| Kumpelblase | 20.04.2010 15:29 |
Das ist genau der Bericht, den ich unter Speichern bekommen habe, nur eben in 7 Teile geteilt.
Nochmal zum blauen Bildschirm: Am Anfang, als ich mir den Virus eingefangen habe, erschien der ja nur, wenn ich ein Setup öffnete. Vorgestern aber erschien er, als ich meinen Laptop aufklappte, der vorher nicht abgemeldet oder heruntergefahren wurde. Code:
Malwarebytes' Anti-Malware 1.45
wxw.malwarebytes.org
Datenbank Version: 4012
Windows 6.0.6000
Internet Explorer 8.0.6001.18241
20.04.2010 16:15:27
mbam-log-2010-04-20 (16-15-27).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 123997
Laufzeit: 13 Minute(n), 4 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
OTL logfile created on: 20.04.2010 16:16:37 - Run 3
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\to\Documents\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 5,65 Gb Free Space | 10,11% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 54,43 Gb Total Space | 51,83 Gb Free Space | 95,22% Space Free | Partition Type: NTFS
Drive F: | 727,56 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TO-PC
Current User Name: to
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\to\Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 2.4\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Live\Family Safety\fssui.exe (Microsoft Corporation)
PRC - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Marmiko Shared\MWLaMaS.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
PRC - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe ()
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\PAStiSvc.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\to\Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll (Kaspersky Lab)
MOD - C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll (Kaspersky Lab)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20533_none_4634c4a0218d65c1\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (TOSHIBA Bluetooth Service) -- File not found
SRV - (LiveUpdate Notice Ex) -- File not found
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (Symantec Corporation)
SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (CFSvcs) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (SQLWriter) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (STI Simulator) -- C:\Windows\System32\PAStiSvc.exe ()
========== Driver Services (SafeList) ==========
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (klbg) -- C:\Windows\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
DRV - (KLFLTDEV) -- C:\Windows\System32\drivers\klfltdev.sys (Kaspersky Lab)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (MTOnlPktAlyX) -- C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (k510mgmt) Sony Ericsson K510 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\k510mgmt.sys (MCCI)
DRV - (k510bus) Sony Ericsson K510 Driver driver (WDM) -- C:\Windows\System32\drivers\k510bus.sys (MCCI)
DRV - (PAC7311) -- C:\Windows\System32\drivers\PA707UCM.SYS (PixArt Imaging Inc.)
DRV - (Iviaspi) -- C:\Windows\System32\drivers\iviaspi.sys (InterVideo, Inc.)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/service/redir/ie7_start.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.explorerstartpage.com/wspage.php
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/service/redir/ie7_start.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2528046
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2008.03.08 23:15:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\THBExt [2009.05.14 15:33:53 | 000,000,000 | ---D | M]
[2010.04.08 19:24:09 | 000,000,000 | ---D | M] -- C:\Users\to\AppData\Roaming\mozilla\Extensions
[2010.04.08 19:24:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\to\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.02.08 18:18:36 | 000,000,000 | ---D | M] -- C:\Users\to\AppData\Roaming\mozilla\Firefox\Profiles\sfhzp948.default\extensions
[2010.01.04 20:02:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\to\AppData\Roaming\mozilla\Firefox\Profiles\sfhzp948.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
O1 HOSTS File: ([2010.04.17 14:20:08 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live OneCare Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (jZip Webmail plugin) - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files\jZip\WebmailPlugin.dll (Discordia Limited)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Germany GmbH)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (jetztspielenob.de Toolbar) - {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (jetztspielenob.de Toolbar) - {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Germany GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (jetztspielenob.de Toolbar) - {FC01C2BE-850B-4115-9B6B-9A427DDECC34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fssui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] File not found
O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
O4 - HKLM..\Run: [TrustInstaller] F:\Setup.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKCU..\Run: [TOSCDSPD] File not found
O4 - Startup: C:\Users\to\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm ()
O9 - Extra Button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Computer, Inc.)
