schnell wie möglich mit weiteren Anweisungen.

M-K-D-B · 07.07.2013, 11:55

Servus,

Zitat:

Ich habe SPybot mein System scannen lassen und es hat auch einige Einträge gefunden, die ich entfernen lassen wollte.

Poste bitte die Logdatei von Spybot mit den genannten Funden.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Dännis · 09.07.2013, 13:34

Hallo,

danke das Du Dich meinem Problem annimmst.

Hier ist das Logg von FRST und die Addition.

Leider ist die FRST-datei zu groß zum einfügen und auch zu groß zum anhängen.

Addition ist im Anhang. Soll ich FRST vielleicht woanders hochladen?

Netten Gruß

Dännis · 09.07.2013, 13:37

Ich habe jetzt mal ´nur´die Spyboteinträge kopiert. Vielleicht hilft das ja schon.

Edit: Anhang ist immer noch zu groß, 104,3 kb.

Hab jetzt gesehen, das fast alle Einträge so aussehen. Alle Einträe haben was mit dieser Sweet IM Toolbar zu tun.

HKCU\...\Runonce: [SpybotDeletingF2023] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png" [x]

M-K-D-B · 09.07.2013, 14:47

Servus,

teile die Logdatei von FRST auf 2-3 Posts auf, verwende dabei Code-Boxen.

Dännis · 10.07.2013, 08:14

OK, dann mach ich das mal

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by D (administrator) on 07-07-2013 13:06:42
Running from C:\Users\D\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-25] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [3825176 2012-11-13] (Safer-Networking Ltd.)]
HKCU\...\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean [3713032 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF1470] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7897] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF4301] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF2050] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF5664] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8408] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest" [x]
HKCU\...\Runonce: [SpybotDeletingF1221] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8150] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF654] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF5341] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\about.html" [x]
HKCU\...\Runonce: [SpybotDeletingF6835] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat" [x]
HKCU\...\Runonce: [SpybotDeletingF5441] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF5579] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2475] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3175] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8010] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8549] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7030] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2859] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6279] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4586] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9851] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2215] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\KeyboardButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7634] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3066] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif" [x]
HKCU\...\Runonce: [SpybotDeletingF5656] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif" [x]
HKCU\...\RunOnce: [SpybotDeletingF1965] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js" [2710040 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF8854] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dating.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2786] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6420] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6178] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6848] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9451] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\find.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5415] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2731] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\games.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7467] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2440] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3596] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5556] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3226] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1458] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6900] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7856] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9140] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6164] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\music.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8425] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3073] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3382] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\help.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6195] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6672] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF7476] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4730] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8183] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8502] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1866] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html" [x]
HKCU\...\Runonce: [SpybotDeletingF3918] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1693] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\music.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5908] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgICQMessengerAdapter.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF5249] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\options.html" [x]
HKCU\...\Runonce: [SpybotDeletingF2614] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9891] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4982] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7814] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8869] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3595] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8538] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF282] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9442] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8698] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\photos.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5590] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5689] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3439] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1339] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5780] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF6805] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png" [x]
HKCU\...\RunOnce: [SpybotDeletingF9719] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js" [2710040 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF5896] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1643] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Delta\delta\1.8.21.0\bh\delta.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF6675] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Delta\delta\1.8.21.0\deltaEng.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7063] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Delta\delta\1.8.21.0\deltasrv.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF9866] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Delta\delta\1.8.21.0\deltaTlbr.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF3460] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Delta\delta\1.8.21.0\GUninstaller.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF8410] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Delta\delta\1.8.21.0\uninstall.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF4580] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}\ARPPRODUCTICON.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF4620] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\ContentPackagesActivationHandler.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF184] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\default.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF5865] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7674] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgArchive.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF5420] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7507] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgcommunication.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF3212] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgconfig.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF1627] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgFlashPlayer.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF3751] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mghooking.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF5015] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgICQAuto.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7132] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mglogger.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8797] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgMediaPlayer.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF5453] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgMsnAuto.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF4948] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgMsnMessengerAdapter.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7374] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF9274] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgSweetIM.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF1592] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF2688] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF1629] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgYahooAuto.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF3667] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgYahooMessengerAdapter.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF9221] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\msvcp71.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF3651] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\msvcr71.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF9175] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\AudibleButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF856] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5940] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\EmoticonButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5019] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\GamesButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9384] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\KeyboardButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1278] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\NudgeButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2736] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\SoundFxButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5509] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\WinksButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1825] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7562] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\SweetIM.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF9568] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF2643] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF4633] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\default.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF1292] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF5277] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF9127] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF1215] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF7983] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mghooking.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8095] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF1902] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF1568] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF2983] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7693] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF6437] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest" [x]
HKCU\...\Runonce: [SpybotDeletingF3063] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF1524] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF4134] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF9340] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\about.html" [x]
HKCU\...\Runonce: [SpybotDeletingF883] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat" [x]
HKCU\...\Runonce: [SpybotDeletingF1897] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF2590] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7723] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2240] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF826] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7486] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5297] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5373] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6220] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2470] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4462] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8992] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2304] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7943] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png" [x]
HKCU\...\Runonce: [SpybotDeletingF274] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif" [x]
HKCU\...\Runonce: [SpybotDeletingF2269] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif" [x]
HKCU\...\RunOnce: [SpybotDeletingF596] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js" [2710040 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF6445] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dating.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4306] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4976] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7309] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7904] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9959] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\find.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3606] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7098] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\games.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6462] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3026] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6568] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF434] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4603] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6652] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1664] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2885] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8018] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8580] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9145] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2027] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4476] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\help.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5658] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6787] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF2305] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9059] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6943] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6573] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9514] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html" [x]
HKCU\...\Runonce: [SpybotDeletingF164] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png" [x]
HKCU\...\Runonce: [SpybotDeletingF287] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\options.html" [x]
HKCU\...\Runonce: [SpybotDeletingF7380] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5503] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7085] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3912] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1898] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF251] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6864] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF777] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8982] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1930] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8035] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9099] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\photos.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8006] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5562] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1404] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1871] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6069] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7087] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\about.html" [x]
HKCU\...\Runonce: [SpybotDeletingF6828] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF560] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png" [x]
HKCU\...\RunOnce: [SpybotDeletingF8059] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js" [2710040 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF1778] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5734] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\ContentPackagesActivationHandler.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF9187] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\default.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF2125] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF9436] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF1908] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgcommunication.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF6526] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgconfig.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8524] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgFlashPlayer.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7753] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mghooking.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7796] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgICQAuto.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF6313] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgICQMessengerAdapter.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF4175] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mglogger.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF6700] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgMediaPlayer.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8945] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgMsnAuto.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7902] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgMsnMessengerAdapter.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF119] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgsimcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF3031] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgSweetIM.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF1459] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF6898] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8882] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgYahooAuto.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF2900] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\msvcp71.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF2251] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\msvcr71.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7806] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1000] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\EmoticonButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2901] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\GamesButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7479] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\NudgeButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1306] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\SoundFxButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8399] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\WinksButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3991] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8806] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\SweetIM.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF612] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\AudibleButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4702] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3944] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\EmoticonButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1270] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\GamesButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4784] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\KeyboardButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9379] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\NudgeButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6521] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\SoundFxButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF981] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\WinksButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2163] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\AudibleButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1402] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1694] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\EmoticonButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3279] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\GamesButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6807] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\KeyboardButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3316] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\NudgeButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9621] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\SoundFxButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2628] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\WinksButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7456] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8205] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF6495] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest" [x]
HKCU\...\Runonce: [SpybotDeletingF2604] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF2899] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF9329] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7810] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\about.html" [x]
HKCU\...\Runonce: [SpybotDeletingF3938] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat" [x]
HKCU\...\Runonce: [SpybotDeletingF555] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF1661] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8351] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1936] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3600] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6837] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF313] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4061] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7964] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1906] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5986] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF187] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2026] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1209] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif" [x]
HKCU\...\Runonce: [SpybotDeletingF2595] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif" [x]
HKCU\...\RunOnce: [SpybotDeletingF7675] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js" [2710040 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF5671] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF5455] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5626] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3555] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9450] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4764] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\find.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4663] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8647] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\games.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2005] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9009] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7208] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF464] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3307] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2441] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2780] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9387] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\music.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5711] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6788] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF537] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4935] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9287] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7624] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\help.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8836] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png" [x]
HKCU\...\Runonce: [SpybotDeletingF943] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF2611] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5362] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3708] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6002] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8212] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html" [x]
HKCU\...\Runonce: [SpybotDeletingF3722] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9506] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\music.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8676] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\news.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7036] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2744] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7004] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1717] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3303] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4790] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8093] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2150] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3535] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6342] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3209] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\photos.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6941] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7838] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png" [x]
HKCU\...\Runonce: [SpybotDeletingF323] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png" [x]
HKCU\...\Runonce: [SpybotDeletingF120] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7679] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5552] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF3039] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4904] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png" [x]
HKCU\...\RunOnce: [SpybotDeletingF6952] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js" [2710040 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF4373] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7947] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF3094] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF3797] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\default.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF5698] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8048] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF4997] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF1052] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF7578] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF6951] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF2121] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF9420] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF9001] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF4121] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest" [x]
HKCU\...\Runonce: [SpybotDeletingF1870] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7417] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF2009] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8167] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat" [x]
HKCU\...\Runonce: [SpybotDeletingF4659] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF3019] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9764] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF706] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2512] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9191] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1335] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9530] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF325] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF493] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8688] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png" [x]

Dännis · 10.07.2013, 08:15

Hier ist der Rest:

Code:

ATTFilter

HKCU\...\Runonce: [SpybotDeletingF1875] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2207] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1003] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7555] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif" [x]
HKCU\...\Runonce: [SpybotDeletingF3994] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif" [x]
HKCU\...\RunOnce: [SpybotDeletingF5429] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js" [2710040 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF3080] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dating.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3129] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6750] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6980] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5999] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1510] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\find.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4688] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1314] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\games.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6602] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3261] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9855] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1677] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2426] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5699] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5421] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9159] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1608] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2895] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9030] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF4852] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3812] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3321] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\help.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2684] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3614] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4940] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1475] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6097] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7863] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html" [x]
HKCU\...\Runonce: [SpybotDeletingF4795] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png" [x]
HKCU\...\Runonce: [SpybotDeletingF621] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\news.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5541] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\options.html" [x]
HKCU\...\Runonce: [SpybotDeletingF74] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5017] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7361] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1579] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3328] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8308] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6582] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1794] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF377] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3719] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7799] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2318] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\photos.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3917] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7265] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3410] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png" [x]
HKCU\...\Runonce: [SpybotDeletingF749] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2660] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF370] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5983] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8894] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF7825] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF5617] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\default.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF3257] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8188] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF6935] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8140] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF844] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mghooking.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF6529] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF4285] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF652] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5418] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF4179] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest" [x]
HKCU\...\Runonce: [SpybotDeletingF2879] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF3448] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF3967] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF7830] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\about.html" [x]
HKCU\...\Runonce: [SpybotDeletingF702] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat" [x]
HKCU\...\Runonce: [SpybotDeletingF1645] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF5229] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5036] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF426] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2976] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2691] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9177] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8216] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5870] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6724] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF460] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9978] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF658] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8171] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2802] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif" [x]
HKCU\...\Runonce: [SpybotDeletingF7328] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif" [x]
HKCU\...\RunOnce: [SpybotDeletingF6226] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js" [2710040 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF6883] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dating.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3654] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8187] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1207] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png" [x]
HKCU\...\Runonce: [SpybotDeletingF131] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7364] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\find.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7037] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\games.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2729] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3104] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9553] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6903] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1942] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8335] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7207] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF801] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1465] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7399] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\help.png" [x]
HKCU\...\Runonce: [SpybotDeletingF892] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8857] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF6134] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7503] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3044] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png" [x]
HKCU\...\Runonce: [SpybotDeletingF786] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html" [x]
HKCU\...\Runonce: [SpybotDeletingF7535] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7837] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\music.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1241] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\options.html" [x]
HKCU\...\Runonce: [SpybotDeletingF2581] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9960] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6475] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9121] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5387] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7583] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png" [x]
HKCU\...\Runonce: [SpybotDeletingF174] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9810] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8304] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF631] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\photos.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4154] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png" [x]
HKCU\...\Runonce: [SpybotDeletingF568] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png" [x]
HKCU\...\Runonce: [SpybotDeletingF887] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4320] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7990] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1125] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF2077] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8484] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png" [x]
HKCU\...\RunOnce: [SpybotDeletingF3210] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js" [2710040 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF165] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF155] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Delta\delta\1.8.21.0\deltasrv.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF2120] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Delta\delta\1.8.21.0\GUninstaller.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF1497] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Delta\delta\1.8.21.0\uninstall.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF326] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}\ARPPRODUCTICON.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF451] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF8908] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF550] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\sweetim.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF9060] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\messages.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF2111] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\default.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF3999] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\msvcp71.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8350] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\msvcr71.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF9969] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\SweetIM.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF2933] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\AudibleButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8656] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8845] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\EmoticonButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1493] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\GamesButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7014] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\KeyboardButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9868] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\NudgeButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7369] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\SoundFxButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4300] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\resources\images\WinksButton.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3756] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\default.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF5417] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF6048] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8180] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mghooking.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF888] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF2981] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF8210] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF18] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\about.html" [x]
HKCU\...\Runonce: [SpybotDeletingF3206] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat" [x]
HKCU\...\Runonce: [SpybotDeletingF6618] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF2307] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\bing.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6890] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png" [x]
HKCU\...\RunOnce: [SpybotDeletingF4279] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js" [2710040 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF7033] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif" [x]
HKCU\...\Runonce: [SpybotDeletingF4048] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif" [x]
HKCU\...\Runonce: [SpybotDeletingF1007] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dating.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6340] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4753] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8543] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9040] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4054] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\find.png" [x]
HKCU\...\Runonce: [SpybotDeletingF7637] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\games.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6950] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1332] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\google.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8450] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\help.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6987] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8801] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF7401] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8881] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4677] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2023] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png" [x]
HKCU\...\Runonce: [SpybotDeletingF5536] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2260] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\music.png" [x]
HKCU\...\Runonce: [SpybotDeletingF1880] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\news.png" [x]
HKCU\...\Runonce: [SpybotDeletingF6570] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\options.html" [x]
HKCU\...\Runonce: [SpybotDeletingF5159] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\photos.png" [x]
HKCU\...\Runonce: [SpybotDeletingF8775] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png" [x]
HKCU\...\Runonce: [SpybotDeletingF2416] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9041] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png" [x]
HKCU\...\Runonce: [SpybotDeletingF9496] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4449] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4060] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml" [x]
HKCU\...\Runonce: [SpybotDeletingF2185] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\video.png" [x]
HKCU\...\Runonce: [SpybotDeletingF4319] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png" [x]
HKCU\...\RunOnce: [SpybotDeletingF5972] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js" [2710040 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Runonce: [SpybotDeletingF2553] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png" [x]
HKCU\...\Runonce: [SpybotDeletingF3123] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\mgMediaPlayer.dll" [x]
HKCU\...\Runonce: [SpybotDeletingF9124] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Messenger\ContentPackagesActivationHandler.exe" [x]
HKCU\...\Runonce: [SpybotDeletingF3217] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe" [x]
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.0\bh\delta.dll No File
BHO: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.0\deltaTlbr.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C4B41143-8F3C-42EA-89BB-C3CDC2708E16}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\pftwn81p.default
FF user.js: detected! => C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\pftwn81p.default\user.js
FF SelectedSearchEngine: Startpage HTTPS - Deutsch
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF SearchPlugin: C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\pftwn81p.default\searchplugins\startpage-https---deutsch.xml
FF Extension: Delta Toolbar - C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\pftwn81p.default\Extensions\ffxtlbr@delta.com
FF Extension: Ghostery - C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\pftwn81p.default\Extensions\firefox@ghostery.com
FF Extension: No Name - C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\pftwn81p.default\Extensions\{bb65e674-b194-4b6e-8033-5fa0afe3a198}.xpi
FF Extension: No Name - C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\pftwn81p.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: No Name - C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\pftwn81p.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-06-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-25] (Avira Operations GmbH & Co. KG)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R4 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S4 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)

==================== Drivers (Whitelisted) ====================

R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-04-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-04-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-13] (Avira Operations GmbH & Co. KG)
S3 NTIOLib_1_0_4; C:\Program Files\MSI\Live Update 5\NTIOLib.sys [7680 2010-10-20] (MSI)
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-04-13] (Avira GmbH)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-07 13:06 - 2013-07-07 13:06 - 00000000 ____D C:\FRST
2013-07-07 13:05 - 2013-07-07 13:05 - 01373373 ____A (Farbar) C:\Users\D\Downloads\FRST.exe
2013-07-07 12:33 - 2013-07-07 12:33 - 00000000 ____D C:\Users\D\Documents\ProcAlyzer Dumps
2013-07-07 12:16 - 2013-07-07 12:16 - 00000056 ____A C:\Windows\setupact.log
2013-07-07 12:16 - 2013-07-07 12:16 - 00000000 ____A C:\Windows\setuperr.log
2013-07-07 12:15 - 2013-07-07 12:16 - 00265640 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-04 15:25 - 2013-07-04 15:25 - 00006605 ____A C:\Windows\wininit.ini
2013-06-29 18:16 - 2013-06-29 18:17 - 00000000 ____D C:\Users\D\Desktop\iso
2013-06-29 17:58 - 2013-06-29 18:10 - 832569344 ____A C:\Users\D\Downloads\ubuntu-13.04-desktop-i386(1).iso
2013-06-29 16:53 - 2013-06-29 16:54 - 00000000 ____D C:\Users\D\Desktop\Ubuntu
2013-06-29 16:34 - 2013-06-29 17:18 - 00000000 ____D C:\Users\D\VirtualBox VMs
2013-06-29 16:32 - 2013-06-29 19:33 - 00000000 ____D C:\Users\D\.VirtualBox
2013-06-29 16:28 - 2013-06-29 16:28 - 00001076 ____A C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-06-29 16:28 - 2013-06-21 16:17 - 00188176 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxDrv.sys
2013-06-29 16:27 - 2013-06-29 16:27 - 00000000 ____D C:\Program Files\Oracle
2013-06-29 16:27 - 2013-06-21 16:16 - 00094480 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxUSBMon.sys
2013-06-24 11:13 - 2013-06-24 11:13 - 00000682 ____A C:\Users\D\Documents\Jappy.txt
2013-06-21 16:28 - 2013-07-02 14:48 - 00000064 ____A C:\Users\D\Documents\Email Juni2013.txt
2013-06-21 16:16 - 2013-06-21 16:16 - 00174864 ____A (Oracle Corporation) C:\Windows\System32\VBoxNetFltNobj.dll
2013-06-21 16:16 - 2013-06-21 16:16 - 00115984 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxNetFlt.sys
2013-06-21 16:16 - 2013-06-21 16:16 - 00104720 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxNetAdp.sys
2013-06-19 11:35 - 2013-06-19 11:35 - 
2013-06-12 10:59 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 10:59 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 10:59 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 10:59 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 10:59 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 10:59 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 10:56 - 2013-05-17 03:26 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 10:56 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 10:56 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 10:56 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 10:56 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 10:56 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 10:56 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 10:56 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 10:56 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 10:56 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 10:38 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 10:37 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 10:37 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 10:37 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 10:37 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 10:37 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 10:37 - 2013-05-08 07:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 10:37 - 2013-05-06 07:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-12 10:37 - 2013-05-06 07:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-10 12:35 - 2013-06-10 12:36 - 00000000 ____D C:\Users\D\AppData\Roaming\TrueCrypt
2013-06-10 12:33 - 2013-06-10 12:33 - 00231760 ____A (TrueCrypt Foundation) C:\Windows\System32\Drivers\truecrypt.sys
2013-06-10 12:33 - 2013-06-10 12:33 - 00001028 ____A C:\Users\Public\Desktop\TrueCrypt.lnk
2013-06-10 12:32 - 2013-06-10 12:33 - 00000000 ____D C:\Program Files\TrueCrypt
2013-06-10 12:32 - 2013-06-10 12:32 - 03466248 ____A (TrueCrypt Foundation) C:\Users\D\Downloads\TrueCrypt Setup 7.1a.exe
2013-06-07 15:28 - 2013-06-30 12:49 - 00000000 ____D C:\Users\D\Desktop\TOR

