| loreenfsv | 04.10.2012 20:17 |
Seite konnte nicht geladen werden, Abgesicherter Modus geht nicht
Hallo zusammen,
könnt ihr mir bitte helfen ich erhalte folgenden Inahlt aus dem Scan:OTL Logfile: Code:
OTL logfile created on: 10/5/2012 12:10:19 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 83.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WIN | %ProgramFiles% = C:\Program Files
Drive C: | 24.42 Gb Total Space | 5.29 Gb Free Space | 21.65% Space Free | Partition Type: NTFS
Drive D: | 87.37 Gb Total Space | 1.45 Gb Free Space | 1.65% Space Free | Partition Type: NTFS
Drive F: | 1.86 Gb Total Space | 1.85 Gb Free Space | 99.68% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto] -- -- (msupdate)
SRV - [2012/09/17 00:23:14 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\program files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/02 08:12:50 | 000,161,736 | ---- | M] (Oracle Corporation) [Auto] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/05/04 12:56:56 | 000,345,616 | ---- | M] (Trend Micro Inc.) [On_Demand] -- C:\Program Files\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2010/09/06 12:56:38 | 000,247,096 | ---- | M] () [Auto] -- C:\program files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010/03/22 09:53:24 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\program files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2010/02/02 11:35:20 | 001,337,488 | ---- | M] (Trend Micro Inc.) [Auto] -- C:\Program Files\OfficeScan NT\tmlisten.exe -- (tmlisten)
SRV - [2010/02/02 11:33:18 | 001,385,768 | ---- | M] (Trend Micro Inc.) [Auto] -- C:\Program Files\OfficeScan NT\ntrtscan.exe -- (ntrtscan)
SRV - [2010/01/07 05:42:50 | 000,689,416 | ---- | M] (Trend Micro Inc.) [On_Demand] -- C:\Program Files\OfficeScan NT\TmProxy.exe -- (TmProxy)
SRV - [2009/11/25 04:41:28 | 001,740,800 | ---- | M] (iPass, Inc.) [Auto] -- C:\program files\iPassConnect RLA\iPassConnectEngine.exe -- (iPassConnectEngine)
SRV - [2009/11/25 04:32:12 | 000,167,936 | ---- | M] (iPass, Inc.) [Auto] -- C:\program files\iPassConnect RLA\iPassPeriodicUpdateApp.exe -- (iPassPeriodicUpdateApp)
SRV - [2009/11/25 04:32:12 | 000,114,688 | ---- | M] (iPass, Inc.) [Auto] -- C:\program files\iPassConnect RLA\iPassPeriodicUpdateService.exe -- (iPassPeriodicUpdateService)
SRV - [2009/10/09 04:07:22 | 000,493,248 | ---- | M] (Cisco Systems, Inc.) [Auto] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2008/10/29 11:51:01 | 000,068,865 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008/10/29 11:50:56 | 000,151,297 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008/02/28 11:51:20 | 000,007,168 | ---- | M] () [Auto] -- C:\Program Files\Fujitsu Siemens Computers\WhoAmI\MgmtService.exe -- (MgmtSvc)
SRV - [2007/04/12 21:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WIN\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2007/02/25 15:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2005/06/10 13:59:56 | 001,422,336 | ---- | M] (Cisco Systems, Inc.) [Auto] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2005/02/25 05:42:46 | 000,466,944 | ---- | M] (Lexmark International, Inc.) [On_Demand] -- C:\WIN\System32\lxcccoms.exe -- (lxcc_device)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (PCASp50)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2012/04/19 19:18:56 | 000,073,008 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\WIN\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2012/04/19 19:18:42 | 000,060,648 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\WIN\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2012/04/13 04:41:10 | 000,205,408 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\WIN\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2012/03/28 16:11:02 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand] -- C:\WIN\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011/07/12 04:44:10 | 000,262,416 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\program files\OfficeScan NT\TmXpflt.sys -- (TmFilter)
DRV - [2011/07/12 04:43:58 | 000,036,624 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\program files\OfficeScan NT\TmPreflt.sys -- (TmPreFilter)
DRV - [2011/07/12 04:09:32 | 001,405,720 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\program files\OfficeScan NT\VsapiNT.sys -- (VSApiNt)
DRV - [2011/06/02 01:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WIN\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/06/02 01:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WIN\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/06/02 01:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WIN\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/07/16 08:02:44 | 000,090,256 | ---- | M] (Trend Micro Inc.) [Kernel | System] -- C:\WIN\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/04/26 02:30:09 | 000,021,393 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\WIN\system32\drivers\iPassP.sys -- (iPassP) iPass Protocol (IEEE 802.1x)
DRV - [2009/12/14 03:21:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WIN\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/10/09 03:50:50 | 000,020,152 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\vpnva.sys -- (vpnva)
DRV - [2009/05/28 06:43:14 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WIN\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/05/28 06:43:11 | 000,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand] -- C:\program files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2009/05/28 06:43:10 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\program files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2008/04/13 18:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WIN\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 18:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WIN\system32\drivers\mpe.sys -- (MPE)
DRV - [2007/11/08 13:03:26 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System] -- C:\WIN\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/08/07 09:00:00 | 004,419,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/08/07 09:00:00 | 002,203,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WIN\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/08/07 09:00:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\smserial.sys -- (smserial)