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - DefaultPrefix: hxxp://www.myhottersearchbox.com/not_found_de/?url=
O13 - gopher Prefix: missing
O13 - www Prefix: hxxp://www.myhottersearchbox.com/not_found_de/?url=
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://www.lokalisten.de/iup/ImageUploader4.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game04.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Users\to\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\to\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.01.26 10:41:23 | 000,000,000 | R--D | M] - F:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2007.01.26 10:36:30 | 000,700,416 | R--- | M] (Electronic Arts Inc.) - F:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2007.01.26 10:40:58 | 000,000,149 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2007.01.26 09:06:20 | 000,651,264 | R--- | M] (Electronic Arts Inc.) - F:\AutoRunGUI.dll -- [ UDF ]
O33 - MountPoints2\{6d0e919a-767a-11dc-9b6e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6d0e919a-767a-11dc-9b6e-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.01.26 10:36:30 | 000,700,416 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.04.17 15:08:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.04.17 15:07:38 | 000,000,000 | ---D | C] -- C:\Users\to\AppData\Roaming\SUPERAntiSpyware.com
[2010.04.17 15:07:38 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010.04.17 15:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010.04.17 14:18:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.04.17 09:21:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.17 09:21:52 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.16 14:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.16 14:07:23 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.15 17:07:22 | 000,000,000 | ---D | C] -- C:\Users\to\AppData\Roaming\Malwarebytes
[2010.04.15 17:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.15 17:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.04.14 13:51:57 | 003,502,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.14 13:51:57 | 003,468,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.14 13:51:20 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.14 13:51:02 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.14 13:51:02 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.04.14 13:50:56 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010.04.14 13:50:56 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010.04.13 18:12:53 | 000,000,000 | ---D | C] -- C:\Program Files\Pogo DE
[2010.04.10 18:46:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\oberon
[2010.04.10 18:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Games
[2010.04.08 19:24:05 | 000,000,000 | ---D | C] -- C:\Users\to\AppData\Roaming\Thunderbird
[2010.04.08 19:24:05 | 000,000,000 | ---D | C] -- C:\Users\to\AppData\Local\Thunderbird
[2010.03.28 23:00:53 | 000,000,000 | ---D | C] -- C:\Users\to\AppData\Roaming\Screaming Bee
[2010.03.28 22:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee
[2010.03.28 22:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\Screaming Bee
[2010.03.28 18:59:23 | 000,000,000 | ---D | C] -- C:\Users\to\AppData\Roaming\Skype
[2010.03.24 21:14:06 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2009.04.23 18:22:36 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd2.dll
[2009.04.23 18:22:36 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd2.dll
[2009.04.23 18:22:36 | 000,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd2.dll
========== Files - Modified Within 30 Days ==========
[2010.04.20 16:20:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{27858872-55CC-4814-BE2F-26142212BA87}.job
[2010.04.20 16:18:16 | 003,932,160 | -HS- | M] () -- C:\Users\to\ntuser.dat
[2010.04.20 16:09:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3378121828-3667255940-265597927-1000UA.job
[2010.04.20 15:49:52 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.20 15:49:52 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.20 13:54:07 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.04.20 13:49:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.20 13:49:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.20 13:49:24 | 2011,217,920 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.19 19:33:43 | 007,218,208 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2010.04.19 19:33:43 | 000,843,808 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox2.dat
[2010.04.19 19:33:43 | 000,058,520 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2010.04.19 19:33:43 | 000,003,964 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox2.idx
[2010.04.19 19:32:49 | 002,782,294 | -H-- | M] () -- C:\Users\to\AppData\Local\IconCache.db
[2010.04.19 18:09:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3378121828-3667255940-265597927-1000Core.job
[2010.04.19 17:03:17 | 000,000,412 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{971795F1-E289-4B03-9D5E-93D27018AF41}.job
[2010.04.18 18:24:39 | 000,007,437 | ---- | M] () -- C:\Users\to\Desktop\dasf.odt
[2010.04.17 15:07:45 | 000,000,907 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.04.17 14:20:08 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010.04.17 09:21:58 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.16 17:11:34 | 000,001,804 | ---- | M] () -- C:\Windows\System32\%LocalXml%
[2010.04.16 16:21:00 | 000,012,135 | ---- | M] () -- C:\Users\to\Desktop\sonstiges.odt
[2010.04.15 17:01:58 | 000,136,432 | ---- | M] () -- C:\Users\to\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.15 17:00:29 | 000,459,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.14 19:26:59 | 000,618,730 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.14 19:26:58 | 000,651,644 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.04.14 19:26:58 | 000,121,424 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.04.14 19:26:58 | 000,107,874 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.14 19:26:57 | 001,488,910 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.11 00:49:18 | 000,053,248 | -H-- | M] () -- C:\Users\to\Desktop\photothumb.db
[2010.04.09 15:41:19 | 000,001,037 | ---- | M] () -- C:\Users\to\Desktop\DVDVideoSoft Free Studio.lnk
[2010.03.31 23:10:04 | 000,002,032 | ---- | M] () -- C:\Users\to\Desktop\Google Chrome.lnk
[2010.03.29 15:51:38 | 000,011,776 | ---- | M] () -- C:\Users\to\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.29 15:48:31 | 000,002,339 | ---- | M] () -- C:\Users\to\Desktop\Windows Movie Maker 2.6.lnk
[2010.03.29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.03.29 15:24:46 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.03.28 19:02:15 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
========== Files Created - No Company Name ==========
[2010.04.17 20:05:54 | 000,007,437 | ---- | C] () -- C:\Users\to\Desktop\dasf.odt
[2010.04.17 15:07:45 | 000,000,907 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.04.17 10:37:31 | 000,002,001 | ---- | C] () -- C:\Users\to\Desktop\Solid Edge V20.lnk