==================== One Month Modified Files and Folders ========

2013-07-07 13:06 - 2013-07-07 13:06 - 00000000 ____D C:\FRST
2013-07-07 13:05 - 2013-07-07 13:05 - 01373373 ____A (Farbar) C:\Users\D\Downloads\FRST.exe
2013-07-07 12:33 - 2013-07-07 12:33 - 00000000 ____D C:\Users\D\Documents\ProcAlyzer Dumps
2013-07-07 12:33 - 2013-05-24 10:41 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-07 12:29 - 2013-05-28 11:40 - 00000436 ____A C:\Users\D\Documents\email.txt
2013-07-07 12:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\LogFiles
2013-07-07 12:16 - 2013-07-07 12:16 - 00000056 ____A C:\Windows\setupact.log
2013-07-07 12:16 - 2013-07-07 12:16 - 00000000 ____A C:\Windows\setuperr.log
2013-07-07 12:16 - 2013-07-07 12:15 - 00265640 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-07 12:16 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-07 12:15 - 2013-05-24 09:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-06 14:01 - 2013-06-03 16:54 - 00952418 ____A C:\Windows\WindowsUpdate.log
2013-07-06 14:01 - 2009-07-14 06:34 - 00022464 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-06 14:01 - 2009-07-14 06:34 - 00022464 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-06 13:59 - 2013-04-13 15:07 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-06 13:58 - 2013-06-04 15:08 - 00000000 ____D C:\Users\D\AppData\Roaming\.purple
2013-07-04 15:25 - 2013-07-04 15:25 - 00006605 ____A C:\Windows\wininit.ini
2013-07-02 11:53 - 2013-07-02 11:53 - 00001032 ____A C:\Users\D\Documents\Shops Juli 2013.txt
2013-07-01 16:33 - 2013-04-10 12:28 - 01499374 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-30 12:49 - 2013-06-07 15:28 - 00000000 ____D C:\Users\D\Desktop\TOR
2013-06-30 12:48 - 2013-05-10 15:53 - 00000000 ____D C:\Users\D\AppData\Roaming\tor
2013-06-29 19:33 - 2013-06-29 16:32 - 00000000 ____D C:\Users\D\.VirtualBox
2013-06-29 18:17 - 2013-06-29 18:16 - 00000000 ____D C:\Users\D\Desktop\iso
2013-06-29 18:10 - 2013-06-29 17:58 - 832569344 ____A C:\Users\D\Downloads\ubuntu-13.04-desktop-i386(1).iso
2013-06-29 17:18 - 2013-06-29 16:34 - 00000000 ____D C:\Users\D\VirtualBox VMs
2013-06-29 16:54 - 2013-06-29 16:53 - 00000000 ____D C:\Users\D\Desktop\Ubuntu
2013-06-29 16:34 - 2013-04-10 12:17 - 00000000 ____D C:\users\D
2013-06-29 16:28 - 2013-06-29 16:28 - 00001076 ____A C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-06-29 16:28 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\DriverStore
2013-06-29 16:27 - 2013-06-29 16:27 - 00000000 ____D C:\Program Files\Oracle
2013-06-25 10:46 - 2013-05-10 12:40 - 00067168 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-22 13:43 - 2009-07-14 09:48 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-06-21 16:17 - 2013-06-29 16:28 - 00188176 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxDrv.sys
2013-06-21 16:16 - 2013-06-29 16:27 - 00094480 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxUSBMon.sys
2013-06-21 16:16 - 2013-06-21 16:16 - 00174864 ____A (Oracle Corporation) C:\Windows\System32\VBoxNetFltNobj.dll
2013-06-21 16:16 - 2013-06-21 16:16 - 00115984 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxNetFlt.sys
2013-06-21 16:16 - 2013-06-21 16:16 - 00104720 ____A (Oracle Corporation) C:\Windows\System32\Drivers\VBoxNetAdp.sys
2013-06-19 11:35 - 2013-06-19 11:35 - 00000917 ____A C:\Users\D\Documents\Shops rnd.txt
2013-06-14 14:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-06-12 18:26 - 2003-01-01 10:39 - 00000000 ____D C:\Windows\Panther
2013-06-12 16:05 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-12 10:57 - 2013-05-10 13:40 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 14:18 - 2013-05-20 13:06 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-06-10 12:36 - 2013-06-10 12:35 - 00000000 ____D C:\Users\D\AppData\Roaming\TrueCrypt
2013-06-10 12:33 - 2013-06-10 12:33 - 00231760 ____A (TrueCrypt Foundation) C:\Windows\System32\Drivers\truecrypt.sys
2013-06-10 12:33 - 2013-06-10 12:33 - 00001028 ____A C:\Users\Public\Desktop\TrueCrypt.lnk
2013-06-10 12:33 - 2013-06-10 12:32 - 00000000 ____D C:\Program Files\TrueCrypt
2013-06-10 12:32 - 2013-06-10 12:32 - 03466248 ____A (TrueCrypt Foundation) C:\Users\D\Downloads\TrueCrypt Setup 7.1a.exe
2013-06-08 13:42 - 2013-06-12 10:59 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 13:40 - 2013-06-12 10:59 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 13:40 - 2013-06-12 10:59 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 13:40 - 2013-06-12 10:59 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 13:40 - 2013-06-12 10:59 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 13:13 - 2013-06-12 10:59 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 10:41

==================== End Of Log ============================

[/CODE]

Hier die Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-07-2013
Ran by D at 2013-07-07 13:07:36
Running from C:\Users\D\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Avira Free Antivirus (Version: 13.0.0.3737)
CCleaner (Version: 4.01)
Delta Chrome Toolbar
Delta toolbar   (Version: 1.8.21.0)
Free YouTube to MP3 Converter version 3.12.2.430 (Version: 3.12.2.430)
Internet Explorer Toolbar 4.6 by SweetPacks (Version: 4.6.0003)
Live Update 5 (Version: 5.0.102)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
Oracle VM VirtualBox 4.2.14 (Version: 4.2.14)
Pidgin (Version: 2.10.7)
pidgin-otr 4.0.0-1 (Version: 4.0.0-1)
Realtek AC'97 Audio
Spybot - Search & Destroy (Version: 2.0.12)
Spyware Terminator 2012 (Version: 3.0.0.82)
SweetIM for Messenger 3.7 (Version: 3.7.0007)
Tor 0.2.3.25
TrueCrypt (Version: 7.1a)
Vidalia 0.2.21
WinRAR 4.20 (32-Bit) (Version: 4.20.0)

==================== Restore Points  =========================

06-07-2013 09:08:03 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B8824F7-9CA7-428A-A87F-8B8863DE46ED} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {341ADDC6-E665-4578-9E40-2CFE1AAAA04B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe No File
Task: {5628AEE0-BCD8-4D00-809E-C92CECBECCF6} - \CCleanerSkipUAC No Task File
Task: {87AC2A72-13B2-46F5-854C-1FA9E3FCF094} - System32\Tasks\EPUpdater => C:\Users\D\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {89615C71-5508-4024-92D6-927059CEEA8D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe No File
Task: {BAE6352D-4841-4FEB-BA62-6E58BB5EDC30} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {CAE043E2-B1F8-4F85-A61A-59681FB00959} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe No File

==================== Faulty Device Manager Devices =============

Name: Realtek RTL8169/8110-Familie-PCI-Gigabit-Ethernet-NIC (NDIS 6.20)
Description: Realtek RTL8169/8110-Familie-PCI-Gigabit-Ethernet-NIC (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2013 00:16:51 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2013 00:16:51 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2013 00:16:51 PM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2013 00:16:51 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (07/07/2013 00:16:50 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2013 00:16:50 PM) (Source: Windows Search Service) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/07/2013 00:16:50 PM) (Source: Windows Search Service) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2013 00:16:50 PM) (Source: Windows Search Service) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2013 00:16:50 PM) (Source: Windows Search Service) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (07/07/2013 00:16:49 PM) (Source: ESENT) (User: )
Description: Windows (2264) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00022.log.


System errors:
=============
Error: (07/07/2013 00:16:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/07/2013 00:16:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (07/06/2013 11:02:22 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/05/2013 09:03:19 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/04/2013 09:14:32 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/04/2013 09:14:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/04/2013 09:14:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (07/03/2013 10:06:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/03/2013 09:45:15 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/03/2013 09:45:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (07/07/2013 00:16:51 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2013 00:16:51 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2013 00:16:51 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/07/2013 00:16:51 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (07/07/2013 00:16:50 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (07/07/2013 00:16:50 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (07/07/2013 00:16:50 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (07/07/2013 00:16:50 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (07/07/2013 00:16:50 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (07/07/2013 00:16:49 PM) (Source: ESENT)(User: )
Description: Windows2264Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00022.log-1811

Hoffe ich habs jetzt richtig gemacht, NG

M-K-D-B · 10.07.2013, 13:59

Servus,

ja, alles richtig gemacht.