DRV - [2007/08/07 09:00:00 | 000,259,712 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\WIN\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007/08/07 09:00:00 | 000,056,573 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/11 08:25:28 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WIN\system32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007/05/24 08:27:30 | 000,064,000 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\WIN\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/05/14 04:26:10 | 000,508,288 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007/04/24 07:20:06 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WIN\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/04/13 04:20:46 | 000,024,064 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\RTL2831UUSB.sys -- (RTL2831UUSB)
DRV - [2007/04/13 04:04:30 | 000,062,720 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\RTL2831UBDA.sys -- (RTL2831UBDA)
DRV - [2007/04/12 21:50:00 | 000,023,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WIN\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2007/03/01 10:53:10 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007/01/22 04:43:26 | 000,053,376 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WIN\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006/11/20 11:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WIN\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/10/10 13:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WIN\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/09/28 05:47:48 | 000,283,776 | ---- | M] (AfaTech ) [Kernel | On_Demand] -- C:\WIN\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2005/07/11 12:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005/06/10 13:58:16 | 000,298,571 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2005/05/16 22:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2005/02/23 09:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\afc.sys -- (Afc)
DRV - [2005/01/25 22:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand] -- C:\WIN\system32\vsdatant.sys -- (vsdatant)
DRV - [2005/01/06 23:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/11/03 06:07:24 | 000,146,888 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand] -- C:\WIN\system32\drivers\dne2000.sys -- (DNE)
DRV - [2004/08/04 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WIN\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WIN\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/01/22 08:23:36 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto] -- C:\WIN\system32\drivers\zntport.sys -- (zntport)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://my.fsc.net/
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WIN\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.fsc.net/
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\program files\ICQ6Toolbar\1010291500\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_D\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WIN\system32\blank.htm
IE - HKU\Administrator_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.fsc.net/
IE - HKU\Administrator_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\FSC_WXPINST_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.fsc.net/
IE - HKU\FSC_WXPINST_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\FSCpwReset_ON_D\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WIN\system32\blank.htm
IE - HKU\FSCpwReset_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.fsc.net/
IE - HKU\FSCpwReset_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\FSCpwReset_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKU\FSCpwReset_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
IE - HKU\LocalService.NT-AUTORITÄT.001_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.fsc.net/
IE - HKU\LocalService.NT-AUTORITÄT.001_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\MCHFROEHLICHL_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.qip.ru
IE - HKU\MCHFROEHLICHL_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKU\MCHFROEHLICHL_ON_D\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WIN\system32\blank.htm
IE - HKU\MCHFROEHLICHL_ON_D\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKU\MCHFROEHLICHL_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\MCHFROEHLICHL_ON_D\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru
IE - HKU\MCHFROEHLICHL_ON_D\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\MCHFROEHLICHL_ON_D\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\program files\ICQ6Toolbar\1010291500\ICQToolBar.dll (ICQ)
IE - HKU\MCHFROEHLICHL_ON_D\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\program files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\MCHFROEHLICHL_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\MCHFROEHLICHL_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;localhost.*;127.0.0.*;*.fsc.net;fireball.cognitas.de;141.29.*;149.202.90.*;149.202.148.*;10.*;172.*;192.168.*;<local>;*.local
IE - HKU\MCHFROEHLICHL_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.mch.fsc.net:81
IE - HKU\MCHFROEHLICHL_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://proxyconf.fsc.net
IE - HKU\NetworkService.NT-AUTORITÄT.001_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.fsc.net/
IE - HKU\NetworkService.NT-AUTORITÄT.001_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\systemprofile_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.fsc.net/
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\xlabautologon.MCH1263N.000_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.fsc.net/
IE - HKU\xlabautologon.MCH1263N.000_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\xlabautologon.MCH1263N.001_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.fsc.net/
IE - HKU\xlabautologon.MCH1263N.001_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\xlabautologon.MCH1263N.002_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.fsc.net/
IE - HKU\xlabautologon.MCH1263N.002_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WIN\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WIN\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\program files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\program files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\program files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\program files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\program files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\WIN\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\program files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\program files\Microsoft Silverlight\4.0.50524.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WIN\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: d:\Profiles\MCHFROEHLICHL\Application Data\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\program files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\program files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/06 21:12:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\program files\Mozilla Firefox\components [2012/09/17 00:23:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\program files\Mozilla Firefox\plugins [2011/05/13 02:25:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.5\extensions\\Components: C:\program files\Mozilla Thunderbird\components [2010/07/25 17:59:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.5\extensions\\Plugins: C:\program files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}: C:\Program Files\Mobile Master\ext\1\ [2011/08/13 10:39:09 | 000,000,000 | ---D | M]