[2010.04.17 09:21:58 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.11 00:49:17 | 000,053,248 | -H-- | C] () -- C:\Users\to\Desktop\photothumb.db
[2010.03.31 23:24:50 | 000,012,135 | ---- | C] () -- C:\Users\to\Desktop\sonstiges.odt
[2010.03.28 19:02:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.11.29 19:05:56 | 000,014,049 | ---- | C] () -- C:\Users\to\AppData\Roaming\karina.xml
[2009.11.29 19:03:30 | 000,000,789 | ---- | C] () -- C:\Users\to\AppData\Roaming\users.xml
[2009.04.23 18:22:40 | 000,015,532 | ---- | C] () -- C:\Windows\snpstd2.ini
[2009.04.23 18:22:37 | 000,343,680 | ---- | C] () -- C:\Windows\System32\drivers\snpstd2.sys
[2009.04.02 14:31:17 | 000,009,057 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2009.03.13 16:34:16 | 000,000,074 | ---- | C] () -- C:\Users\to\AppData\Local\adv.ini
[2008.11.24 21:33:32 | 000,000,088 | RHS- | C] () -- C:\ProgramData\3C209F2962.sys
[2008.11.24 21:33:31 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2008.08.19 21:26:39 | 000,000,009 | ---- | C] () -- C:\Windows\ulead32.ini
[2008.03.26 23:26:24 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008.01.09 20:45:17 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2007.12.28 16:48:20 | 000,000,680 | ---- | C] () -- C:\Users\to\AppData\Local\d3d9caps.dat
[2007.12.14 16:20:39 | 000,000,090 | ---- | C] () -- C:\Users\to\AppData\Local\fusioncache.dat
[2007.10.17 18:33:05 | 000,011,776 | ---- | C] () -- C:\Users\to\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.10.17 14:16:27 | 000,000,016 | -H-- | C] () -- C:\Users\to\AppData\Roaming\mxfilerelatedcache.mxc2
[2007.10.17 14:16:27 | 000,000,016 | -H-- | C] () -- C:\Users\to\AppData\Local\mxfilerelatedcache.mxc2
[2007.10.17 14:16:25 | 000,000,016 | -H-- | C] () -- C:\Users\to\mxfilerelatedcache.mxc2
[2007.10.10 08:26:42 | 000,000,020 | -HS- | C] () -- C:\Users\to\ntuser.ini
[2007.10.10 08:26:41 | 000,524,288 | -HS- | C] () -- C:\Users\to\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2007.10.10 08:26:41 | 000,524,288 | -HS- | C] () -- C:\Users\to\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2007.10.10 08:26:41 | 000,262,144 | -H-- | C] () -- C:\Users\to\ntuser.dat.LOG1
[2007.10.10 08:26:41 | 000,065,536 | -HS- | C] () -- C:\Users\to\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2007.10.10 08:26:41 | 000,000,000 | -H-- | C] () -- C:\Users\to\ntuser.dat.LOG2
[2007.10.10 08:26:40 | 003,932,160 | -HS- | C] () -- C:\Users\to\ntuser.dat
[2007.10.09 17:21:16 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.10.09 17:21:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.10.09 17:21:16 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.10.09 17:21:16 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.05.31 16:05:10 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.05.31 15:41:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007.05.31 15:41:48 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007.05.31 15:41:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007.05.31 15:41:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007.05.31 15:41:48 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007.05.31 15:41:48 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.05.31 15:32:33 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.05.31 15:20:33 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007.05.31 14:49:39 | 000,000,291 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007.05.31 14:47:52 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.12.05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 10:31:23 | 000,589,824 | ---- | C] () -- C:\Windows\System32\jayr3tp1.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.11.23 13:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005.07.22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000096.DLL
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:EB603FE4
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:9E3E060F
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:50631D57
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:9AB338B9
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:67BA17B9
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:E945C214
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:31F2397C
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:A18D1A5B
@Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP:403264CC
@Alternate Data Stream - 176 bytes -> C:\ProgramData\TEMP:F50F1555
@Alternate Data Stream - 164 bytes -> C:\ProgramData\TEMP:D88D995C
@Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:18AE7C5A
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:8EEE3BBB
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:5E3FBF9D
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:A696643D
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:158CC5FF
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:E1982A23
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:5EBA4934
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:5345C8F6
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:CEE4A457
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:89C28CF6
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:89123481
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:3D186293
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:F42CF153
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:E0A3E0DB
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:3AE22B1A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:273A8657
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:588B60C7
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:F84B8DB5
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:BAC2F271
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:A08FFD4D
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:EDC744FB
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:8FBE0E9C
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:5F538558
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:1D6686D8
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:E80802C7
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:912389B7
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:551BED5F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:FDDD8917
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:EC7C9796
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:C0D722EB
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:B845F669
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FA8B212D
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C928F3BE
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:7972CF54
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:101708D3
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:0D31DA45
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:0B61DB9F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:90865A6D
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3B812EE0
