| |
| |||||||
Log-Analyse und Auswertung: Bedenklicher Eintrag im StartmenüWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.04.2016, 13:05
| #1 |
| |  Bedenklicher Eintrag im Startmenü Hallo zusammen, mein Rechner ist in letzter Zeit extrem langsam gewesen und einige Funktionen liefen gar nicht mehr.Zum Beispiel konnte ich kein Servicepack installieren und der Windows Instrumentationsverwaltungsdienst liess sich nicht starten.Ich habe den Rechner jetzt mit einer anderen Windows Version neu aufgesetzt. Service Pack ist wieder installiert und auch die Dienste laufen wieder.Jedoch ist er immer noch sehr sehr langsam.Im Startmenü habe ich etwas verdächtiges entdeckt und auch schon deaktiviert(SI TSS v1.2.1.41) Ich habe jetzt OTL Scan gemacht und das sind die Logfiles die erstellt wurden.Vielleicht hat jemand Zeit das durchzusehen-danke schonmal! OTL Extras logfile created on: 24.04.2016 03:49:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\wrecken\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 2,87 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 57,49% Memory free 5,73 Gb Paging File | 2,56 Gb Available in Paging File | 44,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 218,20 Gb Total Space | 105,86 Gb Free Space | 48,52% Space Free | Partition Type: NTFS Drive E: | 465,64 Gb Total Space | 132,66 Gb Free Space | 28,49% Space Free | Partition Type: FAT32 Computer Name: WRECKEN-PC | User Name: wrecken | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_USERS\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0B67E5EE-FE04-427D-A293-42567FA8BD82}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{107A02E5-0254-49A5-9251-15CA64F3FB4F}" = lport=445 | protocol=6 | dir=in | app=system | "{14252F8D-75D5-4CD0-85A1-7C1CFE7486C3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1E6A3F83-69A9-452F-97AA-8E9BD394C89A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{2B628720-AD0F-4B12-A7B5-A1963717FA18}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{301C491E-5D63-414E-BC37-E696DED26963}" = rport=445 | protocol=6 | dir=out | app=system | "{36F0E12C-1843-43D7-841D-157ED1D70571}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3D13FF34-93F3-4809-B5EE-25BD79257372}" = rport=138 | protocol=17 | dir=out | app=system | "{3DDB4787-21A3-4761-B636-DE0221E3B60D}" = lport=139 | protocol=6 | dir=in | app=system | "{3F050B5B-2377-43EC-B9D4-480E280649F7}" = lport=137 | protocol=17 | dir=in | app=system | "{4016D9FE-94FF-496A-97ED-227F1F542AFD}" = rport=137 | protocol=17 | dir=out | app=system | "{6F0A192C-47A2-499E-BA94-1FFCD9DC81A8}" = lport=138 | protocol=17 | dir=in | app=system | "{722012A0-2188-4C0B-ABDE-40553AAAB7A0}" = rport=139 | protocol=6 | dir=out | app=system | "{7A40749E-EC74-42DB-876D-E82F665FB9CD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{8F13DB13-A7F5-4AC5-8981-35759C8F9345}" = rport=10243 | protocol=6 | dir=out | app=system | "{9A651964-49CA-4C17-97AE-9A665DE1CB73}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9AE9D6FE-3EED-43BB-A8D3-B8EC7A9550B8}" = lport=10243 | protocol=6 | dir=in | app=system | "{A1599AAE-D379-4469-8777-97E1F8A3C8FE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{A8AEA65C-757D-4724-8259-FDBAE936A898}" = lport=2869 | protocol=6 | dir=in | app=system | "{B7F00EBC-B560-4A8C-B859-86309A6B7575}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DF40E2AC-F0B8-4DE3-9A91-67F859BAB21C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E3863164-FFC7-4837-A6ED-C96A91D8769D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07F5E027-A3CD-4998-A28E-A8107AE1E2FA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{0AD44818-2E51-4A86-95D4-5C124DF78713}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{1455AF52-84FD-498F-ABAD-7669FD520DF0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1E4C9984-B378-4914-BAA7-806D8D04D20F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2188DF42-6D46-4640-BD99-5343F30B6855}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{40138661-C2BB-4EAA-95FA-3D16A3D13DBA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{59ABC7E2-FB28-4AD4-A947-4EFDF26D7864}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{75EF70A6-B4CD-4378-B222-05AD383E966F}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\rpds\bin\rpdsvc.exe | "{8681259F-9B49-4A3A-97D3-AE715AA6EF29}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{86A373C9-28CB-4FB8-A77D-1E099AD59F94}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{8B5C93F2-8BEB-4DFE-B3E2-4E93352742B2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{939FA64A-773F-4792-A40A-4C502E101B99}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{984B2B72-9E9E-467F-998D-FBE8FC1A30ED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{99373641-7B09-4927-9E79-ED8605B93B61}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{A0EA0461-006C-42C1-A149-137EBA68A4E9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A487A376-8B86-4764-A02B-FF9CAB236BF3}" = protocol=6 | dir=out | app=system | "{A63FE160-44FB-4EB4-80C8-77882AB3E32B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A72C60DF-E4E0-43B5-A956-DC99E47071F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{ADDA8F02-ABB3-4249-97C5-5B84C7300A20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B1BC6001-AE67-46B7-BC8E-00B8D5F3E653}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B8F2EBDF-531F-49E3-9BCE-21A40283A070}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C524D936-BBF2-44C7-8B50-113492499A8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DCB3EDA3-5666-4A41-9720-DF4718E03856}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{E239DDE4-FDE0-4327-B509-8417D449F5B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{E76AF798-3F24-4F53-81C6-B8E0B699409A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{EE9061BA-7D6C-462D-A6E7-F2C685EEA8ED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{EED1B4BF-4358-40ED-BA9F-0C1312362E23}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{FAA5DCB0-5BD0-458E-9675-451A27F7F9AF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{21E47F47-C9A7-4454-BA48-388327B0EA00}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2 "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software "{5F160A36-29D0-4AE0-986C-671A564BC0D4}" = Wave Crypto Runtime 2.0.9.0 x64 "{73ca1ddf-9d19-45f2-ad4c-04169ec13342}" = Intel(R) PRO/Wireless