| noregret | 21.06.2013 01:23 |
Otl erstellt irgendwie nur noch die otl.txt aber keine extra.txt
otl.txt: Code:
OTL logfile created on: 21.06.2013 02:11:25 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christian\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,73 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 66,34% Memory free
3,46 Gb Paging File | 2,83 Gb Available in Paging File | 81,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218,79 Gb Total Space | 173,56 Gb Free Space | 79,33% Space Free | Partition Type: NTFS
Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.06.08 03:53:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
PRC - [2013.04.23 06:48:16 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013.04.23 06:48:12 | 001,561,968 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2013.02.05 10:54:40 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.07.04 13:37:58 | 000,081,920 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\VSGate.exe
PRC - [2011.07.04 13:35:22 | 000,240,640 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\LcSvrAdm.exe
PRC - [2011.07.04 13:32:18 | 000,335,360 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\LcSvrHis.exe
PRC - [2011.07.04 13:30:24 | 000,373,248 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\LcSvrSaz.exe
PRC - [2011.07.04 13:28:22 | 001,321,984 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\LcSvrAuf.exe
PRC - [2011.07.04 13:25:16 | 000,477,696 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\LcSvrPas.exe
PRC - [2011.07.04 13:23:56 | 000,392,704 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\LcSvrDba.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.25 21:28:50 | 000,486,560 | ---- | M] (Atheros Communications) -- C:\Programme\Bluetooth Suite\BtvStack.exe
PRC - [2010.11.25 21:28:44 | 000,302,240 | ---- | M] (Atheros Commnucations) -- C:\Programme\Bluetooth Suite\AthBtTray.exe
PRC - [2010.11.25 21:28:42 | 000,056,480 | ---- | M] (Atheros Commnucations) -- C:\Programme\Bluetooth Suite\AdminService.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
========== Modules (No Company Name) ==========
MOD - [2013.05.30 16:08:36 | 017,554,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\71b6200b469ae31187226c5634b6d6bb\Kies.Theme.ni.dll
MOD - [2013.05.30 16:08:34 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\5face173af94a7083cea1c078a6b4938\DummyStorePlugin.ni.dll
MOD - [2013.05.30 16:08:32 | 000,115,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\9ab54aea64046cd2b4ff895b1c027c05\DeviceStoryAlbum.ni.dll
MOD - [2013.05.30 16:08:30 | 000,614,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\29be5a9cc5b83e2b30e9d788ac201f83\DevicePodcast.ni.dll
MOD - [2013.05.30 16:08:26 | 000,300,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\b44e10add0a5276dc3fbbde338c4b5ea\DeviceVideo.ni.dll
MOD - [2013.05.30 16:08:24 | 000,355,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\9661c2265a6fb7782243c0633378a1e5\DevicePhoto.ni.dll
MOD - [2013.05.30 16:08:21 | 000,307,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\ec4ba3e13a88086bf95ea05919513917\DeviceMusic.ni.dll
MOD - [2013.05.30 16:08:19 | 000,474,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\df3496a7e1364e2b78bac5b4aef48ae6\VideoManager.ni.dll
MOD - [2013.05.30 16:08:15 | 000,782,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\88ec39193b34cf293d0887383c2ccde5\PhotoManager.ni.dll
MOD - [2013.05.30 16:08:10 | 001,988,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\be4228490407398b302edeed5ea57879\Phonebook.ni.dll
MOD - [2013.05.30 16:08:00 | 000,207,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\ea5424dfc774422fa2038d980b1642d1\StoryAlbumManager.ni.dll
MOD - [2013.05.30 16:07:58 | 000,945,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\218ed646a2ca6d2c08509295ce556260\MusicManager.ni.dll
MOD - [2013.05.30 16:07:53 | 000,404,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\fbe4134679a5506a54004cd5952d7d29\BATPlugin.ni.dll
MOD - [2013.05.30 16:07:50 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\a5bd3f2855afcc1f5bf15057c35bd48d\Kies.Common.StoreManager.ni.dll
MOD - [2013.05.30 16:07:49 | 000,534,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\730c70013610eb7e73f49213b1076bab\Kies.Common.MediaDB.ni.dll
MOD - [2013.05.30 16:07:45 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\94fd3d4235723a962f8b3f29d7eac567\Kies.Common.AllShare.ni.dll
MOD - [2013.05.30 16:07:44 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\1784a3c837a81be9ad8608a9405de178\Kies.Common.DBManager.ni.dll
MOD - [2013.05.30 16:07:41 | 000,109,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\fde643974d1f6bc8843237cedb262c9b\Kies.Common.CRMManager.ni.dll
MOD - [2013.05.30 16:07:40 | 001,146,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\1f04da0191d585e975a3f43548a70e2e\Podcaster.ni.dll
