OTL.txt war zu groß(205 KB), desswegen tu ich sie hier rein... Extras.txt im AnhangOTL Logfile: Code:
OTL logfile created on: 04.01.2013 20:04:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Gregor
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 72,91% Memory free
5,33 Gb Paging File | 4,27 Gb Available in Paging File | 80,09% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 229,00 Gb Total Space | 186,18 Gb Free Space | 81,30% Space Free | Partition Type: NTFS
Drive D: | 208,42 Gb Total Space | 127,56 Gb Free Space | 61,20% Space Free | Partition Type: NTFS
Computer Name: ABMAYER-1CB678C | User Name: Abmayer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.01.04 19:49:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Gregor\OTL.exe
PRC - [2012.11.08 16:58:24 | 016,070,136 | ---- | M] (Google) -- C:\Programme\Google\Drive\googledrivesync.exe
PRC - [2012.10.05 16:08:42 | 000,109,064 | ---- | M] (Wajam) -- C:\Programme\Wajam\Updater\WajamUpdater.exe
PRC - [2012.09.17 12:41:54 | 000,254,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2012.06.06 21:33:42 | 001,564,872 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2012.04.22 12:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.04.22 12:50:44 | 000,174,120 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.04.22 12:50:40 | 000,148,008 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclToBTSrv.exe
PRC - [2011.12.22 11:37:54 | 000,862,144 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Citrix\ICA Client\wfcrun32.exe
PRC - [2011.12.22 11:37:04 | 000,128,960 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Citrix\ICA Client\redirector.exe
PRC - [2011.12.22 11:36:50 | 000,362,432 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Citrix\ICA Client\concentr.exe
PRC - [2011.12.19 14:57:48 | 001,136,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Citrix\ICA Client\Receiver\Receiver.exe
PRC - [2011.12.19 12:35:16 | 000,051,128 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Citrix\SelfServicePlugin\SelfServicePlugin.exe
PRC - [2011.08.04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton 360\Engine\4.4.0.12\ccsvchst.exe
PRC - [2011.06.14 16:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.11.19 12:52:54 | 000,174,064 | ---- | M] (Panasonic Corporation) -- C:\Programme\Gemeinsame Dateien\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
PRC - [2010.11.05 16:47:21 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2010.06.07 11:15:42 | 000,618,496 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2010.02.26 01:22:09 | 000,194,424 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton 360\AddOns\Norton AddOn Pack\Engine\4.8.0.3\ccProxy.exe
PRC - [2009.11.28 01:35:20 | 000,843,016 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrayMonitor\TrayMonitor.exe
PRC - [2009.11.28 00:45:16 | 000,382,816 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
PRC - [2009.11.28 00:45:12 | 000,665,464 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
PRC - [2009.11.28 00:44:10 | 001,877,848 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Agent\agent.exe
PRC - [2009.11.28 00:38:02 | 004,290,896 | ---- | M] (Acronis) -- C:\Programme\Acronis\BackupAndRecovery\mms.exe
PRC - [2009.11.28 00:36:50 | 000,959,192 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Timounter\TimounterMonitor.exe
PRC - [2009.11.04 13:39:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.11.04 13:39:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.07.31 17:36:14 | 002,680,160 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2009.07.31 13:23:22 | 000,354,128 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe
PRC - [2009.07.30 21:20:04 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2009.06.08 14:34:58 | 000,660,808 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2009.06.03 15:33:14 | 000,308,552 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2009.05.26 13:21:52 | 000,651,264 | ---- | M] (Nokia) -- C:\Programme\Nokia\PC Internet Access\NPCIA.exe
PRC - [2008.07.24 11:24:24 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2008.05.02 02:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe
PRC - [2008.05.02 02:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.04.19 13:35:46 | 000,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
========== Modules (No Company Name) ==========
MOD - [2013.01.04 18:03:56 | 001,024,024 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\windows._cacheinvalidation.pyd
MOD - [2013.01.04 18:03:56 | 000,792,576 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\wx._gdi_.pyd
MOD - [2013.01.04 18:03:56 | 000,731,136 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\wx._misc_.pyd
MOD - [2013.01.04 18:03:56 | 000,571,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\pysqlite2._sqlite.pyd
MOD - [2013.01.04 18:03:56 | 000,354,304 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\pythoncom26.dll
MOD - [2013.01.04 18:03:56 | 000,263,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\win32com.shell.shell.pyd
MOD - [2013.01.04 18:03:56 | 000,096,256 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\win32api.pyd
MOD - [2013.01.04 18:03:56 | 000,086,016 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\_elementtree.pyd
MOD - [2013.01.04 18:03:56 | 000,073,728 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\_ctypes.pyd
MOD - [2013.01.04 18:03:56 | 000,070,656 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\wx._html2.pyd
MOD - [2013.01.04 18:03:56 | 000,040,448 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\_socket.pyd
MOD - [2013.01.04 18:03:56 | 000,023,040 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\win32ts.pyd
MOD - [2013.01.04 18:03:56 | 000,017,920 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\win32profile.pyd
MOD - [2013.01.04 18:03:56 | 000,011,776 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\win32crypt.pyd
MOD - [2013.01.04 18:03:55 | 001,169,408 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\wx._core_.pyd
MOD - [2013.01.04 18:03:55 | 000,807,424 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\wx._windows_.pyd
MOD - [2013.01.04 18:03:55 | 000,645,120 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\_ssl.pyd
MOD - [2013.01.04 18:03:55 | 000,311,808 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\_hashlib.pyd
MOD - [2013.01.04 18:03:55 | 000,121,856 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\wx._wizard.pyd
MOD - [2013.01.04 18:03:55 | 000,111,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\win32file.pyd