Driver "{7567A068-2F02-40D1-A34C-16D79ECD35A6}" = GemPcCCID "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{86A9BBDF-9B6D-4E3D-810E-23C9079C6217}" = Wave Support Software Installer "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{91CE5F03-3A2A-4268-935A-04944F058AE9}" = Gemalto "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2 "{9C481E27-751F-48B9-801D-C583F032DA50}" = Intel® PROSet/Wireless WiFi Software "{9CC89928-4787-4ED5-9942-4EBF6C2468E6}" = Dell System Manager "{9F9DF365-C354-468F-A174-82660FB13C5C}" = O2Micro OZ776 SCR Driver "{A2309A2F-4BEB-45C8-92E1-84D430AC15AD}" = SI TSS "{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Data Protection | Access "{BE1CF6CA-3182-45D8-9535-A18055B73607}" = Dell Custom Help "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = Samsung USB Driver for Mobile Phones "{DD317AA5-F0EF-480F-9501-507712B5E0B6}" = SPBA (WBF) 5.9 "{DF5B5BEC-BA44-4669-98C8-2A691C5EA428}" = PBA Driver-x64 "{F888B1E9-64E3-479D-91DB-2D9193C39535}" = AuthenTec WinBio FingerPrint Software 64-bit "VLC media player" = VLC media player [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{13743594-F75E-491E-9EFF-203C8F8DF705}" = RealDownloader "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.01 "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{48D18738-099C-4FAA-AFD9-80B592A25478}" = RealDownloader "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{75c02118-61df-4a00-b4ae-8a8f2ab354b3}" = RealDownloader "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11 "{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3 "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{00C5525B-3CB3-467D-8100-2E6FB306CD86}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.15) - Deutsch "{b6b417a3-1f40-4618-aadd-49628bda7836}" = Intel® PROSet/Wireless Software "{E3AE96D6-E196-45B4-AF62-2B41998B9E37}" = UpdateService "{E60AFF01-6087-47BD-8272-61FA3CFC309D}" = Video Downloader "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.22 "Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI "Another Matrix Screen Saver_is1" = Another Matrix Screen Saver "Avast" = Avast Business Security "ENTERPRISE" = Microsoft Office Enterprise 2007 "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3 "InstallShield_{9F9DF365-C354-468F-A174-82660FB13C5C}" = O2Micro OZ776 SCR Driver "Mozilla Firefox 45.0.2 (x86 de)" = Mozilla Firefox 45.0.2 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Notepad++" = Notepad++ "OrangeEdit_is1" = OrangeEdit 2.0 BETA "RarZilla Free Unrar" = RarZilla Free Unrar "RealPlayer 18.1" = RealPlayer (RealTimes) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "58d94f3ce2c27db0" = Dell System Detect ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 22.04.2016 15:51:16 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 3029 Description = Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 3029 Description = Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 3028 Description = Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 3058 Description = Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 7010 Description = Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 7042 Description = Error - 22.04.2016 15:52:36 | Computer Name = wrecken-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: downloader2.exe, Version: 18.1.3.104, Zeitstempel: 0x56b2b0c9 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0xcfc Startzeit der fehlerhaften Anwendung: 0x01d19ccf5cf96078 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: c277b56a-08c3-11e6-942a-1c659d039fda Error - 22.04.2016 19:57:40 | Computer Name = wrecken-PC | Source = bcc | ID = 1 Description = synchronize - exchange FAILED -12 (1 retry) Error - 23.04.2016 16:37:07 | Computer Name = wrecken-PC | Source = bcc | ID = 1 Description = synchronize - exchange FAILED -12 (1 retry) Error - 23.04.2016 16:39:17 | Computer Name = wrecken-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 22.04.2016 15:50:49 | Computer Name = wrecken-PC | Source = Service Control Manager | ID = 7034 Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 11 Mal passiert. Error - 22.04.2016 15:50:50 | Computer Name = wrecken-PC | Source = Service Control Manager | ID = 7034 Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 12 Mal passiert. Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Service Control Manager | ID = 7024 Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535. Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Service Control Manager | ID = 7034 Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 13 Mal passiert. Error - 23.04.2016 16:36:31 | Computer Name = wrecken-PC | Source = DCOM | ID = 10010 Description = Error - 23.04.2016 16:37:00 | Computer Name = wrecken-PC | Source = DCOM | ID = 10010 Description = Error - 23.04.2016 17:15:11 | Computer Name = wrecken-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden. Error - 23.04.2016 17:15:11 | Computer Name = wrecken-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden. Error - 23.04.2016 17:15:11 | Computer Name = wrecken-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden. Error - 23.04.2016 17:15:11 | Computer Name = wrecken-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden. < End of report > OTL logfile created on: 24.04.2016 03:49:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\wrecken\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 2,87 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 57,49% Memory free 5,73 Gb Paging File | 2,56 Gb Available in Paging File | 44,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 218,20 Gb Total Space | 105,86 Gb Free Space | 48,52% Space Free | Partition Type: NTFS Drive E: | 465,64 Gb Total Space | 132,66 Gb Free Space | 28,49% Space Free | Partition Type: FAT32 Computer Name: WRECKEN-PC | User Name: wrecken | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\wrecken\Downloads\otl.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.) PRC - C:\Programme\AVAST Software\Avast\avastui.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\bccavsvc.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\bcc.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe () PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe () PRC - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (DEVGURU Co., LTD.