MOD - [2013.05.30 16:07:34 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\35992f641f4348746cfe0c6c1b48ece7\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2013.05.30 16:07:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\94eee0f7d59880d4ff2754ad67877ac1\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2013.05.30 16:07:30 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\931b9596988f8d16731b691a35a25727\Interop.DevFileServiceLib.ni.dll
MOD - [2013.05.30 16:07:29 | 000,580,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f0dfcf225ea9ee5911a199d90da24d76\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013.05.30 16:07:26 | 001,204,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f564ae0bcec147d5902965cf0f4367d1\Kies.Common.DeviceService.ni.dll
MOD - [2013.05.30 16:07:20 | 000,995,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\99bba258903cd892a867461d55d728ff\DeviceCommonLib.ni.dll
MOD - [2013.05.30 16:07:15 | 000,743,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\d68e9699b3319f4d4a0d0fdb8855f48a\Kies.Plugin.ContentsManagerLib.ni.dll
MOD - [2013.05.30 16:07:11 | 000,205,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\50c6d0af63aa7107ec15d7ef86a62609\Kies.Common.MainUI.ni.dll
MOD - [2013.05.30 16:06:49 | 000,045,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bd5cbd625647b2af277b7c5c0ffb8f5b\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2013.05.30 16:06:48 | 000,928,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\6704d4bac5e6b834fe7cd1502f09f2cb\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2013.05.30 16:06:42 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\bfc490c6779a7a9ae85832ca58c27054\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013.05.30 16:06:41 | 002,202,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\dfc6504af8cd62a4a38a5b6ad7ca6566\Kies.Common.Multimedia.ni.dll
MOD - [2013.05.30 16:06:30 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f93e893f927f890bffe924ec7e8c1323\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013.05.30 16:06:29 | 000,638,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\2627bfc447a741309a32dbd51ee23dbc\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2013.05.30 16:06:09 | 007,031,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\8f217eeaa66560ba63ae69c4be00ff95\DeviceHost.ni.dll
MOD - [2013.05.30 14:59:57 | 000,282,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\37bb8c2ca86bf868044bce11e73d1efc\Kies.Common.Util.ni.dll
MOD - [2013.05.30 14:59:53 | 001,644,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c5572a7e44449de16eb4e7db6b7b5b82\Kies.Locale.ni.dll
MOD - [2013.05.30 14:59:49 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\2cbf81c1b1b5e7bd6a4758bd057e2d4c\Kies.MVVM.ni.dll
MOD - [2013.05.30 14:59:47 | 001,899,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7aef2d5e9f446c4108ed337e465cd196\Kies.UI.ni.dll
MOD - [2013.05.30 14:59:32 | 001,273,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0687f786aa9dd34f7dd8d26cdfdb065f\Kies.Interface.ni.dll
MOD - [2013.05.30 14:59:20 | 002,176,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\12c6291066c5db8821df6c56c8254037\Kies.ni.exe
MOD - [2013.05.17 01:12:31 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\f67e1afe33aa6c76e375dbd4fa132363\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013.05.16 02:53:16 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll
MOD - [2013.05.16 02:52:57 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll
MOD - [2013.05.16 02:52:32 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll
MOD - [2013.05.16 02:52:13 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll
MOD - [2013.05.16 02:52:00 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll
MOD - [2013.02.13 21:56:23 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll
MOD - [2013.01.09 19:20:44 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll
MOD - [2013.01.09 19:20:00 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2013.01.09 19:19:59 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2013.01.09 19:19:58 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2013.01.09 19:19:03 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll
MOD - [2013.01.09 19:18:57 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll
MOD - [2013.01.09 19:16:35 | 000,770,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dbe82a95ee3feebc5999138fdf36d3c9\System.Runtime.Remoting.ni.dll
MOD - [2013.01.09 19:15:54 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013.01.09 18:54:12 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013.01.09 18:53:38 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013.01.09 18:52:59 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
========== Services (SafeList) ==========
SRV - [2013.05.24 12:37:30 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.05 10:54:40 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2011.07.04 13:37:58 | 000,081,920 | ---- | M] (Volkswagen AG) [Auto | Running] -- C:\ElsaWin\bin\VSGate.exe -- (VSGate)