MOD - [2013.01.04 18:03:55 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\win32security.pyd
MOD - [2013.01.04 18:03:55 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\PyWinTypes26.dll
MOD - [2013.01.04 18:03:55 | 000,039,424 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\win32inet.pyd
MOD - [2013.01.04 18:03:55 | 000,036,352 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\win32process.pyd
MOD - [2013.01.04 18:03:55 | 000,022,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\win32pdh.pyd
MOD - [2013.01.04 18:03:53 | 001,056,256 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\wx._controls_.pyd
MOD - [2013.01.04 18:03:53 | 000,585,728 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\unicodedata.pyd
MOD - [2013.01.04 18:03:53 | 000,153,088 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\pyexpat.pyd
MOD - [2013.01.04 18:03:53 | 000,017,920 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\win32event.pyd
MOD - [2013.01.04 18:03:53 | 000,011,776 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\temp\_MEI3322\select.pyd
MOD - [2012.11.22 22:31:13 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\b809681da85a58046cb39f268b6697ad\System.Web.ni.dll
MOD - [2012.11.22 22:31:06 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7ec47c4afad694faa491abd6b45928a\System.Runtime.Remoting.ni.dll
MOD - [2012.11.22 22:31:02 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\43b92a8dac90d1d6426274274abb69a6\System.Transactions.ni.dll
MOD - [2012.11.22 22:30:58 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\41cac4885974d07de06f0b4fec9883f0\System.Configuration.ni.dll
MOD - [2012.11.22 22:30:43 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\b5af2249e2d550f2752176a75c7a7656\Accessibility.ni.dll
MOD - [2012.11.22 22:02:47 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d35b50eb6bb7b1bfb6592419d9feba47\System.Xml.ni.dll
MOD - [2012.11.22 22:02:38 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6585a5fcaaa1b49b9a1bd9ca5c5c306e\System.Windows.Forms.ni.dll
MOD - [2012.11.22 22:02:24 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\da4bcb702feb770ce40cf1371b0c4d02\System.Drawing.ni.dll
MOD - [2012.11.22 22:02:06 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\d309c7e5107b3aed78e097659f94543b\System.Data.ni.dll
MOD - [2012.11.22 22:01:07 | 007,977,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll
MOD - [2012.11.22 22:01:00 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll
MOD - [2012.11.22 21:59:48 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012.11.22 21:59:33 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012.09.10 16:07:17 | 000,911,872 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\spd__du.dll
MOD - [2012.07.27 21:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.07.12 17:28:19 | 000,296,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.1.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
MOD - [2011.04.11 06:26:33 | 000,024,064 | ---- | M] () -- C:\WINDOWS\system32\spd__l.dll
MOD - [2010.11.05 16:47:21 | 000,061,496 | ---- | M] () -- C:\Programme\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2010.11.04 09:10:39 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.04 09:10:37 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.03 17:35:15 | 001,736,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3579.36823__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010.11.03 17:35:15 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3579.36895__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010.11.03 17:35:15 | 000,368,640 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3579.36805__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:15 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3579.36824__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010.11.03 17:35:15 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3579.36876__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:15 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3579.36813__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:15 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3579.36857__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:15 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3579.36848__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:15 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3579.36819__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010.11.03 17:35:15 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3579.36814__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:15 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3579.36908__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2010.11.03 17:35:15 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3579.36907__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2010.11.03 17:35:15 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3579.36912__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2010.11.03 17:35:15 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3579.36908__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2010.11.03 17:35:14 | 000,643,072 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3579.36906__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:14 | 000,356,352 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3579.36862__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3579.36863__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010.11.03 17:35:14 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3579.36906__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:14 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3579.36862__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:14 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3579.36824__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:14 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3579.36896__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:14 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3579.36824__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:13 | 000,823,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3579.36850__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:13 | 000,573,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3579.36825__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:13 | 000,409,600 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3579.36871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010.11.03 