Bitte die folgenden Schritte abarbeiten und die Logdateien dazu posten.

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 3
Starte FRST erneut und führe einen neuen Suchlauf durch. Poste die dazugehörige Logdatei.

Dännis · 10.07.2013, 15:10

Ok.
Habe ich gemacht. Das nächste Problem ist, das adwcleaner das logfile ja beim nächsten Start anzeigt. Bei mir aber kommt vorher schon das admin-fenster von Spybot. Ich hab dann versucht (über msconfig) Spybot nicht automatisch zu starten. Trotzdem kommt das Fenster und ich kann das logfile manuell nicht finden...

M-K-D-B · 11.07.2013, 18:28

Servus,

tu bitte uns beiden einen Gefallen und mach folgendes:

Starte deinen Rechner nach dieser Anleitung im abgesicherten Modus mit Netzwerktreibern und deinstalliere dort Spybot 2.

Die Logdatei von AdwCleaner findest du hier: C:\AdwCleaner[Sx].txt

Führe JRT wie beschrieben ebenfalls im abgesicherten Modus mit Netzwerkunterstützung aus und poste die Logdatei dazu.

Dännis · 13.07.2013, 10:24

Hallo,

ich weiß nicht genau warum, aber auf einmal ist das Admin-fenster weg und kommt auch nicht mehr^^

.

Trotzdem ist mein Rechner langsam und läuft nicht sauber. Ich poste die Logs mal, evtl. ist es ja was anderes.

Code:

ATTFilter

# AdwCleaner v2.305 - Datei am 13/07/2013 um 11:15:58 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : D - D-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\D\Desktop\adw\AdwCleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\D\AppData\Roaming\Mozilla\Firefox\Profiles\pftwn81p.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [897 octets] - [10/07/2013 15:50:59]
AdwCleaner[S1].txt - [9778 octets] - [10/07/2013 15:46:09]
AdwCleaner[S2].txt - [958 octets] - [10/07/2013 15:53:48]
AdwCleaner[S3].txt - [890 octets] - [13/07/2013 11:15:58]

########## EOF - C:\AdwCleaner[S3].txt - [949 octets] ##########

JRT führe ich jetzt aus und edditiere gleich.

NG

Edit: JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.9 (07.12.2013:2)
OS: Windows 7 Home Premium x86
Ran by D on 13.07.2013 at 11:25:20,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\D\AppData\Roaming\mozilla\firefox\profiles\pftwn81p.default\minidumps [24 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.07.2013 at 11:27:49,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

M-K-D-B · 13.07.2013, 11:57

Servus,

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop (falls noch nicht vorhanden).

Starte bitte die OTL.exe.
Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Standard Ausgabe.
Setze einen Haken bei Scanne alle Benutzer.
Unter Extra Registry, wähle bitte Use SafeList.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

activex
msconfig
CREATERESTOREPOINT

Schließe bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Scan Button.
Am Ende des Suchlaufs werden 2 Logdateien erstellt.
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Dännis · 13.07.2013, 16:28

So, hab ich alles gemacht. Die dateien sind aber wieder zu groß. Ich werde sie auf mehrere Posts aufteilen.

Code:

ATTFilter

OTL logfile created on: 13.07.2013 16:50:07 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\D\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,32% Memory free
4,00 Gb Paging File | 3,34 Gb Available in Paging File | 83,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,21 Gb Total Space | 5,20 Gb Free Space | 13,98% Space Free | Partition Type: NTFS
 
Computer Name: D-PC | User Name: D | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.07.13 16:43:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\D\Desktop\OTL.exe
PRC - [2013.06.25 10:46:15 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.06.25 10:46:07 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.06.25 10:46:06 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.06.25 10:46:06 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.05.18 14:25:04 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.11.13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Programme\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012.11.13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Programme\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012.11.13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Programme\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012.11.13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Programme\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012.11.13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Programme\Spybot - Search & Destroy 2\DEC150.bpl
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013.07.06 13:58:58 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.25 10:46:15 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.06.25 10:46:06 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.04.03 03:06:10 | 000,587,912 | ---- | M] (Crawler.com) [Disabled | Stopped] -- C:\Programme\Spyware Terminator\st_rsser.exe -- (ST2012_Svc)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2013.06.21 16:17:18 | 000,188,176 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2013.06.21 16:16:58 | 000,104,720 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2013.06.21 16:16:02 | 000,115,984 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2013.06.21 16:16:02 | 000,094,480 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2013.06.10 12:33:19 | 000,231,760 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2013.04.13 14:53:01 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.04.13 14:53:01 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.04.13 14:53:01 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.04.13 14:53:01 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.06.21 11:24:06 | 000,032,768 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.10.20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Programme\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2009.07.14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.06.18 19:45:02 | 004,172,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-589346467-3594910931-2683452201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-589346467-3594910931-2683452201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-589346467-3594910931-2683452201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 88 0C 31 D9 44 38 CE 01  [binary data]
IE - HKU\S-1-5-21-589346467-3594910931-2683452201-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-589346467-3594910931-2683452201-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-589346467-3594910931-2683452201-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-589346467-3594910931-2683452201-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Startpage HTTPS - Deutsch"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7Bbb65e674-b194-4b6e-8033-5fa0afe3a198%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7BE6C1199F-E687-42da-8C24-E7770CC3AE66%7D:1.8.0
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.9.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013.04.13 15:07:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\D\AppData\Roaming\mozilla\Extensions
[2013.07.10 15:46:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\D\AppData\Roaming\mozilla\Firefox\Profiles\pftwn81p.default\extensions
[2013.06.29 16:21:45 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\D\AppData\Roaming\mozilla\Firefox\Profiles\pftwn81p.default\extensions\firefox@ghostery.com
[2013.05.16 17:33:22 | 000,008,689 | ---- | M] () (No name found) -- C:\Users\D\AppData\Roaming\mozilla\firefox\profiles\pftwn81p.default\extensions\{bb65e674-b194-4b6e-8033-5fa0afe3a198}.xpi
[2013.05.10 12:38:25 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\D\AppData\Roaming\mozilla\firefox\profiles\pftwn81p.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013.05.20 14:10:08 | 000,014,714 | ---- | M] () (No name found) -- C:\Users\D\AppData\Roaming\mozilla\firefox\profiles\pftwn81p.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
[2013.06.04 14:58:54 | 000,005,539 | ---- | M] () -- C:\Users\D\AppData\Roaming\mozilla\firefox\profiles\pftwn81p.default\searchplugins\startpage-https---deutsch.xml
[2013.05.24 09:51:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.07.06 13:58:59 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{386B3AFB-4DFD-4F4B-89A4-C4058497BF3D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4B41143-8F3C-42EA-89BB-C3CDC2708E16}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4B41143-8F3C-42EA-89BB-C3CDC2708E16}: NameServer = 8.8.8.8,8.8.4.4
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
MsConfig - StartUpReg: Live Update 5 - hkey= - key= - C:\Program Files\MSI\Live Update 5\BootStartLiveupdate.exe ()
MsConfig - StartUpReg: SDTray - hkey= - key= - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
MsConfig - StartUpReg: SoundMan - hkey= - key= - C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: Spybot-S&D Cleaning - hkey= - key= - C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
MsConfig - StartUpReg: SpywareTerminatorShield - hkey= - key= - C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
MsConfig - StartUpReg: SpywareTerminatorUpdater - hkey= - key= - C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
MsConfig - StartUpReg: Vidalia - hkey= - key= - C:\Program Files\Vidalia Relay Bundle\Vidalia\vidalia.exe ()
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2

Code:

ATTFilter

 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 360 Days ==========
 
[2013.07.13 16:43:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\D\Desktop\OTL.exe
[2013.07.13 11:25:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.07.13 11:10:14 | 000,559,441 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\D\Desktop\JRT.exe
[2013.07.10 15:44:50 | 000,000,000 | ---D | C] -- C:\Users\D\Desktop\adw
[2013.07.10 11:49:43 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.07.10 11:49:41 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.07.10 11:49:41 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.07.10 11:49:41 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.07.10 11:49:40 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.07.10 11:49:39 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.07.10 11:49:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.07.10 11:49:39 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.07.10 11:49:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.07.10 10:59:33 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013.07.10 10:59:31 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013.07.10 10:59:28 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013.07.10 10:59:27 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.07.07 13:06:23 | 000,000,000 | ---D | C] -- C:\FRST
[2013.07.07 12:33:26 | 000,000,000 | ---D | C] -- C:\Users\D\Documents\ProcAlyzer Dumps
[2013.06.29 18:16:52 | 000,000,000 | ---D | C] -- C:\Users\D\Desktop\iso
[2013.06.29 16:53:05 | 000,000,000 | ---D | C] -- C:\Users\D\Desktop\Ubuntu
[2013.06.29 16:34:47 | 000,000,000 | ---D | C] -- C:\Users\D\VirtualBox VMs
[2013.06.29 16:32:03 | 000,000,000 | ---D | C] -- C:\Users\D\.VirtualBox
[2013.06.29 16:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013.06.29 16:28:03 | 000,188,176 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxDrv.sys
[2013.06.29 16:27:40 | 000,094,480 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSBMon.sys
[2013.06.29 16:27:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2013.06.29 16:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013.06.21 16:16:58 | 000,104,720 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetAdp.sys
[2013.06.21 16:16:02 | 000,115,984 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetFlt.sys
[2013.06.21 16:16:00 | 000,174,864 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxNetFltNobj.dll
[2013.06.12 10:37:55 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013.06.12 10:37:54 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013.06.12 10:37:46 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.06.12 10:37:46 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.06.10 12:35:40 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\TrueCrypt
[2013.06.10 12:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
[2013.06.10 12:33:19 | 000,231,760 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys
[2013.06.10 12:32:47 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt
[2013.06.07 15:28:51 | 000,000,000 | ---D | C] -- C:\Users\D\Desktop\TOR
[2013.06.06 16:20:24 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\Bitcoin
[2013.06.06 16:19:45 | 000,000,000 | ---D | C] -- C:\Users\D\Desktop\BTC
[2013.06.04 15:13:17 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pidgin-otr
[2013.06.04 15:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pidgin-otr
[2013.06.04 15:11:57 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Local\gtk-2.0
[2013.06.04 15:08:33 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\.purple
[2013.06.04 15:07:13 | 000,000,000 | ---D | C] -- C:\Program Files\Pidgin
[2013.05.28 10:41:03 | 000,000,000 | ---D | C] -- C:\Users\D\Desktop\Geprüft
[2013.05.24 10:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.05.24 10:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.05.24 10:41:13 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2013.05.24 10:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013.05.24 10:40:05 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Local\Programs
[2013.05.24 10:38:12 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\WinRAR
[2013.05.24 10:38:12 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.05.24 10:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.05.24 10:37:53 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.05.24 09:51:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.05.24 09:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.05.22 12:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.05.22 12:34:27 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\DVDVideoSoft
[2013.05.22 12:34:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2013.05.22 12:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013.05.20 13:06:38 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\Spyware Terminator
[2013.05.20 13:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2013.05.20 13:06:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2013.05.20 13:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2013.05.18 14:26:11 | 000,745,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013.05.18 14:26:11 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013.05.18 14:26:11 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.05.18 14:26:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.05.18 14:26:10 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.05.18 14:26:10 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.05.18 14:26:10 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.05.18 14:26:10 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.05.18 14:26:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.05.18 14:26:10 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.05.18 14:26:10 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.05.18 14:26:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.05.18 14:26:10 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.05.18 14:26:10 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.05.18 14:26:09 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.05.18 14:26:09 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.05.18 14:26:09 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013.05.18 14:26:09 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.05.18 14:26:09 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.05.18 14:26:09 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.05.18 14:26:09 | 000,242,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.05.18 14:26:09 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.05.18 14:26:09 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.05.18 14:26:09 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.05.18 14:26:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.05.18 14:26:09 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.05.18 14:25:04 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013.05.18 14:23:44 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2013.05.18 14:23:44 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013.05.18 14:23:44 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013.05.18 14:23:44 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013.05.18 14:23:44 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013.05.18 14:23:44 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013.05.18 14:23:44 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013.05.18 14:23:44 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013.05.18 14:23:44 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013.05.18 14:23:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013.05.18 14:23:44 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.05.18 14:23:44 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.05.18 14:23:44 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.05.18 14:23:44 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.05.18 14:23:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.05.18 14:23:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.05.18 14:23:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013.05.18 14:23:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.05.18 14:23:44 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.05.18 14:23:43 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013.05.18 14:23:43 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013.05.18 14:23:43 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013.05.18 14:23:43 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013.05.18 14:23:43 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2013.05.18 14:08:03 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013.05.18 14:06:37 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.05.18 14:06:37 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013.05.17 18:26:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013.05.17 15:09:29 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\Macromedia
[2013.05.17 15:09:29 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Local\Macromedia
[2013.05.17 15:09:29 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\Adobe
[2013.05.17 15:06:13 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.17 15:06:13 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.17 14:46:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013.05.17 14:46:38 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.05.17 12:35:54 | 000,000,000 | ---D | C] -- C:\e50506006079d2c6de0d8f2a37ed
[2013.05.17 12:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.05.17 12:21:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.05.17 11:05:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2013.05.16 16:24:01 | 000,000,000 | ---D | C] -- C:\Users\D\Desktop\WIN7
[2013.05.16 16:19:01 | 000,011,832 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\acpimof.dll
[2013.05.16 16:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2013.05.16 16:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2013.05.14 12:47:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013.05.14 11:35:19 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2013.05.14 11:35:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2013.05.14 11:35:12 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2013.05.14 11:35:12 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2013.05.14 11:35:07 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2013.05.14 11:35:03 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2013.05.14 11:35:03 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2013.05.14 11:35:01 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2013.05.14 11:34:59 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2013.05.14 11:34:57 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2013.05.14 11:34:56 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2013.05.14 11:34:55 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2013.05.14 11:34:55 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2013.05.14 11:34:51 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2013.05.14 11:34:51 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2013.05.14 11:34:49 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2013.05.14 11:34:48 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2013.05.14 11:34:47 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2013.05.14 11:34:44 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2013.05.14 11:34:41 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013.05.14 11:34:41 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2013.05.14 11:34:40 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2013.05.14 11:34:38 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2013.05.14 11:34:38 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2013.05.14 11:34:38 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2013.05.14 11:34:37 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2013.05.14 11:34:36 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2013.05.14 11:34:35 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2013.05.14 11:34:35 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2013.05.14 11:34:34 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2013.05.14 11:34:34 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2013.05.14 11:34:32 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2013.05.14 11:34:27 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2013.05.14 11:34:27 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2013.05.14 11:34:26 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2013.05.14 11:34:25 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2013.05.14 11:34:25 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2013.05.14 11:34:25 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2013.05.14 11:34:25 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2013.05.14 11:34:24 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2013.05.14 11:34:24 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2013.05.14 11:34:23 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2013.05.14 11:34:23 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2013.05.14 11:34:22 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2013.05.14 11:34:21 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2013.05.14 11:34:20 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2013.05.14 11:34:19 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2013.05.14 11:34:17 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2013.05.14 11:34:17 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2013.05.14 11:34:17 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2013.05.14 11:34:16 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2013.05.14 11:34:16 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2013.05.14 11:34:16 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2013.05.14 11:34:15 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2013.05.14 11:34:15 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2013.05.14 11:34:14 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2013.05.14 11:34:14 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2013.05.14 11:34:14 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2013.05.14 11:34:13 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2013.05.14 11:34:13 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2013.05.14 11:34:12 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2013.05.14 11:34:12 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2013.05.14 11:34:11 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2013.05.14 11:34:10 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2013.05.14 11:34:10 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2013.05.14 11:34:07 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2013.05.14 11:34:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2013.05.14 11:34:04 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2013.05.14 11:34:03 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2013.05.14 11:34:03 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2013.05.14 11:34:03 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2013.05.14 11:34:03 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2013.05.14 11:34:02 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2013.05.14 11:34:02 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2013.05.14 11:34:01 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2013.05.14 11:34:00 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2013.05.14 11:34:00 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013.05.14 11:33:59 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2013.05.14 11:33:59 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2013.05.14 11:33:58 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2013.05.14 11:33:58 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013.05.14 11:33:58 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2013.05.14 11:33:57 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2013.05.14 11:33:57 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2013.05.14 11:33:57 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2013.05.14 11:33:56 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2013.05.14 11:33:56 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2013.05.14 11:33:56 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2013.05.14 11:33:56 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2013.05.14 11:33:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2013.05.14 11:33:54 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2013.05.14 11:33:53 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2013.05.14 11:33:53 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2013.05.14 11:33:53 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2013.05.14 11:33:53 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2013.05.14 11:33:53 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2013.05.14 11:33:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013.05.14 11:33:50 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2013.05.14 11:33:50 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2013.05.14 11:33:50 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2013.05.14 11:33:49 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2013.05.14 11:33:49 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2013.05.14 11:33:49 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2013.05.14 11:33:48 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2013.05.14 11:33:48 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2013.05.14 11:33:48 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2013.05.14 11:33:48 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2013.05.14 11:33:47 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2013.05.14 11:33:47 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2013.05.14 11:33:47 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2013.05.14 11:33:47 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2013.05.14 11:33:47 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2013.05.14 11:33:47 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2013.05.14 11:33:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2013.05.14 11:33:46 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2013.05.14 11:33:46 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2013.05.14 11:33:46 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2013.05.14 11:33:45 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2013.05.14 11:33:45 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2013.05.14 11:33:45 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2013.05.14 11:33:45 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2013.05.14 11:33:45 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2013.05.14 11:33:43 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2013.05.14 11:33:43 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2013.05.14 11:33:42 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2013.05.14 11:33:42 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2013.05.14 11:33:42 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2013.05.14 11:33:42 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2013.05.14 11:33:42 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2013.05.14 11:33:40 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2013.05.14 11:33:40 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2013.05.14 11:33:40 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2013.05.14 11:33:40 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2013.05.14 11:33:40 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2013.05.14 11:33:39 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2013.05.14 11:33:39 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2013.05.14 11:33:38 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2013.05.14 11:33:37 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2013.05.14 11:33:37 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2013.05.14 11:33:36 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2013.05.14 11:33:36 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2013.05.14 11:33:36 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2013.05.14 11:33:36 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2013.05.14 11:33:36 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2013.05.14 11:33:35 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2013.05.14 11:33:35 