[2011/11/27 17:27:47 | 000,000,000 | ---D | M] (No name found) -- C:\program files\Mozilla Firefox\extensions
[2009/11/22 16:30:45 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009/01/08 05:56:40 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(2)
[2012/09/17 00:23:17 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/04/12 11:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/02/24 08:49:56 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/09/17 00:23:07 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/24 08:49:56 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/24 08:49:56 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/24 08:49:56 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/24 08:49:56 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - C:\WIN\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\program files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\program files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\program files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\program files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\program files\ICQ6Toolbar\1010291500\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\program files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\Administrator_ON_D\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\Administrator_ON_D\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\MCHFROEHLICHL_ON_D\..\Toolbar\ShellBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\MCHFROEHLICHL_ON_D\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\MCHFROEHLICHL_ON_D\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\program files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WIN\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CfgDownload] C:\program files\IXOS\bin\CfgDownload.exe (IXOS SOFTWARE AG - an Open Text company)
O4 - HKLM..\Run: [Communicator] C:\Program Files\Microsoft Office Communicator\communicator.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CoolSwitch] C:\WIN\system32\TaskSwitch.exe ()
O4 - HKLM..\Run: [Driver Fetch] C:\Program Files\Driver Fetch\2.3.0.8\DriverFetch.exe ()
O4 - HKLM..\Run: [IR_SERVER] C:\program files\Realtek\REALTEK DVB-T USB DEVICE\IR_SERVER.exe (Realtek)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\program files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LXCCCATS] C:\WIN\System32\spool\DRIVERS\W32X86\3\LXCCtime.DLL ()
O4 - HKLM..\Run: [lxccmon.exe] File not found
O4 - HKLM..\Run: [Monitor] C:\WIN\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files\OfficeScan NT\pccntmon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\program files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TouchPadHotKey] C:\program files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()
O4 - HKU\FSCpwReset_ON_D..\Run: [DrvMon.exe] File not found
O4 - HKU\FSCpwReset_ON_D..\Run: [IECheck] File not found
O4 - HKU\MCHFROEHLICHL_ON_D..\Run: [ICQ] C:\program files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\MCHFROEHLICHL_ON_D..\Run: [iqjogtkhqqzeytq] C:\WIN\iqjogtkh.exe ()
O4 - HKU\MCHFROEHLICHL_ON_D..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\MCHFROEHLICHL_ON_D..\Run: [KiesPDLR] C:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\MCHFROEHLICHL_ON_D..\Run: [KiesTrayAgent] C:\program files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\MCHFROEHLICHL_ON_D..\Run: [MirandaIM] C:\Program Files\Miranda IM\miranda32.exe ( )
O4 - HKU\MCHFROEHLICHL_ON_D..\Run: [MMAgent] C:\program files\Mobile Master\MMAgent.exe (Jumping Bytes)
O4 - HKU\FSC_WXPINST_ON_D..\RunOnce: [NewUser] C:\WIN\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\FSC_WXPINST_ON_D..\RunOnce: [tscuninstall] C:\WIN\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\LocalService.NT-AUTORITÄT.001_ON_D..\RunOnce: [NewUser] C:\WIN\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\LocalService.NT-AUTORITÄT.001_ON_D..\RunOnce: [tscuninstall] C:\WIN\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\NetworkService.NT-AUTORITÄT.001_ON_D..\RunOnce: [NewUser] C:\WIN\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\NetworkService.NT-AUTORITÄT.001_ON_D..\RunOnce: [tscuninstall] C:\WIN\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\systemprofile_ON_C..\RunOnce: [NewUser] C:\WIN\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\systemprofile_ON_C..\RunOnce: [tscuninstall] C:\WIN\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\xlabautologon.MCH1263N.000_ON_D..\RunOnce: [NewUser] C:\WIN\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\xlabautologon.MCH1263N.000_ON_D..\RunOnce: [tscuninstall] C:\WIN\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\xlabautologon.MCH1263N.001_ON_D..\RunOnce: [NewUser] C:\WIN\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\xlabautologon.MCH1263N.001_ON_D..\RunOnce: [tscuninstall] C:\WIN\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\xlabautologon.MCH1263N.002_ON_D..\RunOnce: [NewUser] C:\WIN\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\xlabautologon.MCH1263N.002_ON_D..\RunOnce: [tscuninstall] C:\WIN\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: d:\Profiles\All Users\Start Menu\Programs\Startup\AIS Auto Assistant.lnk = C:\WIN\Installer\{78A968B3-AA7C-472C-9A7A-3104B92DDEC8}\_8DE2246EBDF26D198B98D4.exe ()