17:35:13 | 000,409,600 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3579.36814__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:13 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3579.36825__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:13 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3579.36849__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:13 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3579.36855__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:13 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3579.36855__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:13 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3579.36829__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:12 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3579.36849__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:12 | 000,368,640 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3579.36844__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:12 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.11.03 17:35:12 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3579.36848__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:12 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3579.36849__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:12 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3579.36856__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010.11.03 17:35:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3574.20483__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010.11.03 17:35:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3574.20475__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010.11.03 17:35:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3574.20511__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010.11.03 17:35:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3574.20570__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010.11.03 17:35:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3574.20566__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010.11.03 17:35:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3574.20505__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010.11.03 17:35:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3574.20565__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010.11.03 17:35:12 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010.11.03 17:35:11 | 000,147,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3574.20469__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3574.20459__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010.11.03 17:35:11 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3574.20535__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3574.20569__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3574.20496__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3574.20534__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3574.20530__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3574.20502__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010.11.03 17:35:11 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3574.20557__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3574.20489__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3574.20496__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3574.20454__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010.11.03 17:35:11 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3574.20457__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010.11.03 17:35:11 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3574.20638__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010.11.03 17:35:11 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3574.20529__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3574.20525__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3574.20482__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3574.20492__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3574.20532__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2010.11.03 17:35:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3574.20491__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3574.20472__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3574.20528__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3574.20506__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3574.20504__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010.11.03 17:35:11 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3574.20501__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010.11.03 17:35:11 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010.11.03 17:35:11 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3574.20524__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010.11.03 17:35:11 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010.11.03 17:35:11 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3574.20485__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3574.20528__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3574.20495__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010.11.03 17:35:11 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3574.20484__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010.11.03 17:35:10 | 000,651,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3579.36920__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2010.11.03 17:35:10 | 000,565,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3579.36885__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010.11.03 17:35:10 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3579.36819__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010.11.03 17:35:10 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3579.36890__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010.11.03 17:35:10 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3579.36889__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010.11.03 17:35:10 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3579.36804__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010.11.03 17:35:10 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3579.36802__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010.11.03 17:35:10 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3574.20509__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010.11.03 17:35:10 