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:053BAE56
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:D8A7F3FF
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:55F44B88
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E4FCDFD9
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D66B5EAE
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:567AC0A6
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:3A6BC948
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:38B32B54
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:CD9109D4
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:7E95B6FD
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:7CEDF9F3
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:177313FB
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:05E0618E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:ABE89FFE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:EF0D9BBA
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:BB48E5A3
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:74699137
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:598E0FFA
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:41099CE9
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:38E2864F
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E855BDCF
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A3B8F70C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:753B0F80
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:700CD00E
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:52B72A7C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:4363DE71
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:42228396
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:2871B698
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:FB97DB91
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:F951183D
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:7B52659E
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:E71141D2
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:C9FD258B
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:C8E82994
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:B4980368
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:A58B27C9
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:9ACB70D7
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:EC2381A4
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:91486201
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:6A97C459
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:57EE48CA
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:48FEA089
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3E06C78F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:375FC7E7
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:0F0A5896
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:81ED9272
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:4A1628E5
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:3CD562B4
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A6346EE9
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:3FD496E1
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:22313216
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:D055FC10
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:CF5C4195
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:9C56C790
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:B268A25C
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:9398DBB4
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:81653DC8
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:3CF23EC3
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:CC7738DB
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:B12D1A7D
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:6BD1DCDD
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:61E5F0F7
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:4FE30352
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:2B1EA607
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:DA3C6C07
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:70E897B5
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:6C5EC3CD
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:39C7B7C6
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:EE3A2438
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:A4F0E644
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:5E1404CE
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:4E6B8D68
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:EF794BCD
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:C4A1F01E
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:2F141B68
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:2E49FF93
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:D0668210
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:943D6A82
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:5466F106
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:43301D1D
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:E5AFE07D
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:561B1D2B
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:523B97A0
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:24FECE50
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:08D8BB20
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:FDCAE7B5
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:2ABEB9EB
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:05816AFA
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:FC4EA67C
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D8DB81DC
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D507B5A8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:92A815D8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:80B291A7
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:225CD7D5
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:EA2FBCA1
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:9B52F176
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:569CEE83
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:2B99FE60
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:126591AF
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:D2D4B33E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:CE7C61DF
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:53DF59D1
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:331B76C7
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:DF2EA4BB
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D48500F8
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:C0A9D0E7
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:5BC73C48
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:E32966C0
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:F14D1F80
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:DAAE6F43
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:BDF08FAF
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:4E903DEB
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:1CB8D545
< End of report >
|