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll () MOD - C:\Programme\AVAST Software\Avast\ffl2.dll () MOD - C:\Programme\AVAST Software\Avast\libcef.dll () MOD - C:\Programme\AVAST Software\Avast\JsonRpcServer.dll () MOD - C:\Programme\AVAST Software\Avast\log.dll () MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll () MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe () MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll () MOD - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () ========== Services (SafeList) ========== SRV:64bit: - (Avast Business Console Client Antivirus Service) -- C:\Program Files\AVAST Software\Avast\bccavsvc.exe (AVAST Software) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (RealTimes Desktop Service) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.) SRV - (aswBcc) -- C:\Programme\AVAST Software\Avast\bcc.exe (AVAST Software) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (RealPlayerUpdateSvc) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe () SRV - (ss_conn_service) -- C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (DEVGURU Co., LTD.) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation) SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe () SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (PbaDrvSvc_x64) -- C:\Programme\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe (Dell, Inc.) SRV - (tcsd_win32.exe) -- C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe () SRV - (dcpsysmgrsvc) -- C:\Programme\Dell\Dell System Manager\DCPSysMgrSvc.exe (Dell Inc.) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software) DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software) DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwsw00.sys (Intel Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (dcdbas) -- C:\Windows\SysNative\drivers\dcdbas64.sys (Dell Inc.) DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\accelern.sys (ST Microelectronics) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EE A5 52 AA 28 9B D1 01 [binary data] IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "AT" FF - prefs.js..browser.search.region: "AT" FF - prefs.js..browser.startup.homepage: "www.google.at" FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20151208 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.9.0.11 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll () FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=18.1.3.100: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=18.1.3.100: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016.04.20 20:21:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\wrecken\AppData\Roaming\mozilla\Extensions [2016.04.21 17:17:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\wrecken\AppData\Roaming\mozilla\Firefox\Profiles\nrxv7ewj.default\extensions [2016.04.21 17:15:19 | 000,000,000 | ---D | M] (WOT) -- C:\Users\wrecken\AppData\Roaming\mozilla\Firefox\Profiles\nrxv7ewj.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016.04.21 17:16:45 | 000,564,411 | ---- | M] () (No name found) -- C:\Users\wrecken\AppData\Roaming\mozilla\firefox\profiles\nrxv7ewj.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016.04.21 17:17:23 | 001,013,992 | ---- | M] () (No name found) -- C:\Users\wrecken\AppData\Roaming\mozilla\firefox\profiles\nrxv7ewj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016.04.20 19:25:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\..Trusted Domains: dell.com ([]* in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30A37DFD-E193-4F21-87E2-E1D475688139}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4113C692-F91C-457A-86B7-261856760A92}: DhcpNameServer = 212.33.36.155 212.33.55.5 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Programme\Common Files\SPBA\homefus2.dll (Authentec Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2016.04.23 22:35:56 | 000,000,000 | ---D | C] -- C:\Windows\pss [2016.04.23 08:06:50 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell [2016.04.22 22:13:11 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Macromedia [2016.04.22 22:13:11 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Macromedia [2016.04.22 22:12:44 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2016.04.22 22:12:44 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2016.04.22 22:12:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2016.04.22 22:12:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2016.04.22 21:45:00 | 000,000,000 | ---D | C] -- C:\Users\wrecken\Documents\Bluetooth-Exchange-Ordner [2016.04.22 00:11:06 | 000,000,000 | ---D | C] -- C:\Windows\Migration [2016.04.21 22:04:55 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll [2016.04.21 22:04:55 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll [2016.04.21 22:04:52 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe [2016.04.21 22:04:52 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe [2016.04.21 22:04:52 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll [2016.04.21 22:04:52 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll [2016.04.21 22:04:39 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe [2016.04.21 22:04:39 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe [2016.04.21 21:43:17 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2016.04.21 21:43:17 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2016.04.21 21:22:14 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll [2016.04.21 21:19:44 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2016.04.21 21:19:44 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2016.04.21 13:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RarZilla Free Unrar [2016.04.21 13:19:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RarZilla Free Unrar [2016.04.21 13:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [2016.04.21 13:17:14 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Notepad++ [2016.04.21 13:17:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++ [2016.04.21 13:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OrangeEdit [2016.04.21 13:11:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OrangeEdit [2016.04.21 13:11:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2016.04.21 