SRV - [2011.07.04 13:35:22 | 000,240,640 | ---- | M] (Volkswagen AG) [Auto | Running] -- C:\ElsaWin\bin\LcSvrAdm.exe -- (LcSvrAdm)
SRV - [2011.07.04 13:32:18 | 000,335,360 | ---- | M] (Volkswagen AG) [Auto | Running] -- C:\ElsaWin\bin\LcSvrHis.exe -- (LcSvrHis)
SRV - [2011.07.04 13:30:24 | 000,373,248 | ---- | M] (Volkswagen AG) [Auto | Running] -- C:\ElsaWin\bin\LcSvrSaz.exe -- (LcSvrSaz)
SRV - [2011.07.04 13:28:22 | 001,321,984 | ---- | M] (Volkswagen AG) [On_Demand | Running] -- C:\ElsaWin\bin\LcSvrAuf.exe -- (LcSvrAuf)
SRV - [2011.07.04 13:25:16 | 000,477,696 | ---- | M] (Volkswagen AG) [Auto | Running] -- C:\ElsaWin\bin\LcSvrPas.exe -- (LcSvrPAS)
SRV - [2011.07.04 13:23:56 | 000,392,704 | ---- | M] (Volkswagen AG) [Auto | Running] -- C:\ElsaWin\bin\LcSvrDba.exe -- (LcSvrDba)
SRV - [2010.11.25 21:28:42 | 000,056,480 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Programme\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\CHRIST~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013.04.03 09:58:16 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013.04.03 09:58:16 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013.02.05 10:54:40 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2011.10.19 14:01:06 | 000,061,744 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ai-usb.sys -- (FTDIBUS)
DRV - [2011.05.25 01:25:50 | 007,800,832 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.05.24 23:25:22 | 000,245,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.04.21 21:14:40 | 002,171,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2011.03.30 15:46:38 | 000,100,880 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011.01.25 12:47:44 | 000,068,720 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010.12.01 17:12:04 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010.11.29 05:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010.11.25 21:29:00 | 000,141,088 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV - [2010.11.25 21:28:58 | 000,258,720 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV - [2010.11.25 21:28:58 | 000,175,776 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV - [2010.11.25 21:28:58 | 000,049,312 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV - [2010.11.25 21:28:58 | 000,034,976 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_flt.sys -- (AthBTPort)
DRV - [2010.11.25 21:28:58 | 000,024,736 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_bus.sys -- (BTATH_BUS)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.06.16 18:01:30 | 000,059,464 | ---- | M] (Ross-Tech LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RT-USB.SYS -- (RT-USB)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2008.11.23 11:23:06 | 000,097,792 | ---- | M] (T0r0 2008) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NSHE.SYS -- (NSHE)
DRV - [2006.11.22 11:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock)
DRV - [2006.11.11 03:25:20 | 000,066,944 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\thdudf.sys -- (thdudf)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredimail.com/german?a=1eynX8MsEWa
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 8C C0 2D CE D3 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012.01.18 20:02:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Extensions
[2013.06.04 23:11:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\tbs52j6a.default\extensions
[2013.05.30 08:47:09 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\tbs52j6a.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.06.04 22:06:22 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\firefox\profiles\tbs52j6a.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.24 12:37:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.05.24 12:37:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
[2013.05.24 12:37:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.05.24 12:37:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.05.24 12:37:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.24 12:37:32 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2013.06.10 01:24:40 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Programme\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O4 - HKLM..\Run: [AthBtTray] C:\Program Files\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4 - HKLM..\Run: [AtherosBtStack] C:\Program Files\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ross-Tech VCDS DRV Updater.lnk = C:\Ross-Tech\VCDS-DRV\VCDS.exe (Ross-Tech, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Programme\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45CBA6B9-27BF-477F-A026-15BA60A5734D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E66E9278-7A07-420D-9661-255CADC1320F}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\vw-wi - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.06.21 02:11:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