O4 - Startup: d:\Profiles\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: d:\Profiles\All Users\Start Menu\Programs\Startup\WirelessSelector.lnk = C:\program files\FSC\Wireless Utility\WirelessSelector.exe (ITE Tech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonType = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\FSC_WXPINST_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogoff = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuNetworkPlaces = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecycleFiles = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoExpandedNewMenu = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: SpecifyDefaultButtons = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Search = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Favorites = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Folders = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_MailNews = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Discussions = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Size = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Media = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_History = 2
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 67108863
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 67108863
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\FSCpwReset_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\LocalService.NT-AUTORITÄT.001_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\MCHFROEHLICHL_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\MCHFROEHLICHL_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\MCHFROEHLICHL_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKU\MCHFROEHLICHL_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\MCHFROEHLICHL_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWebServices = 1
O7 - HKU\NetworkService.NT-AUTORITÄT.001_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\xlabautologon.MCH1263N.000_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\xlabautologon.MCH1263N.001_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\xlabautologon.MCH1263N.002_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WIN\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - C:\Program Files\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - C:\Program Files\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\program files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\program files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\program files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WIN\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\program files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: cytric.net ([kallisto] * in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: webex.com ([fujitsu-siemens] * in Trusted sites)
O15 - HKU\MCHFROEHLICHL_ON_D\..Trusted Domains: webex.com ([fujitsu-siemens] * in Trusted sites)
O16 - DPF: {4D675B26-6F56-4410-B20F-AE6BF305D696} hxxp://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/19221/applets/SiebelAx_OutBound_mail.cab (Siebel Email Support for Microsoft Outlook and Lotus Notes)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8C244272-1DC1-4CE7-9C6C-FABCA09EB543} hxxp://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/19221/applets/SiebelAx_Desktop_Integration.cab (Siebel Desktop Integration)
O16 - DPF: {9FE53AD1-6AC3-4C41-927D-1BEE9E4F683E} hxxp://ecrm.fujitsu-siemens.com/fsc_ecrm_deu/19221/applets/SiebelAx_HI_Client.cab (Siebel High Interactivity Framework)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mch.fsc.net
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - C:\program files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - C:\program files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\program files\common files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WIN\explorer.exe (Microsoft Corporation)
O20 - HKU\FSCpwReset_ON_D Winlogon: Shell - ("%ProgramFiles%\AIS\AIS Password Reset\bin\AISPasswordReset.exe") - C:\Program Files\AIS\AIS Password Reset\bin\AISPasswordReset.exe (Fujitsu Siemens Computers)
O24 - Desktop WallPaper: C:\\WIN\\FSCBg.bmp
O24 - Desktop BackupWallPaper: C:\\WIN\\FSCBg.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\program files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WIN\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/14 00:33:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/10/04 13:34:07 | 000,000,000 | ---D | C] -- d:\Profiles\All Users\Application Data\dvfiscwvqnqxldt
[2009/08/04 04:53:47 | 003,145,728 | ---- | C] (SAP Technology,Inc) -- C:\Program Files\Common Files\sapxlhelper.dll
[2009/08/04 04:53:46 | 000,626,688 | ---- | C] (SAP AG) -- C:\Program Files\Common Files\sapconsaccess.dll
[2009/08/04 04:53:46 | 000,192,512 | ---- | C] (SAP Tech Inc.) -- C:\Program Files\Common Files\sapconsr3.dll
[2009/08/04 04:53:44 | 000,040,960 | ---- | C] (SAP-TECHNOLOGY) -- C:\Program Files\Common Files\DigitalSignature.ocx
[4 C:\WIN\System32\dllcache\*.tmp files -> C:\WIN\System32\dllcache\*.tmp -> ]
[4 C:\WIN\System32\*.tmp files -> C:\WIN\System32\*.tmp -> ]
[1 C:\WIN\*.tmp files -> C:\WIN\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/10/04 16:51:51 | 000,001,108 | ---- | M] () -- C:\WIN\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/04 16:51:02 | 000,002,048 | --S- | M] () -- C:\WIN\bootstat.dat
[2012/10/04 14:04:28 | 001,119,904 | ---- | M] () -- d:\Profiles\LocalService.NT-AUTORITÄT.001\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/10/04 13:40:00 | 000,002,206 | ---- | M] () -- C:\WIN\System32\wpa.dbl
[2012/10/04 13:34:07 | 000,076,332 | ---- | M] () -- d:\Profiles\All Users\Application Data\cvlbjfoywetcmod
[2012/10/04 13:33:34 | 000,105,984 | ---- | M] () -- d:\Profiles\All Users\Application Data\iqjogtkh.exe
[2012/10/04 13:33:34 | 000,105,984 | ---- | M] () -- C:\WIN\iqjogtkh.exe
[2012/10/04 13:33:34 | 000,105,984 | ---- | M] () -- d:\Profiles\MCHFROEHLICHL\0.9324305572022961.exe
[2012/10/04 13:11:00 | 000,001,112 | ---- | M] () -- C:\WIN\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/22 08:05:33 | 000,000,664 | ---- | M] () -- C:\WIN\System32\d3d9caps.dat
[2012/09/05 13:17:56 | 000,074,860 | ---- | M] () -- d:\Profiles\MCHFROEHLICHL\Desktop\holi.jpg
[4 C:\WIN\System32\dllcache\*.tmp files -> C:\WIN\System32\dllcache\*.tmp -> ]
[4 C:\WIN\System32\*.tmp files -> C:\WIN\System32\*.tmp -> ]
[1 C:\WIN\*.tmp files -> C:\WIN\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/10/04 13:34:06 | 000,105,984 | ---- | C] () -- C:\WIN\iqjogtkh.exe
[2012/10/04 13:34:05 | 000,105,984 | ---- | C] () -- d:\Profiles\All Users\Application Data\iqjogtkh.exe
[2012/10/04 13:33:39 | 000,076,332 | ---- | C] () -- d:\Profiles\All Users\Application Data\cvlbjfoywetcmod
[2012/10/04 13:33:34 | 000,105,984 | ---- | C] () -- d:\Profiles\MCHFROEHLICHL\0.9324305572022961.exe
[2012/09/05 13:17:55 | 000,074,860 | ---- | C] () -- d:\Profiles\MCHFROEHLICHL\Desktop\holi.jpg