13:11:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2016.04.21 13:10:01 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Programs [2016.04.21 13:08:24 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\OrangeApps [2016.04.21 13:08:24 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\OrangeApps [2016.04.21 12:35:08 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Philipp Winterberg [2016.04.21 12:20:39 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Real [2016.04.21 12:20:18 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\RealNetworks [2016.04.21 12:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks [2016.04.21 12:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks [2016.04.21 12:19:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2016.04.21 12:19:51 | 000,200,944 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2016.04.21 12:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2016.04.21 12:19:40 | 000,278,768 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2016.04.21 12:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2016.04.21 12:19:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real [2016.04.21 12:18:30 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Real [2016.04.21 12:15:18 | 000,000,000 | ---D | C] -- C:\Users\wrecken\Tracing [2016.04.21 12:14:40 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Skype [2016.04.21 12:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2016.04.21 12:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2016.04.21 12:14:26 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2016.04.21 12:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2016.04.21 12:11:11 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\vlc [2016.04.21 12:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2016.04.21 12:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2016.04.21 11:34:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log [2016.04.21 11:34:07 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll [2016.04.21 11:34:07 | 000,708,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller.dll [2016.04.21 11:34:07 | 000,213,088 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys [2016.04.21 11:34:07 | 000,120,416 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys [2016.04.21 11:33:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [2016.04.21 11:33:02 | 000,144,664 | ---- | C] (MAPILab Ltd. & Add-in Express Ltd.) -- C:\Windows\SysWow64\secman.dll [2016.04.21 11:33:00 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll [2016.04.21 11:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2016.04.21 11:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung [2016.04.21 11:27:29 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Downloaded Installations [2016.04.21 11:20:46 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Samsung [2016.04.21 11:20:38 | 000,000,000 | ---D | C] -- C:\Users\wrecken\Documents\samsung [2016.04.21 11:20:38 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Samsung [2016.04.21 11:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\honestech VHS to DVD 2.0 SE [2016.04.21 11:19:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\honestech [2016.04.21 11:18:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FANUC [2016.04.21 11:15:23 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Adobe [2016.04.21 11:15:23 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Adobe [2016.04.21 10:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Another Matrix Screen Saver [2016.04.21 10:52:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Another Matrix Screen Saver [2016.04.21 07:06:01 | 000,398,152 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2016.04.21 07:04:34 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\AVAST Software [2016.04.21 07:03:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [2016.04.21 07:02:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV [2016.04.21 07:02:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AV [2016.04.21 07:02:19 | 000,165,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2016.04.21 07:02:18 | 000,463,744 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2016.04.21 07:02:18 | 000,287,016 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys [2016.04.21 07:02:17 | 000,107,792 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2016.04.21 07:02:17 | 000,074,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys [2016.04.21 07:02:16 | 000,103,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2016.04.21 07:02:16 | 000,037,656 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys [2016.04.21 07:02:12 | 001,070,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2016.04.21 07:01:39 | 000,052,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2016.04.21 06:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2016.04.21 06:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2016.04.21 06:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2016.04.21 06:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2016.04.21 06:35:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2016.04.20 21:28:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2016.04.20 21:27:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2016.04.20 21:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2016.04.20 21:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2016.04.20 21:26:47 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2016.04.20 21:26:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2016.04.20 21:24:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2016.04.20 21:23:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2016.04.20 21:22:28 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Microsoft Help [2016.04.20 21:22:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2016.04.20 21:22:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2016.04.20 21:21:56 | 000,000,000 | RH-D | C] -- C:\MSOCache [2016.04.20 21:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell System Manager [2016.04.20 21:15:55 | 000,382,056 | ---- | C] (Dell Inc.) -- C:\Windows\hapint.exe [2016.04.20 21:15:55 | 000,335,464 | ---- | C] (Dell Inc.) -- C:\Windows\dchcfg64.exe [2016.04.20 21:15:55 | 000,093,288 | ---- | C] (Dell Inc.) -- C:\Windows\dcmdev64.exe [2016.04.20 21:15:53 | 000,459,880 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\dchbas64.dll [2016.04.20 21:15:53 | 000,322,664 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\dchapi64.dll [2016.04.20 21:15:16 | 000,000,000 | ---D | C] -- C:\apps [2016.04.20 21:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Security Innovation [2016.04.20 21:15:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Innovation [2016.04.20 21:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\Dell [2016.04.20 21:13:58 | 000,000,000 | ---D | C] -- C:\Program Files\Fingerprint Sensor [2016.04.20 21:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SPBA [2016.04.20 21:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SPBA [2016.04.20 21:13:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gemalto [2016.04.20 21:13:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\O2Micro OZ776 SCR Driver [2016.04.20 21:12:28 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2016.04.20 21:12:22 | 000,057,344 | ---- | C] (O2Micro) -- C:\Windows\SysWow64\ct32O2.dll [2016.04.20 21:12:22 | 000,057,344 | ---- | C] (O2Micro) -- C:\Windows\SysNative\ct32O2.dll [2016.04.20 21:12:18 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Wave Systems Corp [2016.04.20 21:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Wave Systems Corp [2016.04.20 21:05:00 | 000,000,000 | ---D | C] -- C:\7cae8c5651b37dbf7e24f8f5c2 [2016.04.20 21:04:20 | 000,000,000 | ---D | C] -- C:\c8bb05505b6ffae53b [2016.04.20 21:03:08 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Broadcom [2016.04.20 21:01:23 | 000,022,056 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\btwcoins.dll [2016.04.20 21:01:22 | 000,349,736 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwampfl.sys [2016.04.20 21:01:22 | 000,138,280 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys [2016.04.20 21:01:22 | 000,107,560 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys [2016.04.20 21:01:22 | 000,039,464 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys [2016.04.20 21:01:22 | 000,021,416 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys [2016.04.20 20:59:19 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM [2016.04.20 20:55:55 | 000,196,608 | ---- | C] (RICOH) -- C:\Windows\SysNative\RiSDIcon.dll [2016.04.20 20:55:55 | 000,188,416 | ---- | C] (RICOH) -- C:\Windows\SysNative\RiMMCIcon.dll [2016.04.20 20:55:55 | 000,080,896 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\risdpe64.sys [2016.04.20 20:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2016.04.20 20:54:50 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys [2016.04.20 20:48:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel [2016.04.20 20:47:14 | 000,000,000 | ---D | C] -- C:\Intel [2016.04.20 20:46:59 | 000,158,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\Impcd.sys [2016.04.20 20:46:58 | 012,312,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys [2016.04.20 20:46:58 | 009,528,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll [2016.04.20 20:46:58 | 009,014,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll [2016.04.20 20:46:58 | 008,314,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll [2016.04.20 20:46:58 | 007,988,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll [2016.04.20 20:46:58 | 006,324,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll [2016.04.20 20:46:58 | 002,780,160 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll [2016.04.20 20:46:58 | 002,191,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll [2016.04.20 20:46:58 | 000,581,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll [2016.04.20 20:46:58 | 000,510,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe [2016.04.20 20:46:58 | 000,418,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe [2016.04.20 20:46:58 | 000,390,144 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll [2016.04.20 20:46:58 | 000,378,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll [2016.04.20 20:46:58 | 000,376,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll [2016.04.20 20:46:58 | 000,376,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll [2016.04.20 20:46:58 | 000,376,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll [2016.04.20 20:46:58 | 000,293,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll [2016.04.20 20:46:58 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc [2016.04.20 20:46:58 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc [2016.04.20 20:46:58 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc [2016.04.20 20:46:58 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc [2016.04.20 20:46:58 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc [2016.04.20 20:46:58 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc [2016.04.20 20:46:58 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc [2016.04.20 20:46:58 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc [2016.04.20 20:46:58 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc [2016.04.20 20:46:58 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc [2016.04.20 20:46:58 | 000,246,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll [2016.04.20 20:46:58 | 000,241,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe [2016.04.20 20:46:58 | 000,219,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll [2016.04.20 20:46:58 | 000,168,944 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe [2016.04.20 20:46:58 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll [2016.04.20 20:46:58 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl [2016.04.20 20:46:58 | 000,098,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll [2016.04.20 20:46:58 | 000,098,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll [2016.04.20 20:46:58 | 000,090,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2993.dll [2016.04.20 20:46:58 | 000,062,464 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll [2016.04.20 20:46:58 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll [2016.04.20 20:46:58 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll [2016.04.20 20:46:57 | 018,664,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll [2016.04.20 20:46:57 | 004,380,144 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe [2016.04.20 20:46:57 | 