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2013.05.14 11:33:35 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2013.05.14 11:33:35 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2013.05.14 11:33:34 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2013.05.14 11:33:34 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2013.05.14 11:33:34 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2013.05.14 11:33:34 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2013.05.14 11:33:34 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2013.05.14 11:33:34 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2013.05.14 11:33:33 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2013.05.14 11:33:33 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2013.05.14 11:33:32 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2013.05.14 11:33:32 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2013.05.14 11:33:32 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013.05.14 11:33:31 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2013.05.14 11:33:31 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2013.05.14 11:33:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2013.05.14 11:33:30 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2013.05.14 11:33:29 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2013.05.14 11:33:29 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2013.05.14 11:33:29 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2013.05.14 11:33:29 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2013.05.14 11:33:29 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2013.05.14 11:33:29 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2013.05.14 11:33:29 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2013.05.14 11:33:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2013.05.14 11:33:28 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2013.05.14 11:33:28 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2013.05.14 11:33:28 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2013.05.14 11:33:28 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2013.05.14 11:33:28 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2013.05.14 11:33:28 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2013.05.14 11:33:28 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2013.05.14 11:33:28 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2013.05.14 11:33:28 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2013.05.14 11:33:28 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2013.05.14 11:33:28 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2013.05.14 11:33:27 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2013.05.14 11:33:27 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2013.05.14 11:33:26 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2013.05.14 11:33:26 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2013.05.14 11:33:26 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2013.05.14 11:33:25 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2013.05.14 11:33:25 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2013.05.14 11:33:25 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2013.05.14 11:33:25 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2013.05.14 11:33:24 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2013.05.14 11:33:24 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2013.05.14 11:33:24 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2013.05.14 11:33:24 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2013.05.14 11:33:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2013.05.14 11:33:24 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2013.05.14 11:33:24 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2013.05.14 11:33:23 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2013.05.14 11:33:23 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2013.05.14 11:33:23 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2013.05.14 11:33:23 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2013.05.14 11:33:23 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2013.05.14 11:33:23 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2013.05.14 11:33:23 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013.05.14 11:33:22 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2013.05.14 11:33:22 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2013.05.14 11:33:22 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2013.05.14 11:33:22 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2013.05.14 11:33:22 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2013.05.14 11:33:22 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2013.05.14 11:33:22 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2013.05.14 11:33:22 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2013.05.14 11:33:22 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2013.05.14 11:33:22 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2013.05.14 11:33:21 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2013.05.14 11:33:21 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2013.05.14 11:33:21 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2013.05.14 11:33:21 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2013.05.14 11:33:21 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2013.05.14 11:33:21 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2013.05.14 11:33:20 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2013.05.14 11:33:20 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2013.05.14 11:33:20 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2013.05.14 11:33:20 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2013.05.14 11:33:20 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2013.05.14 11:33:19 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2013.05.14 11:33:19 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2013.05.14 11:33:19 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2013.05.14 11:33:19 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2013.05.14 11:33:19 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2013.05.14 11:33:19 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2013.05.14 11:33:19 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2013.05.14 11:33:19 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2013.05.14 11:33:19 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2013.05.14 11:33:18 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2013.05.14 11:33:18 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2013.05.14 11:33:18 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2013.05.14 11:33:18 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2013.05.14 11:33:18 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2013.05.14 11:33:18 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2013.05.14 11:33:18 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2013.05.14 11:33:17 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2013.05.14 11:33:17 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2013.05.14 11:33:17 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2013.05.14 11:33:17 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2013.05.14 11:33:17 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2013.05.14 11:33:16 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2013.05.14 11:33:16 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2013.05.14 11:33:16 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2013.05.14 11:33:16 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2013.05.14 11:33:16 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2013.05.14 11:33:16 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2013.05.14 11:33:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2013.05.14 11:33:16 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2013.05.14 11:33:15 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2013.05.14 11:33:15 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2013.05.14 11:33:15 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2013.05.14 11:33:15 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2013.05.14 11:33:14 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2013.05.14 11:33:13 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2013.05.14 11:33:13 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2013.05.14 11:33:13 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2013.05.14 11:33:13 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2013.05.14 11:33:13 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2013.05.14 11:33:12 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2013.05.14 11:33:12 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2013.05.14 11:33:12 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2013.05.14 11:33:12 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2013.05.14 11:33:12 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2013.05.14 11:33:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2013.05.14 11:33:11 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2013.05.14 11:33:11 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2013.05.14 11:33:11 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2013.05.14 11:33:10 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2013.05.14 11:33:10 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2013.05.14 11:33:10 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2013.05.14 11:33:10 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2013.05.14 11:33:09 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2013.05.14 11:33:09 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2013.05.14 11:33:09 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2013.05.14 11:33:09 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2013.05.14 11:33:09 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2013.05.14 11:33:09 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2013.05.14 11:33:08 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2013.05.14 11:33:08 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2013.05.14 11:33:08 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2013.05.14 11:33:08 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2013.05.14 11:33:08 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2013.05.14 11:33:08 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2013.05.14 11:33:08 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2013.05.14 11:33:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2013.05.14 11:33:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2013.05.14 11:33:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2013.05.14 11:33:07 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2013.05.14 11:33:07 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2013.05.14 11:33:07 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2013.05.14 11:33:06 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2013.05.14 11:33:06 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2013.05.14 11:33:06 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2013.05.14 11:33:06 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2013.05.14 11:33:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2013.05.14 11:33:06 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2013.05.14 11:33:06 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2013.05.14 11:33:05 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2013.05.14 11:33:05 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2013.05.14 11:33:05 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2013.05.14 11:33:05 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2013.05.14 11:33:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2013.05.14 11:33:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2013.05.14 11:33:05 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2013.05.14 11:33:05 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2013.05.14 11:33:04 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2013.05.14 11:33:04 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2013.05.14 11:33:04 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2013.05.14 11:33:04 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2013.05.14 11:33:04 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2013.05.14 11:33:04 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2013.05.14 11:33:04 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2013.05.14 11:33:04 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2013.05.14 11:33:04 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2013.05.14 11:33:04 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2013.05.14 11:33:04 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2013.05.14 11:33:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2013.05.14 11:33:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2013.05.14 11:33:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2013.05.14 11:33:04 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2013.05.14 11:33:04 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2013.05.14 11:33:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2013.05.14 11:33:03 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2013.05.14 11:33:03 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2013.05.14 11:33:03 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2013.05.14 11:33:03 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2013.05.14 11:33:03 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2013.05.14 11:33:03 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2013.05.14 11:33:03 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2013.05.14 11:33:03 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2013.05.14 11:33:03 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2013.05.14 11:33:03 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2013.05.14 11:33:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2013.05.14 11:33:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013.05.14 11:33:02 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2013.05.14 11:33:02 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2013.05.14 11:33:02 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2013.05.14 11:33:02 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2013.05.14 11:33:02 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2013.05.14 11:33:02 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2013.05.14 11:33:02 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2013.05.14 11:33:02 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2013.05.14 11:33:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2013.05.14 11:33:02 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2013.05.14 11:33:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2013.05.14 11:33:01 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2013.05.14 11:33:01 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2013.05.14 11:33:00 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2013.05.14 11:33:00 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2013.05.14 11:33:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2013.05.14 11:33:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2013.05.14 11:32:59 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2013.05.14 11:32:59 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2013.05.14 11:32:59 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2013.05.14 11:32:59 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2013.05.14 11:32:59 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2013.05.14 11:32:59 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2013.05.14 11:32:59 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2013.05.14 11:32:58 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2013.05.14 11:32:58 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2013.05.14 11:32:58 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2013.05.14 11:32:58 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2013.05.14 11:32:58 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2013.05.14 11:32:58 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2013.05.14 11:32:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2013.05.14 11:32:58 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2013.05.14 11:32:57 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2013.05.14 11:32:57 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2013.05.14 11:32:57 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2013.05.14 11:32:57 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2013.05.14 11:32:57 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2013.05.14 11:32:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2013.05.14 11:32:57 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2013.05.14 11:32:57 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2013.05.14 11:32:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2013.05.14 11:32:57 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2013.05.14 11:32:57 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2013.05.14 11:32:56 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2013.05.14 11:32:56 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2013.05.14 11:32:56 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2013.05.14 11:32:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2013.05.14 11:32:56 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2013.05.14 11:32:56 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2013.05.14 11:32:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2013.05.14 11:32:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2013.05.14 11:32:56 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2013.05.14 11:32:55 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2013.05.14 11:32:55 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2013.05.14 11:32:55 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2013.05.14 11:32:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2013.05.14 11:32:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2013.05.14 11:32:55 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2013.05.14 11:32:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2013.05.14 11:32:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2013.05.14 11:32:54 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2013.05.14 11:32:54 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2013.05.14 11:32:54 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2013.05.14 11:32:54 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2013.05.14 11:32:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2013.05.14 11:32:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2013.05.14 11:32:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2013.05.14 11:32:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2013.05.14 11:32:54 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2013.05.14 11:32:54 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2013.05.14 11:32:53 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2013.05.14 11:32:53 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2013.05.14 11:32:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2013.05.14 11:32:53 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2013.05.14 11:32:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2013.05.14 11:32:52 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2013.05.14 11:32:51 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2013.05.14 11:32:51 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2013.05.14 11:32:51 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2013.05.14 11:32:51 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2013.05.14 11:32:51 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2013.05.14 11:32:50 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2013.05.14 11:32:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2013.05.14 11:32:49 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2013.05.14 11:32:49 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2013.05.14 11:32:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2013.05.14 11:32:49 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2013.05.14 11:32:48 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2013.05.14 11:32:46 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2013.05.14 11:32:45 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2013.05.14 11:32:45 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys

Code:

ATTFilter

[2013.05.14 11:32:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2013.05.14 11:32:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2013.05.14 11:32:44 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2013.05.14 11:32:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2013.05.14 11:32:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2013.05.14 11:32:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2013.05.14 11:32:42 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2013.05.14 11:32:39 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2013.05.14 11:32:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2013.05.14 11:32:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2013.05.14 11:32:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2013.05.14 11:32:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2013.05.14 11:32:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2013.05.14 11:32:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2013.05.14 11:32:38 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2013.05.14 11:32:38 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2013.05.14 11:32:38 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2013.05.14 11:32:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2013.05.14 11:32:38 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2013.05.14 11:32:38 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2013.05.14 11:32:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2013.05.14 11:32:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2013.05.14 11:32:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2013.05.14 11:32:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2013.05.14 11:31:04 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2013.05.14 11:30:41 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2013.05.14 11:30:32 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2013.05.10 15:53:44 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\tor
[2013.05.10 15:53:31 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Local\Tor
[2013.05.10 15:53:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Relay Bundle
[2013.05.10 15:53:30 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Local\Vidalia
[2013.05.10 15:53:25 | 000,000,000 | ---D | C] -- C:\Program Files\Vidalia Relay Bundle
[2013.05.10 14:51:30 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013.05.10 14:51:30 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013.05.10 14:51:30 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013.05.10 13:43:14 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2013.05.10 13:27:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2013.05.10 13:27:28 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.05.10 13:27:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2013.05.10 13:27:06 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2013.05.10 13:27:06 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2013.05.10 13:27:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.05.10 13:27:00 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2013.05.10 13:26:59 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2013.05.10 13:26:59 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2013.05.10 13:26:59 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2013.05.10 13:26:59 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2013.05.10 13:26:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2013.05.10 13:18:31 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013.05.10 13:18:30 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013.05.10 13:17:51 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2013.05.10 13:13:51 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2013.05.10 13:13:33 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2013.05.10 13:13:32 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2013.05.10 13:13:31 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2013.05.10 13:13:27 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2013.05.10 13:13:27 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013.05.10 13:13:06 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2013.05.10 13:13:04 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2013.05.10 13:13:01 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.05.10 13:13:00 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013.05.10 13:12:54 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2013.05.10 13:12:54 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2013.05.10 13:12:43 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2013.05.10 13:12:42 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2013.05.10 13:12:42 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2013.05.10 13:12:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2013.05.10 13:12:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2013.05.10 13:12:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2013.05.10 13:12:34 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2013.05.10 13:12:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013.05.10 13:12:14 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2013.05.10 13:12:14 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2013.05.10 13:12:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2013.05.10 13:12:11 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.05.10 13:12:04 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2013.05.10 12:54:52 | 000,238,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.05.10 12:50:57 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.05.10 12:50:56 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.05.10 12:50:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.05.10 12:50:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.05.10 12:50:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.05.10 12:50:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.05.10 12:50:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.05.10 12:50:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.05.10 12:50:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.05.10 12:50:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.05.10 12:50:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.05.10 12:50:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.05.10 12:48:44 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2013.05.10 12:40:12 | 000,067,168 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avnetflt.sys
[2013.04.13 15:07:35 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\Mozilla
[2013.04.13 15:07:35 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Local\Mozilla
[2013.04.13 15:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.04.13 15:00:47 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\Avira
[2013.04.13 14:55:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.04.13 14:54:50 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.04.13 14:54:49 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.04.13 14:54:49 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.04.13 14:54:49 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.04.13 14:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.04.13 14:54:48 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.04.13 14:53:15 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.04.13 14:50:01 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2013.04.13 14:50:01 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2013.04.13 14:49:48 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2013.04.13 14:49:48 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2013.04.13 14:49:47 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2013.04.13 14:49:41 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2013.04.13 14:49:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2013.04.10 12:58:57 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Local\Diagnostics
[2013.04.10 12:18:48 | 000,000,000 | R--D | C] -- C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.04.10 12:18:48 | 000,000,000 | R--D | C] -- C:\Users\D\Searches
[2013.04.10 12:18:48 | 000,000,000 | R--D | C] -- C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.04.10 12:18:24 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\Identities
[2013.04.10 12:18:18 | 000,000,000 | R--D | C] -- C:\Users\D\Contacts
[2013.04.10 12:17:38 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Local\VirtualStore
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Vorlagen
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\AppData\Local\Verlauf
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\AppData\Local\Temporary Internet Files
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Startmenü
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\SendTo
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Recent
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Netzwerkumgebung
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Lokale Einstellungen
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Documents\Eigene Videos
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Documents\Eigene Musik
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Eigene Dateien
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Documents\Eigene Bilder
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Druckumgebung
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Cookies
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\AppData\Local\Anwendungsdaten
[2013.04.10 12:17:34 | 000,000,000 | -HSD | C] -- C:\Users\D\Anwendungsdaten
[2013.04.10 12:17:33 | 000,000,000 | --SD | C] -- C:\Users\D\AppData\Roaming\Microsoft
[2013.04.10 12:17:33 | 000,000,000 | R--D | C] -- C:\Users\D\Videos
[2013.04.10 12:17:33 | 000,000,000 | R--D | C] -- C:\Users\D\Saved Games
[2013.04.10 12:17:33 | 000,000,000 | R--D | C] -- C:\Users\D\Pictures
[2013.04.10 12:17:33 | 000,000,000 | R--D | C] -- C:\Users\D\Music
[2013.04.10 12:17:33 | 000,000,000 | R--D | C] -- C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.04.10 12:17:33 | 000,000,000 | R--D | C] -- C:\Users\D\Links
[2013.04.10 12:17:33 | 000,000,000 | R--D | C] -- C:\Users\D\Favorites
[2013.04.10 12:17:33 | 000,000,000 | R--D | C] -- C:\Users\D\Downloads
[2013.04.10 12:17:33 | 000,000,000 | R--D | C] -- C:\Users\D\Documents
[2013.04.10 12:17:33 | 000,000,000 | R--D | C] -- C:\Users\D\Desktop
[2013.04.10 12:17:33 | 000,000,000 | R--D | C] -- C:\Users\D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.04.10 12:17:33 | 000,000,000 | -H-D | C] -- C:\Users\D\AppData
[2013.04.10 12:17:33 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Local\Temp
[2013.04.10 12:17:33 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Local\Microsoft
[2013.04.10 12:17:33 | 000,000,000 | ---D | C] -- C:\Users\D\AppData\Roaming\Media Center Programs
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.04.10 12:17:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
========== Files - Modified Within 360 Days ==========
 
[2013.07.13 16:43:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\D\Desktop\OTL.exe
[2013.07.13 16:34:50 | 000,257,880 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.07.13 16:34:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.13 16:34:32 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.13 13:17:20 | 000,022,464 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.13 13:17:19 | 000,022,464 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.13 11:10:31 | 000,559,441 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\D\Desktop\JRT.exe
[2013.07.12 18:55:30 | 000,575,780 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.07.12 18:55:29 | 000,620,350 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.07.12 18:55:29 | 000,122,758 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.07.12 18:55:29 | 000,099,482 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.07.12 18:55:28 | 000,000,057 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2013.07.04 15:25:35 | 000,006,605 | ---- | M] () -- C:\Windows\wininit.ini
[2013.06.29 16:28:05 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013.06.25 10:46:17 | 000,067,168 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avnetflt.sys
[2013.06.21 16:17:18 | 000,188,176 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxDrv.sys
[2013.06.21 16:16:58 | 000,104,720 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetAdp.sys
[2013.06.21 16:16:02 | 000,115,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetFlt.sys
[2013.06.21 16:16:02 | 000,094,480 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSBMon.sys
[2013.06.21 16:16:00 | 000,174,864 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxNetFltNobj.dll
[2013.06.12 01:43:48 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.06.12 01:43:07 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.06.12 01:43:00 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.06.12 01:43:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.06.12 01:42:58 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.06.12 01:42:58 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.06.12 01:42:58 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.06.12 01:42:58 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.06.10 12:33:26 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2013.06.10 12:33:19 | 000,231,760 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys
[2013.06.07 04:37:52 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.06.05 05:05:09 | 002,347,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.06.04 15:13:45 | 000,000,218 | ---- | M] () -- C:\Users\D\.recently-used.xbel
[2013.05.24 10:41:35 | 000,002,119 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.22 12:35:07 | 000,001,356 | ---- | M] () -- C:\Users\D\Desktop\Free YouTube to MP3 Converter.lnk
[2013.05.20 13:06:36 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2013.05.18 14:26:11 | 000,745,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013.05.18 14:26:11 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013.05.18 14:26:11 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.05.18 14:26:10 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.05.18 14:26:10 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.05.18 14:26:10 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.05.18 14:26:10 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.05.18 14:26:10 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.05.18 14:26:10 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.05.18 14:26:10 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.05.18 14:26:10 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.05.18 14:26:10 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.05.18 14:26:10 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.05.18 14:26:10 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.05.18 14:26:09 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.05.18 14:26:09 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.05.18 14:26:09 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013.05.18 14:26:09 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.05.18 14:26:09 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.05.18 14:26:09 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.05.18 14:26:09 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.05.18 14:26:09 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.05.18 14:26:09 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.05.18 14:26:09 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.05.18 14:26:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.05.18 14:26:09 | 000,025,185 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013.05.18 14:26:09 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.05.18 14:25:04 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013.05.18 14:23:44 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2013.05.18 14:23:44 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013.05.18 14:23:44 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013.05.18 14:23:44 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013.05.18 14:23:44 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013.05.18 14:23:44 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013.05.18 14:23:44 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013.05.18 14:23:44 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013.05.18 14:23:44 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013.05.18 14:23:44 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013.05.18 14:23:44 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.05.18 14:23:44 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.05.18 14:23:44 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.05.18 14:23:44 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.05.18 14:23:44 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.05.18 14:23:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.05.18 14:23:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013.05.18 14:23:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.05.18 14:23:44 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.05.18 14:23:43 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013.05.18 14:23:43 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013.05.18 14:23:43 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013.05.18 14:23:43 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013.05.18 14:23:43 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2013.05.17 18:38:43 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2013.05.17 15:06:13 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.17 15:06:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.16 16:48:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.05.13 05:08:10 | 000,903,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013.05.13 05:08:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013.05.06 07:06:47 | 003,968,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.05.06 07:06:47 | 003,913,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.05.06 06:56:35 | 001,620,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013.05.02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.04.13 15:07:27 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.13 14:55:15 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.04.13 14:53:01 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.04.13 14:53:01 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.04.13 14:53:01 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.04.13 14:53:01 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.04.10 07:18:40 | 000,218,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013.04.10 01:34:01 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013.03.19 06:48:45 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.02.27 07:05:53 | 000,101,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013.02.27 06:49:24 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.02.15 06:34:10 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013.02.15 05:25:51 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013.02.12 05:32:45 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.01.04 06:50:52 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.01.03 07:04:43 | 000,187,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012.12.16 16:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.16 16:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.11.20 06:51:09 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.11.09 06:42:49 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.11.02 07:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.10.04 18:40:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.04 18:40:37 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.10.04 18:40:37 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.04 18:40:37 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.10.04 18:40:37 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.10.04 18:40:37 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.04 18:40:37 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.04 18:40:36 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.04 18:40:36 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.10.04 18:40:36 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.04 18:40:36 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.10.04 16:57:58 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.10.04 16:41:50 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.10.04 16:41:50 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.04 16:41:50 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.04 16:41:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.09.26 00:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.08.22 19:16:46 | 000,240,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012.08.22 10:19:26 | 000,011,832 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\acpimof.dll
 