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3579.36901__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010.11.03 17:35:10 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3574.20476__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010.11.03 17:35:10 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3574.20464__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010.11.03 17:35:10 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3574.20498__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010.11.03 17:35:10 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3574.20480__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010.11.03 17:35:10 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3574.20494__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010.11.03 17:35:10 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2010.11.03 17:35:10 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2010.11.03 17:35:10 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3579.36802__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010.11.03 17:35:09 | 001,220,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3579.36809__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010.11.03 17:35:09 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3579.36801__90ba9c70f846762e\APM.Server.dll
MOD - [2010.11.03 17:35:09 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3579.36802__90ba9c70f846762e\AEM.Server.dll
MOD - [2010.11.03 17:35:09 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3574.20487__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010.11.03 17:35:09 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010.11.03 17:35:09 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3574.20499__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010.11.03 17:35:09 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3574.20537__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.11.03 17:35:09 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3579.36890__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010.06.07 11:15:42 | 000,618,496 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
MOD - [2010.03.10 06:15:50 | 000,503,808 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\sst3cdu.dll
MOD - [2009.11.24 13:36:36 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.04.16 16:31:16 | 004,210,688 | ---- | M] () -- C:\Programme\Nokia\PC Internet Access\GraphicsResources.ngr
MOD - [2008.11.12 10:17:54 | 000,013,312 | ---- | M] () -- C:\Programme\Nokia\PC Internet Access\TextResources_ger.nlr
MOD - [2008.06.04 05:53:14 | 000,026,624 | ---- | M] () -- C:\WINDOWS\system32\sst3cl3.dll
MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.12.06 08:52:38 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.05 16:08:42 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Programme\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012.04.22 12:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.04.06 00:45:44 | 000,129,536 | ---- | M] (Samsung Electronics) [On_Demand | Stopped] -- C:\WINDOWS\system32\SUPDSvc2.exe -- (Samsung UPD Service2)
SRV - [2011.08.04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Norton 360\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
SRV - [2011.07.20 04:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.02.26 01:22:09 | 000,194,424 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Norton 360\AddOns\Norton AddOn Pack\Engine\4.8.0.3\ccProxy.exe -- (ccProxy)
SRV - [2009.11.28 00:45:12 | 000,665,464 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009.11.28 00:44:10 | 001,877,848 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\Agent\agent.exe -- (AcronisAgent)
SRV - [2009.11.28 00:38:02 | 004,290,896 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Acronis\BackupAndRecovery\mms.exe -- (MMS)
SRV - [2009.11.04 13:39:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.11.04 13:39:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.07.30 21:20:04 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008.05.02 02:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007.05.08 19:47:22 | 000,271,920 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007.04.19 13:35:46 | 000,075,304 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.10.24 00:34:24 | 000,995,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20121130.005\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012.09.13 07:11:01 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20130103.032\NAVEX15.SYS -- (NAVEX15)
DRV - [2012.09.13 07:11:01 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20130103.032\NAVENG.SYS -- (NAVENG)
DRV - [2012.09.06 03:54:30 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20130103.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012.08.09 09:35:16 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012.08.09 09:35:16 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.04.22 12:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.01.09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.22 03:53:36 | 000,362,360 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\symtdi.sys -- (SYMTDI)
DRV - [2011.08.22 03:53:35 | 000,173,176 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\symefa.sys -- (SymEFA)
DRV - [2011.08.04 05:19:30 | 000,485,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\cchpx86.sys -- (ccHP)
DRV - [2011.06.29 05:18:16 | 000,066,776 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2010.11.04 11:56:31 | 000,588,704 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2010.11.04 11:53:21 | 000,162,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2010.11.04 11:10:01 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010.04.29 06:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\ironx86.sys -- (SymIRON)
DRV - [2010.04.22 03:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\srtsp.sys -- (SRTSP)
DRV - [2010.04.22 03:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\srtspx.sys -- (SRTSPX)
DRV - [2010.01.29 07:31:44 | 005,884,960 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.11.18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.10.20 03:48:18 | 004,415,488 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.10.15 04:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\symds.sys -- (SymDS)
DRV - [2009.09.17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI)