[2013.06.21 01:49:29 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2013.06.21 01:33:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.06.18 01:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.06.14 21:26:03 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\ATI
[2013.06.14 21:26:03 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\ATI
[2013.06.11 00:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.06.11 00:48:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.06.10 13:47:21 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.06.10 01:28:52 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\temp
[2013.06.09 23:33:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.06.09 23:33:15 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.06.09 11:57:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.06.08 03:55:33 | 000,000,000 | ---D | C] -- C:\Users\Christian\Desktop\virus
[2013.06.05 14:02:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2013.06.05 02:47:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.06.04 23:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2013.06.04 23:14:57 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013.06.04 21:53:34 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Malwarebytes
[2013.06.04 21:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.04 03:45:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\Anti-Malware
[2013.06.04 03:45:14 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Programs
[2013.05.30 13:18:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.05.30 13:09:04 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2013.05.30 13:09:04 | 000,083,864 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2013.05.24 12:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2013.06.21 01:59:14 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.21 01:59:14 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.21 01:52:16 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2013.06.21 01:52:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.21 01:51:58 | 1392,693,248 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.21 01:49:29 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2013.06.18 01:30:47 | 000,654,400 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.18 01:30:47 | 000,616,242 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.18 01:30:47 | 000,130,240 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.18 01:30:47 | 000,106,622 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.11 00:48:42 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.06.10 01:24:40 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.06.09 23:38:17 | 000,001,039 | ---- | M] () -- C:\Users\Christian\Desktop\ComboFix - Verknüpfung.lnk
[2013.06.08 03:59:28 | 000,000,000 | ---- | M] () -- C:\Users\Christian\defogger_reenable
[2013.06.08 03:53:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
[2013.06.05 03:13:44 | 000,000,079 | ---- | M] () -- C:\Windows\wininit.ini
[2013.05.30 13:10:45 | 000,001,952 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
========== Files Created - No Company Name ==========
[2013.06.11 00:48:42 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.06.09 23:38:17 | 000,001,039 | ---- | C] () -- C:\Users\Christian\Desktop\ComboFix - Verknüpfung.lnk
[2013.06.08 03:59:28 | 000,000,000 | ---- | C] () -- C:\Users\Christian\defogger_reenable
[2013.06.05 03:13:28 | 000,000,079 | ---- | C] () -- C:\Windows\wininit.ini
[2013.05.30 13:10:45 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.03.12 00:08:25 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2013.03.12 00:08:25 | 000,037,344 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2012.04.03 23:58:54 | 000,000,060 | ---- | C] () -- C:\Windows\ETKINST.INI
[2012.01.16 21:16:59 | 000,000,556 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.01.16 00:43:57 | 000,028,672 | ---- | C] () -- C:\Windows\System32\hlduinst.exe
[2012.01.16 00:43:56 | 000,006,836 | ---- | C] () -- C:\Windows\System32\UNWISE.INI
[2012.01.15 22:37:49 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.01.15 22:36:18 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.01.15 19:16:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.01.15 18:52:46 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012.01.15 18:52:45 | 000,233,765 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.12.23 21:58:28 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.12.23 21:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.12.23 21:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.12.23 21:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.02.10 21:03:53 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DVDVideoSoft
[2013.04.05 21:09:16 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DVSE GmbH
[2013.06.16 13:54:33 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\IrfanView
[2013.03.11 23:56:20 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Samsung
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:C68DE4A3
< End of report >
|
AdwCleaner auf deinen Desktop.