========== Files Created - No Company Name ==========
 
[2013.07.13 16:34:34 | 000,257,880 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.07.04 15:25:27 | 000,006,605 | ---- | C] () -- C:\Windows\wininit.ini
[2013.06.29 16:28:05 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013.06.10 12:33:26 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2013.06.04 15:13:45 | 000,000,218 | ---- | C] () -- C:\Users\D\.recently-used.xbel
[2013.06.04 15:08:02 | 000,000,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
[2013.05.24 10:41:35 | 000,002,131 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.05.24 10:41:35 | 000,002,119 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.22 12:35:07 | 000,001,356 | ---- | C] () -- C:\Users\D\Desktop\Free YouTube to MP3 Converter.lnk
[2013.05.20 13:06:39 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2013.05.20 13:06:36 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2013.05.18 14:26:09 | 000,025,185 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013.05.16 16:48:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.05.16 09:08:55 | 004,154,880 | ---- | C] () -- C:\Users\D\Documents\w7lxe.exe
[2013.05.14 11:34:45 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2013.05.14 11:32:51 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2013.05.14 11:32:36 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2013.04.13 15:07:27 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.04.13 15:07:27 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.13 14:55:15 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Dännis · 13.07.2013, 16:52

Extra-Logg:

Code:

ATTFilter

OTL Extras logfile created on: 13.07.2013 16:50:07 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\D\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,32% Memory free
4,00 Gb Paging File | 3,34 Gb Available in Paging File | 83,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,21 Gb Total Space | 5,20 Gb Free Space | 13,98% Space Free | Partition Type: NTFS
 
Computer Name: D-PC | User Name: D | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-589346467-3594910931-2683452201-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DEBC34F-BF6F-4C15-9087-B10695C8DA39}" = rport=138 | protocol=17 | dir=out | app=system | 
"{18E75301-605A-4496-B1F9-1FAB5871390E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{327C12E9-3DEF-4A2A-8BCC-86E1C44FE7AC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3315DD1A-065F-4382-95E8-4B5641D5ED16}" = lport=445 | protocol=6 | dir=in | app=system | 
"{37719D43-9AF1-46DF-8893-6FD5F0E2C774}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{377331A2-CA84-4723-8E71-EBAFCFACF671}" = rport=137 | protocol=17 | dir=out | app=system | 
"{48146133-3A2C-48D6-B84B-C47D5145DABD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{56A96018-93BC-4010-9E8A-0D464D6CC86C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{59F460E4-189B-4BB6-AAE4-38A6E7760B48}" = lport=139 | protocol=6 | dir=in | app=system | 
"{5E9C1FF0-2BA9-49ED-8C7F-219B6DCDC6D7}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{616CA4E6-D782-485A-9D91-26E5DBDEB491}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{78D1AD1B-2BF0-4A02-B181-E03A4CA735F6}" = lport=137 | protocol=17 | dir=in | app=system | 
"{8AC4E361-A4CC-4873-9C33-2ACC2D42E496}" = rport=139 | protocol=6 | dir=out | app=system | 
"{AB152D8E-8DAA-4190-9C0D-CD3BD8DD0EC6}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{B00DEC81-06D4-4C26-9CAE-DC6DCA35F89E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B676B9BE-A019-4FDB-A732-125CD9F07163}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{BDB456BA-2824-49D3-AB99-6016E0A1FAFA}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C8E66D07-D563-4B58-9F88-48A7252009D5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CAB907F0-32EC-4624-9AE4-65390F8D4343}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D118D897-151E-4D22-AAFD-D5CFBF8F6F97}" = lport=138 | protocol=17 | dir=in | app=system | 
"{D806C8EA-20F6-45F9-A5A7-573C4CEB4DFB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0060C38F-7248-4C52-9770-8E8665C16236}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{11EBF9B8-1316-480C-8EB9-7B6A29E8DC78}" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe | 
"{1D215C1F-B61B-4609-BC80-CED2BFACD199}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{20B0E8EB-E965-4DA0-A859-CEBE5147787F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{23AD677C-C596-4FF4-9921-26085CDF4756}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{25BACF81-0F91-4D3C-A814-4977892955DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{334F0F25-4729-4D95-AFEB-DBB6CD7EBAE0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{416009A7-18DA-4BDF-89FD-945B1254E266}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{458656B1-6B8F-4D66-9834-43BC851B756E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4DEA7E5B-26D5-49B0-93C5-6E6225F19287}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{78D269F5-426C-4354-815C-CA2DE4D599CF}" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminator.exe | 
"{7C4E228F-51C4-4842-9A49-42250A6CABFB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{ACF1BA34-E639-4B4C-82BB-4E883E5F3416}" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminator.exe | 
"{CCA29BF0-8FC6-4FD8-AFF1-5D7E58EC159E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{CCFCC9E3-0748-4D87-872E-15D408175441}" = protocol=6 | dir=out | app=system | 
"{CD1B2509-369A-4AAC-B2D0-0FCD0DADE87E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{D30C4B76-E788-4D14-984B-A876D2E67631}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D78141FC-A68D-4234-AFCE-3DA1706B25D7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E13FFF7D-A546-4E23-8A38-5DD6E9DD8790}" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe | 
"{ED7CC5C8-248F-4B4D-96EC-65FF3AB0FC64}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{49BE1056-04CF-4591-8352-3A206C3C9960}C:\users\d\desktop\btc\bitcoin-0.8.2-win32\bitcoin-qt.exe" = protocol=6 | dir=in | app=c:\users\d\desktop\btc\bitcoin-0.8.2-win32\bitcoin-qt.exe | 
"TCP Query User{B619910D-C430-433B-9106-09756C2D60AC}C:\program files\vidalia relay bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files\vidalia relay bundle\tor\tor.exe | 
"UDP Query User{67517320-2481-4D1D-9795-029266A6DE30}C:\users\d\desktop\btc\bitcoin-0.8.2-win32\bitcoin-qt.exe" = protocol=17 | dir=in | app=c:\users\d\desktop\btc\bitcoin-0.8.2-win32\bitcoin-qt.exe | 
"UDP Query User{E633F5D5-1D5D-4E7B-B0C1-F63F3F80CF2B}C:\program files\vidalia relay bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files\vidalia relay bundle\tor\tor.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F56A55E8-F340-484B-83A5-39C440F0407C}" = Oracle VM VirtualBox 4.2.14
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.430
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Pidgin" = Pidgin
"pidgin-otr" = pidgin-otr 4.0.0-1
"Tor" = Tor 0.2.3.25
"TrueCrypt" = TrueCrypt
"Vidalia" = Vidalia 0.2.21
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.07.2013 10:35:31 | Computer Name = D-PC | Source = Windows Search Service | ID = 9000
Description = 
 
Error - 13.07.2013 10:35:31 | Computer Name = D-PC | Source = Windows Search Service | ID = 7040
Description = 
 
Error - 13.07.2013 10:35:31 | Computer Name = D-PC | Source = Windows Search Service | ID = 7042
Description = 
 
Error - 13.07.2013 10:35:31 | Computer Name = D-PC | Source = Windows Search Service | ID = 9002
Description = 
 
Error - 13.07.2013 10:35:31 | Computer Name = D-PC | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 13.07.2013 10:35:32 | Computer Name = D-PC | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 13.07.2013 10:35:32 | Computer Name = D-PC | Source = Windows Search Service | ID = 3028
Description = 
 
Error - 13.07.2013 10:35:32 | Computer Name = D-PC | Source = Windows Search Service | ID = 3058
Description = 
 
Error - 13.07.2013 10:35:32 | Computer Name = D-PC | Source = Windows Search Service | ID = 7010
Description = 
 
Error - 13.07.2013 10:36:15 | Computer Name = D-PC | Source = Windows Search Service | ID = 1019
Description = 
 
[ Spybot - Search and Destroy Events ]
Error - 04.07.2013 09:25:36 | Computer Name = D-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
 
[ System Events ]
Error - 13.07.2013 10:35:32 | Computer Name = D-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-1073473535.
 
Error - 13.07.2013 10:35:32 | Computer Name = D-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
 
< End of report >

09.07.2013, 14:47	#6
M-K-D-B /// TB-Ausbilder	Spybot SD macht immer das Admin-Fenster auf Servus, teile die Logdatei von FRST auf 2-3 Posts auf, verwende dabei Code-Boxen.

Spybot SD macht immer das Admin-Fenster auf

Log-Analyse und Auswertung: Spybot SD macht immer das Admin-Fenster auf