DRV - [2009.07.28 20:01:26 | 000,069,480 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2009.07.28 18:38:00 | 000,049,016 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2009.07.24 11:31:58 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2009.07.07 21:38:34 | 000,168,936 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2009.06.19 09:57:42 | 000,059,888 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2009.06.17 11:59:46 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2009.06.11 14:05:00 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2009.06.05 08:16:32 | 000,142,336 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.05.20 10:23:36 | 000,074,368 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008.02.29 03:13:46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008.02.29 03:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008.02.29 03:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008.02.29 03:12:48 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007.10.11 11:24:00 | 000,079,104 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt ) [Driver] [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sleen16.sys -- (SLEE_16_DRIVER)
DRV - [2004.08.13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=15768
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {5AB9ADFC-A3B8-4120-AA71-3D54107CCE06}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{5AB9ADFC-A3B8-4120-AA71-3D54107CCE06}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADSA_de
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{E350053F-0415-4F6B-A345-6F0C332DB8D0}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^NY&apn_dtid=^YYYYYY^YY^DE&apn_uid=5B1BF381-9F71-4869-89BE-8A570665E4E4&apn_sauid=62F8C4B5-E538-4B5C-B0D6-B00D1C2FC270
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=NDV&o=15765&locale=de_DE&apn_uid=5B1BF381-9F71-4869-89BE-8A570665E4E4&apn_ptnrs=%5ENY&apn_sauid=62F8C4B5-E538-4B5C-B0D6-B00D1C2FC270&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Programme\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Programme\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Programme\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Programme\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011.07.20 07:19:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2013.01.04 18:04:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.12.06 08:52:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
[2012.11.01 13:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Mozilla\Extensions
[2012.12.23 20:49:12 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Mozilla\Firefox\Profiles\fx94ruij.default\extensions
[2012.12.23 20:49:12 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Mozilla\Firefox\Profiles\fx94ruij.default\extensions\ich@maltegoetz.de
[2012.11.26 18:57:18 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Mozilla\Firefox\Profiles\fx94ruij.default\extensions\toolbar@ask.com
[2012.11.23 15:49:15 | 000,804,627 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Mozilla\Firefox\Profiles\fx94ruij.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.26 18:57:17 | 000,002,335 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Mozilla\Firefox\Profiles\fx94ruij.default\searchplugins\askcom.xml
[2012.12.06 08:52:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.06 08:52:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012.12.06 08:52:38 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.10.29 13:07:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (CtxIEInterceptorBHO Class) - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Programme\Citrix\ICA Client\IEInterceptor.dll (Citrix Systems, Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Programme\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ConnectionCenter] C:\Programme\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NokiaMServer] C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrayMonitor.exe] C:\Programme\Acronis\TrayMonitor\TrayMonitor.exe (Acronis)
O4 - HKCU..\Run: [Facebook Update] C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Programme\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [NokiaPCInternetAccess] C:\Programme\Nokia\PC Internet Access\NPCIA.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Programme\PokerStars.EU\PokerStarsUpdate.exe File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1288803896609 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1288804036609 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///E:/viewer/ORDcmViewCD.ocx (ORDcmViewCD Control)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2D7F033-7B1C-4950-9B5E-090D761ACF08}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Programme\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll) - C:\Programme\Citrix\ICA Client\RSHook.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.03 16:15:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.12.26 19:00:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\YoudaGames
[2012.12.26 19:00:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2012.12.26 19:00:19 | 000,000,000 | ---D | C] -- C:\Programme\Governor of Poker 2
[2012.12.26 19:00:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Governor of Poker 2
[2012.12.26 19:00:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Games
[2012.12.26 18:58:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Big Fish Games
[2012.12.26 18:58:22 | 000,000,000 | ---D | C] -- C:\Programme\bfgclient
[2012.12.26 18:55:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BigFishGamesCache
[2012.12.26 18:47:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ePlaybus.com
[2012.12.26 18:47:55 | 000,000,000 | ---D | C] -- C:\Programme\ePlaybus.com
[2012.12.26 18:45:34 | 011,238,576 | ---- | C] (ePlaybus.com ) -- C:\Dokumente und Einstellungen\Abmayer\Desktop\governor-of-poker-2.exe
[2012.12.26 18:45:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\Anwendungsdaten\Wajam
[2012.12.26 18:45:31 | 000,000,000 | ---D | C] -- C:\Programme\Wajam
[2012.12.14 22:41:55 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2012.12.14 22:41:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2012.12.06 08:52:32 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.04 20:07:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013.01.04 20:05:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.04 20:04:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.01.04 20:04:24 | 000,025,600 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.04 19:00:01 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1409082233-484061587-1417001333-1004UA.job