000,394,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe [2016.04.20 20:46:57 | 000,146,432 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll [2016.04.20 20:46:57 | 000,110,080 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll [2016.04.20 20:46:55 | 000,317,440 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys [2016.04.20 20:46:55 | 000,185,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe [2016.04.20 20:46:55 | 000,014,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll [2016.04.20 20:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2016.04.20 20:44:38 | 000,022,128 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\stdcfltn.sys [2016.04.20 20:44:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2016.04.20 20:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\STMicroelectronics [2016.04.20 20:42:36 | 000,000,000 | ---D | C] -- C:\dell [2016.04.20 20:41:57 | 000,081,520 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\accelernco01.dll [2016.04.20 20:41:57 | 000,027,760 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\accelern.sys [2016.04.20 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STMicroelectronics [2016.04.20 20:41:53 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2016.04.20 20:39:42 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Dell [2016.04.20 20:31:06 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\WLANProfiles [2016.04.20 20:30:46 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Intel [2016.04.20 20:30:08 | 000,000,000 | ---D | C] -- C:\Users\wrecken\Roaming [2016.04.20 20:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming [2016.04.20 20:29:14 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless [2016.04.20 20:28:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2016.04.20 20:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2016.04.20 20:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2016.04.20 20:28:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2016.04.20 20:26:30 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2016.04.20 20:26:26 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2016.04.20 20:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2016.04.20 20:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell [2016.04.20 20:24:04 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2016.04.20 20:24:04 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2016.04.20 20:24:04 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2016.04.20 20:23:58 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2016.04.20 20:23:58 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2016.04.20 20:23:58 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2016.04.20 20:23:58 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2016.04.20 20:23:58 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2016.04.20 20:23:58 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2016.04.20 20:23:50 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2016.04.20 20:23:50 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2016.04.20 20:23:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2016.04.20 20:23:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2016.04.20 20:22:28 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Deployment [2016.04.20 20:22:28 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Apps [2016.04.20 20:04:29 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2016.04.20 19:26:08 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Mozilla [2016.04.20 19:26:07 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Mozilla [2016.04.20 19:25:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2016.04.20 19:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2016.04.20 19:12:33 | 000,000,000 | R--D | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2016.04.20 19:12:33 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Searches [2016.04.20 19:12:33 | 000,000,000 | R--D | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2016.04.20 19:12:25 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Identities [2016.04.20 19:12:23 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Contacts [2016.04.20 19:12:22 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\VirtualStore [2016.04.20 19:12:13 | 000,000,000 | --SD | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Videos [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Saved Games [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Pictures [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Music [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Links [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Favorites [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Downloads [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Documents [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Desktop [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Vorlagen [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\AppData\Local\Verlauf [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\AppData\Local\Temporary Internet Files [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Startmenü [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\SendTo [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Recent [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Netzwerkumgebung [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Lokale Einstellungen [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Documents\Eigene Videos [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Documents\Eigene Musik [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Eigene Dateien [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Documents\Eigene Bilder [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Druckumgebung [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Cookies [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\AppData\Local\Anwendungsdaten [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Anwendungsdaten [2016.04.20 19:12:13 | 000,000,000 | -H-D | C] -- C:\Users\wrecken\AppData [2016.04.20 19:12:13 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Temp [2016.04.20 19:12:13 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Microsoft [2016.04.20 19:12:13 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Media