[2012/06/02 13:43:48 | 000,000,838 | ---- | C] () -- d:\Profiles\MCHFROEHLICHL\.recently-used.xbel
[2011/09/13 15:09:02 | 000,012,887 | ---- | C] () -- d:\Profiles\MCHFROEHLICHL\.TransferManager.db
[2011/06/19 17:13:07 | 000,001,141 | ---- | C] () -- C:\WIN\cdplayer.ini
[2011/06/07 18:17:34 | 000,000,000 | ---- | C] () -- d:\Profiles\MCHFROEHLICHL\Application Data\.NANotifyHere
[2011/04/30 11:40:46 | 000,102,400 | ---- | C] () -- C:\WIN\RegBootClean.exe
[2011/04/27 08:19:32 | 000,030,568 | ---- | C] () -- C:\WIN\MusiccityDownload.exe
[2011/04/27 08:19:30 | 000,974,848 | ---- | C] () -- C:\WIN\System32\cis-2.4.dll
[2011/04/27 08:19:30 | 000,081,920 | ---- | C] () -- C:\WIN\System32\issacapi_bs-2.3.dll
[2011/04/27 08:19:30 | 000,065,536 | ---- | C] () -- C:\WIN\System32\issacapi_pe-2.3.dll
[2011/04/27 08:19:30 | 000,057,344 | ---- | C] () -- C:\WIN\System32\issacapi_se-2.3.dll
[2010/07/17 15:15:33 | 001,119,904 | ---- | C] () -- d:\Profiles\LocalService.NT-AUTORITÄT.001\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/04/26 02:30:08 | 000,356,352 | ---- | C] () -- C:\WIN\System32\iPassI5Installer.exe
[2010/03/29 13:17:56 | 000,110,592 | ---- | C] () -- C:\WIN\System32\FsUsbExDevice.Dll
[2010/03/29 13:17:56 | 000,036,608 | ---- | C] () -- C:\WIN\System32\FsUsbExDisk.Sys
[2010/03/29 13:17:43 | 000,002,528 | ---- | C] () -- d:\Profiles\MCHFROEHLICHL\Application Data\$_hpcst$.hpc
[2009/12/07 08:14:28 | 000,008,575 | ---- | C] () -- C:\WIN\cfgrt_ex.ini
[2009/11/14 12:13:08 | 000,004,096 | ---- | C] () -- C:\WIN\d3dx.dat
[2009/10/06 03:16:00 | 000,819,200 | ---- | C] () -- C:\WIN\System32\xvidcore.dll
[2009/09/08 08:38:02 | 000,040,960 | ---- | C] () -- C:\WIN\System32\lxccvs.dll
[2009/08/18 12:07:40 | 000,000,245 | ---- | C] () -- C:\WIN\System32\AF15IRTBL.bin
[2009/08/12 03:23:05 | 000,000,094 | ---- | C] () -- C:\WIN\FileArc.ini
[2009/08/04 11:56:41 | 000,000,664 | ---- | C] () -- C:\WIN\System32\d3d9caps.dat
[2009/08/04 04:53:45 | 000,949,760 | ---- | C] () -- C:\Program Files\Common Files\SAPActiveXL_nosig.xlt
[2009/08/04 04:53:44 | 000,955,904 | ---- | C] () -- C:\Program Files\Common Files\SAPActiveXL.xlt
[2009/06/11 16:45:38 | 000,000,098 | ---- | C] () -- C:\WIN\WirelessFTP.INI
[2009/04/20 07:50:08 | 000,000,122 | ---- | C] () -- d:\Profiles\MCHFROEHLICHL\Local Settings\Application Data\fusioncache.dat
[2009/04/20 07:35:30 | 000,175,616 | ---- | C] () -- C:\WIN\System32\h5menu32.dll
[2009/04/20 07:35:30 | 000,095,744 | ---- | C] () -- C:\WIN\System32\h5rtf32.dll
[2009/04/20 07:35:30 | 000,051,200 | ---- | C] () -- C:\WIN\System32\h5tool32.dll
[2009/04/20 07:35:29 | 001,064,960 | ---- | C] () -- C:\WIN\System32\h5krnl32.dll
[2009/04/20 07:35:28 | 000,188,928 | ---- | C] () -- C:\WIN\System32\h5icon32.dll
[2009/03/16 06:33:06 | 000,017,920 | ---- | C] () -- d:\Profiles\MCHFROEHLICHL\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/22 06:18:43 | 000,037,300 | RHS- | C] () -- d:\Profiles\MCHFROEHLICHL\ntuser.pol
[2008/12/10 04:30:48 | 000,015,770 | R--- | C] () -- C:\WIN\saplogon_dev_inte.ini
[2008/12/10 04:30:48 | 000,012,010 | R--- | C] () -- C:\WIN\saplogon_e.ini
[2008/12/10 04:30:48 | 000,011,994 | R--- | C] () -- C:\WIN\saplogon_d.ini
[2008/12/10 04:30:48 | 000,011,305 | ---- | C] () -- C:\WIN\saplogon.ini
[2008/12/10 04:30:48 | 000,000,214 | ---- | C] () -- C:\WIN\sapmsg.ini
[2008/12/10 04:29:03 | 000,015,872 | ---- | C] () -- C:\WIN\System32\vtssm32.dll
[2008/11/25 17:29:30 | 000,000,000 | ---- | C] () -- C:\WIN\tosOBEX.INI
[2008/11/22 15:42:58 | 000,363,520 | ---- | C] () -- C:\WIN\System32\psisdecd.dll
[2008/10/22 13:14:41 | 000,000,056 | -H-- | C] () -- C:\WIN\System32\ezsidmv.dat
[2008/10/22 13:03:17 | 000,000,314 | ---- | C] () -- C:\WIN\System32\Remover.ini
[2008/10/17 14:58:58 | 000,000,049 | ---- | C] () -- C:\WIN\NeroDigital.ini
[2008/10/17 13:22:16 | 000,000,000 | ---- | C] () -- C:\WIN\nsreg.dat
[2008/08/14 02:27:39 | 000,003,985 | ---- | C] () -- C:\WIN\ODBCINST.INI
[2008/08/14 02:27:09 | 000,230,800 | ---- | C] () -- C:\WIN\System32\FNTCACHE.DAT
[2008/08/14 01:17:08 | 000,000,364 | ---- | C] () -- C:\WIN\ODBC.INI
[2008/08/14 01:02:37 | 000,024,576 | ---- | C] () -- C:\WIN\xpdefrag.exe
[2008/08/14 00:55:57 | 000,204,800 | ---- | C] () -- C:\WIN\System32\igfxCoIn_v4833.dll
[2008/08/14 00:55:55 | 000,910,464 | ---- | C] () -- C:\WIN\System32\igmedkrn.dll
[2008/08/14 00:55:10 | 000,000,465 | ---- | C] () -- C:\WIN\SMSCFG.ini
[2008/08/14 00:53:08 | 000,017,375 | ---- | C] () -- C:\WIN\cfgall.ini
[2008/08/14 00:37:54 | 000,002,048 | --S- | C] () -- C:\WIN\bootstat.dat
[2008/08/14 00:32:19 | 000,021,640 | ---- | C] () -- C:\WIN\System32\emptyregdb.dat
[2008/08/14 00:22:36 | 000,000,298 | ---- | C] () -- C:\WIN\System32\OEMINFO.INI
[2008/08/14 00:19:35 | 000,004,569 | ---- | C] () -- C:\WIN\System32\secupd.dat
[2008/08/14 00:19:12 | 000,478,966 | ---- | C] () -- C:\WIN\System32\perfh009.dat
[2008/08/14 00:19:12 | 000,272,128 | ---- | C] () -- C:\WIN\System32\perfi009.dat
[2008/08/14 00:19:12 | 000,084,192 | ---- | C] () -- C:\WIN\System32\perfc009.dat
[2008/08/14 00:19:12 | 000,028,626 | ---- | C] () -- C:\WIN\System32\perfd009.dat
[2008/08/14 00:19:07 | 000,004,463 | ---- | C] () -- C:\WIN\System32\oembios.dat
[2008/08/14 00:19:05 | 013,107,200 | ---- | C] () -- C:\WIN\System32\oembios.bin
[2008/08/14 00:18:57 | 000,000,741 | ---- | C] () -- C:\WIN\System32\noise.dat
[2008/08/14 00:18:32 | 000,673,088 | ---- | C] () -- C:\WIN\System32\mlang.dat
[2008/08/14 00:18:31 | 000,046,258 | ---- | C] () -- C:\WIN\System32\mib.bin
[2008/08/14 00:17:44 | 000,218,003 | ---- | C] () -- C:\WIN\System32\dssec.dat
[2008/08/14 00:17:28 | 000,001,804 | ---- | C] () -- C:\WIN\System32\dcache.bin
[2008/05/26 15:59:42 | 000,018,904 | ---- | C] () -- C:\WIN\System32\structuredqueryschematrivial.bin
[2008/05/26 15:59:40 | 000,106,605 | ---- | C] () -- C:\WIN\System32\structuredqueryschema.bin
[2008/04/25 07:23:38 | 000,012,288 | ---- | C] () -- C:\WIN\System32\EvOnlDiag.dll
[2007/10/25 11:26:10 | 000,005,632 | ---- | C] () -- C:\WIN\System32\drivers\StarOpen.sys
[2007/09/27 04:51:02 | 000,020,698 | ---- | C] () -- C:\WIN\System32\idxcntrs.ini
[2007/09/27 04:48:48 | 000,030,628 | ---- | C] () -- C:\WIN\System32\gsrvctr.ini
[2007/09/27 04:48:28 | 000,031,698 | ---- | C] () -- C:\WIN\System32\gthrctr.ini
[2007/06/21 04:49:24 | 000,118,784 | ---- | C] () -- C:\WIN\System32\TosBtAcc.dll
[2006/11/02 03:27:46 | 000,000,518 | ---- | C] () -- C:\WIN\System32\SP207.ini
[2005/07/22 15:30:18 | 000,065,536 | ---- | C] () -- C:\WIN\System32\TosCommAPI.dll
[2005/06/10 13:59:54 | 000,177,152 | ---- | C] () -- C:\WIN\System32\CSGina.dll