[2013.01.04 18:03:50 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.04 18:03:48 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.04 18:03:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.27 22:00:00 | 000,001,004 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1409082233-484061587-1417001333-1004Core.job
[2012.12.27 19:41:18 | 000,001,673 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Desktop\Governor of Poker 2 .lnk
[2012.12.26 18:59:04 | 000,000,632 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Game Manager.lnk
[2012.12.26 18:46:02 | 011,238,576 | ---- | M] (ePlaybus.com ) -- C:\Dokumente und Einstellungen\Abmayer\Desktop\governor-of-poker-2.exe
[2012.12.22 14:31:29 | 000,002,503 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Desktop\Microsoft Office Word 2007.lnk
[2012.12.21 14:52:17 | 000,660,275 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-12-21_Auto.nbu
[2012.12.20 10:43:18 | 000,002,301 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Desktop\catforDocs WDT-Bestellprogramm (2).lnk
[2012.12.13 16:57:17 | 000,002,545 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Desktop\Microsoft Office PowerPoint 2007.lnk
[2012.12.11 14:34:09 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Desktop\Microsoft Office Outlook 2007.lnk
[2012.12.09 19:09:53 | 000,073,396 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Eigene Dateien\Elternbrief 2012.12.pdf
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.27 19:41:18 | 000,001,673 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Desktop\Governor of Poker 2 .lnk
[2012.12.26 18:59:03 | 000,000,632 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Game Manager.lnk
[2012.12.26 18:58:31 | 000,001,554 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Game Manager.lnk
[2012.12.26 18:58:31 | 000,001,168 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Weitere fantastische Spiele.lnk
[2012.12.21 14:51:32 | 000,660,275 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-12-21_Auto.nbu
[2012.12.09 19:09:52 | 000,073,396 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Eigene Dateien\Elternbrief 2012.12.pdf
[2012.11.23 14:50:12 | 000,310,272 | ---- | C] () -- C:\WINDOWS\System32\UPDIO2.dll
[2012.11.23 14:50:12 | 000,254,464 | ---- | C] () -- C:\WINDOWS\System32\SUPDRun.exe
[2012.11.23 14:50:12 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\spd__ci.exe
[2012.11.23 14:50:12 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\spd__l.dll
[2012.11.23 14:50:11 | 001,558,432 | ---- | C] () -- C:\WINDOWS\TotalUninstaller.exe
[2012.11.22 18:57:49 | 000,004,140 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mtbjfghn.xbe
[2012.10.27 14:54:59 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\defogger_reenable
[2012.10.23 16:19:50 | 000,010,639 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Abmayr_elster_2048.pfx
[2012.10.01 10:44:47 | 000,606,896 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-10-01_Auto.nbu
[2012.08.13 20:02:54 | 000,601,269 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-08-13_Auto.nbu
[2012.07.24 11:42:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhEdit.INI
[2012.07.17 14:39:40 | 000,602,662 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-07-17_Auto.nbu
[2012.07.12 17:30:20 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2012.07.12 17:30:20 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2012.07.12 17:30:20 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2012.07.12 17:30:20 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2012.07.12 17:30:20 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2012.07.12 17:30:20 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2012.07.12 17:30:20 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2012.07.12 17:30:20 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2012.07.12 17:30:20 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2012.07.12 17:30:20 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2012.07.12 17:30:20 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2012.07.12 17:30:20 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2012.07.12 17:30:20 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2012.07.12 17:30:20 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2012.07.12 17:30:20 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2012.07.12 17:30:20 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2012.07.12 17:30:20 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2012.07.12 17:30:20 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2012.07.12 17:30:20 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2012.07.06 08:49:14 | 000,599,793 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-07-06_Auto.nbu
[2012.06.28 17:36:33 | 000,182,640 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.06.01 08:54:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.05.07 15:26:53 | 000,916,295 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-05-07_Auto.nbu
[2012.04.23 11:12:02 | 000,902,377 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-04-23_Auto.nbu
[2012.03.09 17:12:49 | 000,612,478 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-03-09.nbu
[2012.01.14 14:59:27 | 000,567,357 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-01-14_Auto.nbu
[2011.12.25 19:30:49 | 001,456,640 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\Falk Navi-Manager.msi
[2011.12.25 19:30:18 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\$_hpcst$.hpc
[2011.12.24 10:11:11 | 000,562,826 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-12-24_Auto.nbu
[2011.10.12 08:13:30 | 000,505,239 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-10-12_Auto.nbu
[2011.09.16 17:02:12 | 000,677,830 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-09-16_18-02-11.nbu
[2011.09.16 10:44:05 | 000,674,639 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-09-16_Auto.nbu
[2011.09.05 12:01:21 | 000,678,391 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-09-05_Auto.nbu
[2011.08.29 17:01:59 | 000,677,390 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-08-29_Auto.nbu
[2011.08.16 09:50:32 | 000,673,179 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-08-16_Auto.nbu
[2011.07.28 13:59:28 | 000,672,356 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-07-28_Auto.nbu
[2011.07.19 11:37:41 | 000,655,480 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-07-19_Auto.nbu
[2011.07.15 11:23:28 | 000,484,656 | ---- | C] () -- C:\WINDOWS\ssndii.exe