Center Programs [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Recovery [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Programme [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2016.04.20 19:08:04 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2016.04.20 19:05:53 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2016.04.20 19:05:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2016.04.24 03:40:43 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2016.04.24 03:40:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2016.04.23 22:46:41 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2016.04.23 22:46:41 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2016.04.23 22:46:10 | 001,618,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2016.04.23 22:46:10 | 000,698,926 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2016.04.23 22:46:10 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2016.04.23 22:46:10 | 000,149,034 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2016.04.23 22:46:10 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2016.04.23 22:38:14 | 2307,272,704 | -HS- | M] () -- C:\hiberfil.sys [2016.04.22 22:12:44 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2016.04.22 22:12:44 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2016.04.22 00:13:17 | 001,559,112 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2016.04.21 13:19:32 | 000,001,091 | ---- | M] () -- C:\Users\Public\Desktop\RarZilla Free Unrar.lnk [2016.04.21 13:17:16 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\Notepad++.lnk [2016.04.21 13:11:10 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\OrangeEdit.lnk [2016.04.21 12:20:28 | 000,001,204 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk [2016.04.21 12:19:51 | 000,200,944 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2016.04.21 12:19:40 | 000,278,768 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2016.04.21 12:14:27 | 000,002,699 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2016.04.21 12:10:53 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2016.04.21 11:53:39 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies 3.lnk [2016.04.21 11:45:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2016.04.21 11:34:46 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk [2016.04.21 11:34:46 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2016.04.21 10:52:46 | 000,001,133 | ---- | M] () -- C:\Users\wrecken\Desktop\Another Matrix Screen Saver.lnk [2016.04.21 07:03:46 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\Avast Business Security.lnk [2016.04.21 07:02:57 | 001,070,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2016.04.21 07:02:56 | 000,107,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2016.04.21 07:02:55 | 000,463,744 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2016.04.21 07:01:42 | 000,398,152 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2016.04.21 07:01:42 | 000,287,016 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys [2016.04.21 07:01:42 | 000,165,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2016.04.21 07:01:42 | 000,074,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys [2016.04.21 07:01:42 | 000,037,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys [2016.04.21 07:01:41 | 000,103,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2016.04.21 07:01:39 | 000,052,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2016.04.21 06:39:07 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2016.04.20 21:52:56 | 000,416,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2016.04.20 21:16:19 | 000,002,024 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk [2016.04.20 21:13:15 | 000,000,206 | ---- | M] () -- C:\Windows\hbcikrnl.ini [2016.04.20 21:13:13 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2016.04.20 21:12:22 | 000,057,344 | ---- | M] (O2Micro) -- C:\Windows\SysWow64\ct32O2.dll [2016.04.20 21:12:22 | 000,057,344 | ---- | M] (O2Micro) -- C:\Windows\SysNative\ct32O2.dll [2016.04.20 21:01:34 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016.04.20 20:56:51 | 000,349,736 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwampfl.sys [2016.04.20 20:56:51 | 000,138,280 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys [2016.04.20 20:56:51 | 000,107,560 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys [2016.04.20 20:56:51 | 000,039,464 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys [2016.04.20 20:56:51 | 000,022,056 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\btwcoins.dll [2016.04.20 20:56:51 | 000,021,416 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys [2016.04.20 20:53:18 | 000,015,804 | ---- | M] () -- C:\Windows\SysNative\results.xml [2016.04.20 19:25:28 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2016.04.20 19:09:52 | 000,207,887 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2016.04.20 19:09:52 | 000,207,887 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2016.04.20 19:08:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2016.04.20 19:08:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf ========== Files Created - No Company Name ========== [2016.04.22 22:12:45 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2016.04.22 00:13:17 | 001,559,112 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2016.04.21 13:19:32 | 000,001,091 | ---- | C] () -- C:\Users\Public\Desktop\RarZilla Free Unrar.lnk [2016.04.21 13:17:16 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\Notepad++.lnk [2016.04.21 13:11:10 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\OrangeEdit.lnk [2016.04.21 12:20:28 | 000,001,204 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk [2016.04.21 12:14:27 | 000,002,699 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2016.04.21 12:10:53 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2016.04.21 11:53:39 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies 3.lnk [2016.04.21 11:45:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2016.04.21 11:34:46 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk [2016.04.21 11:34:46 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2016.04.21 10:52:46 | 000,001,133 | ---- | C] () -- C:\Users\wrecken\Desktop\Another Matrix Screen Saver.lnk [2016.04.21 07:03:46 