[2005/06/10 13:53:52 | 000,163,840 | ---- | C] () -- C:\WIN\System32\vpnapi.dll
[2002/03/19 11:30:00 | 000,216,576 | ---- | C] () -- C:\WIN\System32\PowerCalc.exe
[2002/03/19 11:30:00 | 000,141,824 | ---- | C] () -- C:\WIN\System32\msvdm.dll
[2002/03/19 11:30:00 | 000,045,632 | ---- | C] () -- C:\WIN\System32\TaskSwitch.exe
========== LOP Check ==========
[2008/12/21 20:14:05 | 000,000,000 | ---D | M] -- d:\Profiles\Administrator\Application Data\AIS
[2009/10/20 03:37:51 | 000,000,000 | ---D | M] -- d:\Profiles\Administrator\Application Data\Windows Desktop Search
[2008/08/14 01:34:02 | 000,000,000 | ---D | M] -- d:\Profiles\FSC_WXPINST\Application Data\AIS
[2010/02/12 12:16:17 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\1morebee
[2008/12/21 20:34:07 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\AIS
[2009/09/08 07:55:49 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Alawar
[2011/01/24 15:38:29 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\AlawarSouthpoint
[2011/02/02 14:18:47 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\AlderGames
[2011/07/17 12:56:26 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\BlamGames
[2011/05/13 13:32:53 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\BLG
[2010/03/29 12:30:03 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Blitware
[2011/12/11 13:25:36 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Boolat Games
[2011/09/21 17:14:42 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Boomzap
[2009/10/30 13:07:55 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\CasualForge
[2010/08/24 12:19:24 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Cisco
[2008/12/21 20:34:04 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\CryptoEx
[2011/09/11 17:15:44 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\DVDVideoSoft
[2011/03/26 11:30:58 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\DVDVideoSoftIEHelpers
[2010/04/25 06:55:50 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Facebook
[2009/06/19 09:27:14 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Flood Light Games
[2009/06/11 13:52:25 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\FloodLightGames
[2011/09/27 17:16:08 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Frogwares
[2010/05/19 05:47:38 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Fujitsu
[2010/08/31 13:27:15 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Gamelab
[2012/06/02 13:43:48 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\gtk-2.0
[2011/04/17 16:23:20 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Home Sweet Home 2
[2009/11/14 12:16:28 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\HSA
[2012/10/04 14:04:21 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\ICQ
[2011/02/24 18:03:39 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Islands
[2010/08/05 16:34:32 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Janes Realty2
[2011/08/13 10:37:30 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Jumping Bytes
[2011/10/14 12:20:47 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Ladia Group
[2009/08/14 04:22:24 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Miranda-IM
[2010/03/29 16:08:23 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\ML
[2011/08/13 10:53:26 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Mobile Master
[2011/08/13 11:03:23 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\MyPhoneExplorer
[2010/07/06 07:31:23 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Neverball
[2011/06/01 12:55:29 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\NevoSoft
[2010/07/01 15:52:46 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Nevosoft Games
[2010/10/16 07:00:25 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\oberon
[2010/05/05 10:06:01 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Oberon Janes ZOO
[2009/08/17 15:58:09 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Peace Craft
[2011/09/22 11:43:15 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\PeaceCraft3
[2009/06/27 06:45:52 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\PetRush
[2009/05/22 10:31:29 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\PetShowCraze
[2011/10/31 13:38:12 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Ph03nixNewMedia
[2010/11/30 17:12:24 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\PlayFirst
[2011/09/04 12:16:36 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\playmink
[2010/02/18 08:49:56 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Playrix Entertainment
[2010/05/19 05:47:50 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\pptaddin
[2012/09/01 08:41:24 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\PriceGong
[2009/01/08 05:58:50 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\QIP
[2010/10/16 07:33:12 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\RTS
[2012/04/18 15:16:06 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Samsung
[2010/07/08 06:35:05 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\SecondLife
[2011/01/28 18:41:44 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Settlement. Colossus
[2011/03/25 16:56:19 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Simfy
[2012/02/01 15:04:34 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\SMSServant
[2011/06/21 16:26:47 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\SulusGames
[2011/01/23 18:06:00 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Supermarket Mania 2
[2010/01/08 10:39:19 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Thunderbird
[2010/04/27 12:31:21 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\ValuSoft
[2010/05/14 07:17:14 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\VampireSaga
[2012/05/11 13:46:49 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\VampireSagaHL
[2011/11/22 13:54:17 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\VC 2 Paradise Resort
[2009/04/20 07:49:06 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Windows Desktop Search
[2009/05/06 07:27:05 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Windows Search
[2011/02/02 13:45:45 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\World-Loom
[2009/03/15 17:38:29 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\Xilisoft Corporation
[2012/02/27 14:39:53 | 000,000,000 | ---D | M] -- d:\Profiles\MCHFROEHLICHL\Application Data\YoudaGames
[2008/08/14 01:33:42 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\AIS
[2009/11/21 14:10:34 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\Alawar Stargaze