[2011.06.09 21:50:51 | 000,632,480 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-06-09_Auto.nbu
[2011.05.09 17:58:08 | 000,618,694 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-05-09_Auto.nbu
[2011.05.02 10:38:09 | 000,608,575 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-05-02_Auto.nbu
[2011.04.26 10:33:52 | 001,376,768 | ---- | C] () -- C:\Programme\7z920-x64.msi
[2011.04.26 10:32:33 | 001,110,476 | ---- | C] () -- C:\Programme\7z920.exe
[2011.04.13 09:57:24 | 000,621,659 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-04-13_Auto.nbu
[2011.04.11 18:21:03 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011.03.15 13:17:28 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.03.02 18:44:35 | 000,584,127 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-03-02_Auto.nbu
[2011.02.27 12:42:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.02.19 22:07:40 | 014,269,445 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-02-19.nbu
[2011.02.10 14:41:52 | 000,554,732 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-02-10_Auto.nbu
[2011.01.27 15:43:42 | 000,551,703 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-01-27_Auto.nbu
[2011.01.08 14:21:18 | 000,596,443 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-01-08_Auto.nbu
[2010.12.17 15:28:24 | 000,539,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2010-12-17_Auto.nbu
[2010.12.08 12:34:48 | 000,009,353 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Microsoft Excel 97-2003.EML
[2010.12.08 12:33:22 | 000,009,355 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Microsoft Access 97-2003.EML
[2010.12.08 12:27:53 | 000,012,989 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Kommagetrennte Werte (Windows).CAL
[2010.12.08 12:26:09 | 000,038,457 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Kommagetrennte Werte (Windows).ADR
[2010.12.08 12:21:48 | 000,009,356 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Kommagetrennte Werte (Windows).EML
[2010.11.29 12:36:02 | 000,432,596 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2010-11-29_Auto.nbu
[2010.11.04 10:08:49 | 000,025,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Abmayer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2010.11.03 17:33:10 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.08.30 21:28:07 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.11.19 21:36:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Acronis
[2011.01.21 12:32:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Canon
[2012.11.22 18:57:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Carambis
[2012.02.01 17:50:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\elsterformular
[2012.01.24 18:54:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\ICAClient
[2012.04.12 09:00:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Nokia
[2010.11.21 22:20:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Nokia Ovi Suite
[2011.11.16 11:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Nokia Suite
[2012.10.31 10:52:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\PC Suite
[2011.12.18 15:00:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Reviversoft
[2012.09.04 10:25:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Tific
[2012.09.15 19:15:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Unity
[2010.11.04 16:33:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Windows Desktop Search
[2010.11.05 00:18:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\Windows Search
[2012.12.27 19:41:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Abmayer\Anwendungsdaten\YoudaGames
[2010.11.19 23:18:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2012.12.26 18:58:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Big Fish Games
[2011.01.21 12:32:36 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJScan
[2012.01.24 18:48:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Citrix
[2012.02.01 17:47:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2010.11.21 14:45:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2010.11.03 18:04:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2012.06.21 15:43:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2011.09.16 19:56:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2010.11.16 17:38:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
[2012.07.24 11:27:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panasonic
[2012.10.31 10:51:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2010.11.18 18:46:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Phenomedia
[2012.11.23 14:50:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2012.12.26 22:11:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.12.17 12:46:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TOSHIBA
[2012.03.01 11:48:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VetStar-Bestellprogramm
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.11.22 22:04:09 | 000,000,000 | ---D | M] -- C:\ade253d3c5b71d658f1bba725666
[2012.10.28 19:55:43 | 000,000,000 | RHSD | M] -- C:\cmdcons
[2012.12.26 22:44:05 | 000,000,000 | ---D | M] -- C:\Config.Msi
[2011.02.17 20:02:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2011.02.15 17:33:07 | 000,000,000 | ---D | M] -- C:\emme
[2012.11.01 17:45:40 | 000,000,000 | ---D | M] -- C:\Firefox
[2012.12.26 20:05:06 | 000,000,000 | ---D | M] -- C:\Games
[2010.11.03 17:08:27 | 000,000,000 | ---D | M] -- C:\Intel
[2012.03.04 16:17:23 | 000,000,000 | ---D | M] -- C:\Jts
[2011.02.15 18:04:00 | 000,000,000 | ---D | M] -- C:\Junior
[2010.11.03 18:07:08 | 000,000,000 | R--D | M] -- C:\MSOCache
[2010.11.21 13:46:50 | 000,000,000 | ---D | M] -- C:\Nokia Ovi Suite (F)
[2012.07.24 11:43:06 | 000,000,000 | ---D | M] -- C:\PFS6_TMP
[2012.12.26 19:00:19 | 000,000,000 | R--D | M] -- C:\Programme
[2012.10.30 17:14:43 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011.02.17 20:08:48 | 000,000,000 | ---D | M] -- C:\Spiele Gregor
[2013.01.04 18:04:49 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.10.27 11:41:36 | 000,000,000 | ---D | M] -- C:\TDSSKiller_Quarantine
[2012.11.22 19:02:40 | 000,000,000 | ---D | M] -- C:\temp
[2010.11.19 14:56:32 | 000,000,000 | ---D | M] -- C:\Terzio
[2010.12.14 13:32:03 | 000,000,000 | ---D | M] -- C:\Tivola
[2012.07.01 15:26:17 | 000,000,000 | ---D | M] -- C:\TLG
[2012.12.27 16:46:52 | 000,000,000 | ---D | M] -- C:\WINDOWS
< %PROGRAMFILES%\*.exe >
[2011.04.26 10:32:35 | 001,110,476 | ---- | M] () -- C:\Programme\7z920.exe