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\Avast Business Security.lnk [2016.04.21 06:39:07 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2016.04.21 06:39:07 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2016.04.20 21:16:19 | 000,002,024 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk [2016.04.20 21:13:13 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2016.04.20 21:13:03 | 000,000,206 | ---- | C] () -- C:\Windows\hbcikrnl.ini [2016.04.20 20:59:33 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016.04.20 20:53:18 | 000,015,804 | ---- | C] () -- C:\Windows\SysNative\results.xml [2016.04.20 20:46:58 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa [2016.04.20 20:46:58 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2016.04.20 20:46:58 | 000,867,020 | ---- | C] () -- C:\Windows\SysNative\igkrng575.bin [2016.04.20 20:46:58 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2016.04.20 20:46:58 | 000,128,204 | ---- | C] () -- C:\Windows\SysNative\igcompkrng575.bin [2016.04.20 20:46:58 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2016.04.20 20:46:58 | 000,105,608 | ---- | C] () -- C:\Windows\SysNative\igfcg575m.bin [2016.04.20 20:46:58 | 000,059,243 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp [2016.04.20 20:46:58 | 000,059,174 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp [2016.04.20 20:46:58 | 000,059,062 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp [2016.04.20 20:46:58 | 000,017,444 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp [2016.04.20 20:46:58 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll [2016.04.20 20:46:58 | 000,001,074 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp [2016.04.20 20:46:57 | 013,913,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2016.04.20 20:46:57 | 000,135,370 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources [2016.04.20 20:46:57 | 000,117,636 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources [2016.04.20 20:46:57 | 000,116,348 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources [2016.04.20 20:46:57 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll [2016.04.20 20:46:57 | 000,000,146 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config [2016.04.20 20:46:56 | 000,211,303 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources [2016.04.20 20:46:56 | 000,198,139 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources [2016.04.20 20:46:56 | 000,182,706 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources [2016.04.20 20:46:56 | 000,153,167 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources [2016.04.20 20:46:56 | 000,149,009 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources [2016.04.20 20:46:56 | 000,140,216 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources [2016.04.20 20:46:56 | 000,138,727 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources [2016.04.20 20:46:56 | 000,137,846 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources [2016.04.20 20:46:56 | 000,137,668 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources [2016.04.20 20:46:56 | 000,136,603 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources [2016.04.20 20:46:56 | 000,135,628 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources [2016.04.20 20:46:56 | 000,134,836 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources [2016.04.20 20:46:56 | 000,134,412 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources [2016.04.20 20:46:56 | 000,134,384 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources [2016.04.20 20:46:56 | 000,133,846 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources [2016.04.20 20:46:56 | 000,133,709 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources [2016.04.20 20:46:56 | 000,133,178 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources [2016.04.20 20:46:56 | 000,132,889 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources [2016.04.20 20:46:56 | 000,132,788 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources [2016.04.20 20:46:56 | 000,131,839 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources [2016.04.20 20:46:56 | 000,128,996 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources [2016.04.20 20:46:56 | 000,128,831 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources [2016.04.20 20:46:56 | 000,124,052 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources [2016.04.20 20:46:55 | 000,156,233 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources [2016.04.20 20:46:55 | 000,133,404 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources [2016.04.20 20:46:55 | 000,128,535 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources [2016.04.20 19:25:28 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2016.04.20 19:25:28 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2016.04.20 19:12:38 | 000,001,405 | ---- | C] () -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2016.04.20 19:12:34 | 000,001,439 | ---- | C] () -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2016.04.20 19:09:45 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2016.04.20 19:09:45 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2016.04.20 19:08:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2016.04.20 19:08:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2016.04.20 19:05:15 | 2307,272,704 | -HS- | C] () -- C:\hiberfil.sys ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2016.04.21 07:04:34 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\AVAST Software [2016.04.21 13:17:29 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\Notepad++ [2016.04.21 13:08:24 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\OrangeApps [2016.04.21 12:35:08 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\Philipp Winterberg [2016.04.21 11:53:33 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\Samsung [2016.04.20 21:12:18 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\Wave Systems Corp ========== Purity Check ========== < End of report > |
| Themen zu Bedenklicher Eintrag im Startmenü |
| adobe, autorun, avast, bho, desktop, dll, error, excel, explorer, failed, flash player, format, home, install.exe, langsam, mozilla, programme, registry, rundll, scan, security, server, software, svchost.exe, usb, windows |
Baum-Darstellung