[2011/01/24 15:38:29 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\AlawarSouthpoint
[2011/05/13 13:32:53 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\BLG
[2009/10/30 13:07:55 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\CasualForge
[2011/09/04 11:57:56 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\Cateia Games
[2010/03/19 05:55:50 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\Cisco
[2012/10/04 13:34:08 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\dvfiscwvqnqxldt
[2009/10/17 10:43:58 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\EscapeFromParadise2
[2009/09/25 15:15:52 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\FarmFrenzy3
[2010/03/10 06:48:51 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\FarmFrenzy3_Arctica
[2010/11/19 14:05:00 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\Fenomen Games
[2009/06/19 09:27:14 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\Flood Light Games
[2008/11/26 15:05:07 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\FloodLightGames
[2011/02/24 17:44:45 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\Fugazo
[2009/08/21 10:06:21 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\HipSoft
[2010/10/29 09:00:26 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\ICQ
[2009/10/30 13:49:48 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\IntDreams
[2011/01/15 11:59:34 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\InterAction studios
[2011/05/09 17:42:05 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\iPass
[2008/12/05 09:37:45 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\iWin
[2009/05/27 14:19:28 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\Mandragora
[2010/03/27 12:52:40 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\MumboJumbo
[2008/12/16 16:47:38 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\NevoSoft Games
[2010/10/16 07:00:25 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\oberon
[2010/11/30 17:12:24 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\PlayFirst
[2011/09/21 12:58:21 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\RescueFrenzy
[2010/02/21 12:35:42 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\rionix
[2012/04/18 15:16:45 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\Samsung
[2010/07/24 13:33:52 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\Sandlot Games
[2009/12/15 06:48:08 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\Smart Soft
[2010/05/07 10:58:58 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\SpecialBit
[2011/08/07 13:49:23 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\SugarGames
[2011/06/21 16:26:47 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\SulusGames
[2012/05/11 14:05:59 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\TEMP
[2010/04/27 12:31:21 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\ValuSoft
[2009/07/15 14:39:46 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\XLab
[2009/03/15 17:48:50 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2012/06/13 14:17:49 | 000,000,000 | ---D | M] -- d:\Profiles\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/03/03 22:02:00 | 000,000,354 | ---- | M] () -- C:\WIN\Tasks\Driver Fetch.job
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2011/10/15 13:54:53 | 003,521,435 | ---- | M] ()(d:\Profiles\MCHFROEHLICHL\Desktop\Bruno Mars- Marry You Lyrics ?.mp3) -- d:\Profiles\MCHFROEHLICHL\Desktop\Bruno Mars- Marry You Lyrics ♥.mp3
[2011/10/15 13:54:41 | 003,521,435 | ---- | C] ()(d:\Profiles\MCHFROEHLICHL\Desktop\Bruno Mars- Marry You Lyrics ?.mp3) -- d:\Profiles\MCHFROEHLICHL\Desktop\Bruno Mars- Marry You Lyrics ♥.mp3
[2011/10/15 13:49:35 | 003,107,652 | ---- | M] ()(d:\Profiles\MCHFROEHLICHL\Desktop\Danza Kuduro - Don Omar & Lucenzo _With Lyrics_ ????? (5 stars).mp3) -- d:\Profiles\MCHFROEHLICHL\Desktop\Danza Kuduro - Don Omar & Lucenzo _With Lyrics_ ★★★★★ (5 stars).mp3
[2011/10/15 13:49:21 | 003,107,652 | ---- | C] ()(d:\Profiles\MCHFROEHLICHL\Desktop\Danza Kuduro - Don Omar & Lucenzo _With Lyrics_ ????? (5 stars).mp3) -- d:\Profiles\MCHFROEHLICHL\Desktop\Danza Kuduro - Don Omar & Lucenzo _With Lyrics_ ★★★★★ (5 stars).mp3
========== Alternate Data Streams ==========
@Alternate Data Stream - 155 bytes -> d:\Profiles\All Users\Application Data\TEMP:683BD5A8
@Alternate Data Stream - 151 bytes -> d:\Profiles\All Users\Application Data\TEMP:3D11302A
@Alternate Data Stream - 151 bytes -> d:\Profiles\All Users\Application Data\TEMP:2FF4577A
@Alternate Data Stream - 150 bytes -> d:\Profiles\All Users\Application Data\TEMP:E6433F27
@Alternate Data Stream - 150 bytes -> d:\Profiles\All Users\Application Data\TEMP:80234CE0
@Alternate Data Stream - 150 bytes -> d:\Profiles\All Users\Application Data\TEMP:7EE43C06
@Alternate Data Stream - 150 bytes -> d:\Profiles\All Users\Application Data\TEMP:5199C971
@Alternate Data Stream - 149 bytes -> d:\Profiles\All Users\Application Data\TEMP:997E6AF4
@Alternate Data Stream - 149 bytes -> d:\Profiles\All Users\Application Data\TEMP:8C443193
@Alternate Data Stream - 148 bytes -> d:\Profiles\All Users\Application Data\TEMP:FD444D31
@Alternate Data Stream - 148 bytes -> d:\Profiles\All Users\Application Data\TEMP:9A842F5C
@Alternate Data Stream - 147 bytes -> d:\Profiles\All Users\Application Data\TEMP:E7F71472
@Alternate Data Stream - 147 bytes -> d:\Profiles\All Users\Application Data\TEMP:5D4F063C
@Alternate Data Stream - 147 bytes -> d:\Profiles\All Users\Application Data\TEMP:1F812AFD
@Alternate Data Stream - 146 bytes -> d:\Profiles\All Users\Application Data\TEMP:CCBF0D67
@Alternate Data Stream - 146 bytes -> d:\Profiles\All Users\Application Data\TEMP:9756362E
@Alternate Data Stream - 146 bytes -> d:\Profiles\All Users\Application Data\TEMP:7D49B96B
@Alternate Data Stream - 146 bytes -> d:\Profiles\All Users\Application Data\TEMP:4C509008
@Alternate Data Stream - 145 bytes -> d:\Profiles\All Users\Application Data\TEMP:FDA8D6AE
@Alternate Data Stream - 145 bytes -> d:\Profiles\All Users\Application Data\TEMP:CEED62ED
@Alternate Data Stream - 145 bytes -> d:\Profiles\All Users\Application Data\TEMP:8E6845BC
@Alternate Data Stream - 145 bytes -> d:\Profiles\All Users\Application Data\TEMP:4300D829
@Alternate Data Stream - 144 bytes -> d:\Profiles\All Users\Application Data\TEMP:6C81A062
@Alternate Data Stream - 143 bytes -> d:\Profiles\All Users\Application Data\TEMP:E9D68B36
@Alternate Data Stream - 143 bytes -> d:\Profiles\All Users\Application Data\TEMP:E8F2A400
@Alternate Data Stream - 143 bytes -> d:\Profiles\All Users\Application Data\TEMP:1013B07C