Invalid Environment Variable: LOCALAPPDATA
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2008.04.14 13:00:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\h323.tsp
[2008.04.14 13:00:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2008.04.14 13:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ipconf.tsp
[2008.04.14 13:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2008.04.14 13:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2008.04.14 13:00:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2008.04.14 13:00:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[2010.11.03 16:14:02 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.11.03 16:17:49 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.12.07 21:18:56 | 000,001,088 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.12.07 21:18:57 | 000,001,092 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.03.04 12:29:14 | 000,000,276 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2012.10.22 20:55:56 | 000,001,004 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1409082233-484061587-1417001333-1004Core.job
[2012.10.22 20:55:56 | 000,001,026 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1409082233-484061587-1417001333-1004UA.job
[2012.11.22 18:57:19 | 000,000,230 | ---- | C] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
< MD5 for: AGP440.SYS >
[2008.04.14 13:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 13:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2010.11.19 12:35:30 | 000,036,352 | ---- | M] (Panasonic Corporation) MD5=F0A387EE8766A7BCC0B557308619BF89 -- C:\Programme\Panasonic\PHOTOfunSTUDIO 6.0\Core\EventLog\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: NETLOGON.DLL >
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 13:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 13:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: USER32.DLL >
[2008.04.14 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\erdnt\cache\user32.dll
[2008.04.14 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\dllcache\user32.dll
[2008.04.14 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 13:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 13:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 13:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.04.14 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2008.04.14 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.11.03 17:05:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.11.03 17:05:48 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.11.03 17:05:48 | 000,442,368 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %USERPROFILE%\*.* >
[2012.10.23 16:19:58 | 000,010,639 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Abmayr_elster_2048.pfx
[2012.10.27 14:54:59 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\defogger_reenable
[2010.11.29 12:36:26 | 000,432,596 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2010-11-29_Auto.nbu
[2010.12.17 15:28:45 | 000,539,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2010-12-17_Auto.nbu
[2011.01.08 14:21:42 | 000,596,443 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-01-08_Auto.nbu
[2011.01.27 15:44:04 | 000,551,703 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-01-27_Auto.nbu
[2011.02.10 14:42:13 | 000,554,732 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-02-10_Auto.nbu
[2011.02.19 22:09:32 | 014,269,445 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-02-19.nbu
[2011.03.02 18:44:57 | 000,584,127 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-03-02_Auto.nbu
[2011.04.13 09:57:46 | 000,621,659 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-04-13_Auto.nbu
[2011.05.02 10:38:31 | 000,608,575 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-05-02_Auto.nbu
[2011.05.09 17:58:30 | 000,618,694 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-05-09_Auto.nbu
[2011.06.09 21:51:13 | 000,632,480 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-06-09_Auto.nbu
[2011.07.19 11:38:08 | 000,655,480 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-07-19_Auto.nbu
[2011.07.28 13:59:51 | 000,672,356 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-07-28_Auto.nbu
[2011.08.16 09:50:54 | 000,673,179 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-08-16_Auto.nbu
[2011.08.29 17:02:22 | 000,677,390 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-08-29_Auto.nbu
[2011.09.05 12:01:46 | 000,678,391 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-09-05_Auto.nbu
[2011.09.16 17:02:34 | 000,677,830 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-09-16_18-02-11.nbu
[2011.09.16 10:44:28 | 000,674,639 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-09-16_Auto.nbu
[2011.10.12 08:13:55 | 000,505,239 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-10-12_Auto.nbu
[2011.12.24 10:11:35 | 000,562,826 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2011-12-24_Auto.nbu
[2012.01.14 14:59:50 | 000,567,357 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-01-14_Auto.nbu
[2012.03.09 17:13:11 | 000,612,478 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-03-09.nbu
[2012.04.23 11:12:25 | 000,902,377 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-04-23_Auto.nbu
[2012.05.07 15:27:17 | 000,916,295 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-05-07_Auto.nbu
[2012.07.06 08:49:38 | 000,599,793 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-07-06_Auto.nbu
[2012.07.17 14:40:03 | 000,602,662 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-07-17_Auto.nbu
[2012.08.13 20:03:16 | 000,601,269 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-08-13_Auto.nbu
[2012.10.01 10:45:16 | 000,606,896 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-10-01_Auto.nbu
[2012.12.21 14:52:17 | 000,660,275 | ---- | M] () -- C:\Dokumente und Einstellungen\Abmayer\Hans-Jürgen_2012-12-21_Auto.nbu
[2012.12.28 12:06:49 | 006,291,456 | -H-- | M] () -- C:\Dokumente und Einstellungen\Abmayer\NTUSER.DAT
[2013.01.04 20:12:03 | 000,028,672 | -H-- | M] () -- C:\Dokumente und Einstellungen\Abmayer\ntuser.dat.LOG
[2012.12.28 12:06:49 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Abmayer\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2012.10.22 20:56:29 | 001,866,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
========== Alternate Data Streams ==========
@Alternate Data Stream - 130 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D0757AAB
< End of report >
--- --- ---
Tadaa :daumenhoc |