@Alternate Data Stream - 142 bytes -> d:\Profiles\All Users\Application Data\TEMP:D77C0A61
@Alternate Data Stream - 141 bytes -> d:\Profiles\All Users\Application Data\TEMP:B3B92717
@Alternate Data Stream - 141 bytes -> d:\Profiles\All Users\Application Data\TEMP:6A16A184
@Alternate Data Stream - 141 bytes -> d:\Profiles\All Users\Application Data\TEMP:5E3FBF9D
@Alternate Data Stream - 141 bytes -> d:\Profiles\All Users\Application Data\TEMP:403264CC
@Alternate Data Stream - 140 bytes -> d:\Profiles\All Users\Application Data\TEMP:CBEB737E
@Alternate Data Stream - 139 bytes -> d:\Profiles\All Users\Application Data\TEMP:D5458F6B
@Alternate Data Stream - 139 bytes -> d:\Profiles\All Users\Application Data\TEMP:81F6F7CD
@Alternate Data Stream - 139 bytes -> d:\Profiles\All Users\Application Data\TEMP:74BB299D
@Alternate Data Stream - 139 bytes -> d:\Profiles\All Users\Application Data\TEMP:5425B7F5
@Alternate Data Stream - 139 bytes -> d:\Profiles\All Users\Application Data\TEMP:4D7FCCD3
@Alternate Data Stream - 139 bytes -> d:\Profiles\All Users\Application Data\TEMP:39294FE1
@Alternate Data Stream - 138 bytes -> d:\Profiles\All Users\Application Data\TEMP:EF2D54F9
@Alternate Data Stream - 137 bytes -> d:\Profiles\All Users\Application Data\TEMP:EA43B001
@Alternate Data Stream - 137 bytes -> d:\Profiles\All Users\Application Data\TEMP:DF5BAC78
@Alternate Data Stream - 137 bytes -> d:\Profiles\All Users\Application Data\TEMP:793ABD2B
@Alternate Data Stream - 137 bytes -> d:\Profiles\All Users\Application Data\TEMP:38317199
@Alternate Data Stream - 135 bytes -> d:\Profiles\All Users\Application Data\TEMP:A94968B5
@Alternate Data Stream - 135 bytes -> d:\Profiles\All Users\Application Data\TEMP:A243178D
@Alternate Data Stream - 135 bytes -> d:\Profiles\All Users\Application Data\TEMP:593E515D
@Alternate Data Stream - 135 bytes -> d:\Profiles\All Users\Application Data\TEMP:2D723B3A
@Alternate Data Stream - 135 bytes -> d:\Profiles\All Users\Application Data\TEMP:2CD14F7E
@Alternate Data Stream - 134 bytes -> d:\Profiles\All Users\Application Data\TEMP:8643C5BE
@Alternate Data Stream - 134 bytes -> d:\Profiles\All Users\Application Data\TEMP:80A70180
@Alternate Data Stream - 134 bytes -> d:\Profiles\All Users\Application Data\TEMP:204BEE0F
@Alternate Data Stream - 134 bytes -> d:\Profiles\All Users\Application Data\TEMP:0651F96C
@Alternate Data Stream - 133 bytes -> d:\Profiles\All Users\Application Data\TEMP:61AF91EC
@Alternate Data Stream - 133 bytes -> d:\Profiles\All Users\Application Data\TEMP:53F381F1
@Alternate Data Stream - 133 bytes -> d:\Profiles\All Users\Application Data\TEMP:1ECB0F6C
@Alternate Data Stream - 132 bytes -> d:\Profiles\All Users\Application Data\TEMP:AF9538BC
@Alternate Data Stream - 131 bytes -> d:\Profiles\All Users\Application Data\TEMP:E6E9EB6C
@Alternate Data Stream - 131 bytes -> d:\Profiles\All Users\Application Data\TEMP:9CB2B6C5
@Alternate Data Stream - 130 bytes -> d:\Profiles\All Users\Application Data\TEMP:389D51A1
@Alternate Data Stream - 130 bytes -> d:\Profiles\All Users\Application Data\TEMP:0D713C0D
@Alternate Data Stream - 129 bytes -> d:\Profiles\All Users\Application Data\TEMP:DCDE7C60
@Alternate Data Stream - 129 bytes -> d:\Profiles\All Users\Application Data\TEMP:72598408
@Alternate Data Stream - 129 bytes -> d:\Profiles\All Users\Application Data\TEMP:5F538558
@Alternate Data Stream - 128 bytes -> d:\Profiles\All Users\Application Data\TEMP:B9F6BE51
@Alternate Data Stream - 128 bytes -> d:\Profiles\All Users\Application Data\TEMP:B723C5EF
@Alternate Data Stream - 128 bytes -> d:\Profiles\All Users\Application Data\TEMP:8FBE0E9C
@Alternate Data Stream - 127 bytes -> d:\Profiles\All Users\Application Data\TEMP:87F524B2
@Alternate Data Stream - 127 bytes -> d:\Profiles\All Users\Application Data\TEMP:858D9994
@Alternate Data Stream - 127 bytes -> d:\Profiles\All Users\Application Data\TEMP:01442FD8
@Alternate Data Stream - 126 bytes -> d:\Profiles\All Users\Application Data\TEMP:F50F1555
@Alternate Data Stream - 126 bytes -> d:\Profiles\All Users\Application Data\TEMP:D05E7A8B
@Alternate Data Stream - 125 bytes -> d:\Profiles\All Users\Application Data\TEMP:EBE4F6FC
@Alternate Data Stream - 125 bytes -> d:\Profiles\All Users\Application Data\TEMP:6D4F7F2B
@Alternate Data Stream - 125 bytes -> d:\Profiles\All Users\Application Data\TEMP:0807AFBC
@Alternate Data Stream - 125 bytes -> d:\Profiles\All Users\Application Data\TEMP:05650B69
@Alternate Data Stream - 124 bytes -> d:\Profiles\All Users\Application Data\TEMP:2556A8A0
@Alternate Data Stream - 124 bytes -> d:\Profiles\All Users\Application Data\TEMP:0A39AE4A
@Alternate Data Stream - 123 bytes -> d:\Profiles\All Users\Application Data\TEMP:9B750A13
@Alternate Data Stream - 123 bytes -> d:\Profiles\All Users\Application Data\TEMP:7079A696
@Alternate Data Stream - 123 bytes -> d:\Profiles\All Users\Application Data\TEMP:20B17557
@Alternate Data Stream - 122 bytes -> d:\Profiles\All Users\Application Data\TEMP:77B90F12
@Alternate Data Stream - 121 bytes -> d:\Profiles\All Users\Application Data\TEMP:FF818E2B
@Alternate Data Stream - 121 bytes -> d:\Profiles\All Users\Application Data\TEMP:902B6A44
@Alternate Data Stream - 121 bytes -> d:\Profiles\All Users\Application Data\TEMP:857692EC
@Alternate Data Stream - 121 bytes -> d:\Profiles\All Users\Application Data\TEMP:7091055F
@Alternate Data Stream - 120 bytes -> d:\Profiles\All Users\Application Data\TEMP:8AB6C1D7
@Alternate Data Stream - 120 bytes -> d:\Profiles\All Users\Application Data\TEMP:1AF93AF4
@Alternate Data Stream - 120 bytes -> d:\Profiles\All Users\Application Data\TEMP:0E640041
@Alternate Data Stream - 119 bytes -> d:\Profiles\All Users\Application Data\TEMP:D88D995C
@Alternate Data Stream - 119 bytes -> d:\Profiles\All Users\Application Data\TEMP:2F34C507
@Alternate Data Stream - 118 bytes -> d:\Profiles\All Users\Application Data\TEMP:69EC5FA7
@Alternate Data Stream - 116 bytes -> d:\Profiles\All Users\Application Data\TEMP:5EBA4934
@Alternate Data Stream - 113 bytes -> d:\Profiles\All Users\Application Data\TEMP:443268A9
@Alternate Data Stream - 113 bytes -> d:\Profiles\All Users\Application Data\TEMP:3064D21D
@Alternate Data Stream - 106 bytes -> d:\Profiles\All Users\Application Data\TEMP:0D31DA45
@Alternate Data Stream - 105 bytes -> d:\Profiles\All Users\Application Data\TEMP:70F0A2F4
@Alternate Data Stream - 101 bytes -> d:\Profiles\All Users\Application Data\TEMP:37CE0F2E
< End of report >
--- --- --- Edit: Bitte nicht in bestehenden Threads posten. Hab den Beitrag abgetrennt, einen Thread erstellt und verschieb den ins richtige Unterforum
Gruß cad |
