| cordicordu | 06.02.2013 21:43 |
Hallo, vielen Dank für die schnelle Antwort, ich werde mich in Zukunft vor softonic hüten :-), versprochen
hier der Inhalt aus OtlOTL Logfile: Code:
OTL logfile created on: 06.02.2013 20:58:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sb-geb\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,75 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 53,70% Memory free
6,80 Gb Paging File | 5,16 Gb Available in Paging File | 75,86% Paging File free
Paging file location(s): c:\pagefile.sys 4221 4221 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,78 Gb Total Space | 167,49 Gb Free Space | 57,60% Space Free | Partition Type: NTFS
Drive D: | 290,74 Gb Total Space | 274,44 Gb Free Space | 94,39% Space Free | Partition Type: NTFS
Drive J: | 1,87 Gb Total Space | 0,41 Gb Free Space | 21,92% Space Free | Partition Type: FAT32
Computer Name: SB-GEB-PC | User Name: sb-geb | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.02.06 20:49:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sb-geb\Desktop\OTL.exe
PRC - [2013.02.05 06:40:37 | 000,865,792 | ---- | M] () -- C:\Users\sb-geb\AppData\Local\Temp\OCS\Downloads\d340164aef134ca45f5d3a3a8b8d1b79\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
PRC - [2013.01.12 11:10:01 | 000,322,032 | ---- | M] (AVM Berlin) -- C:\Users\sb-geb\AppData\Local\Apps\2.0\Z32ND9MC.P9B\J4WNBKKH.82J\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
PRC - [2013.01.12 10:17:18 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.17 17:14:10 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
PRC - [2012.12.17 16:48:14 | 000,059,872 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.12.05 02:40:03 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\20.2.1.22\ccsvchst.exe
PRC - [2012.11.28 14:13:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012.11.22 14:53:01 | 001,681,472 | ---- | M] (Bandoo Media Inc) -- C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe
PRC - [2012.10.24 17:14:52 | 000,843,208 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.06.06 21:33:42 | 001,564,872 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011.07.31 14:07:18 | 000,189,808 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2010.03.13 15:36:21 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
PRC - [2009.08.31 10:43:46 | 000,241,664 | ---- | M] () -- C:\Program Files\Join Air\AssistantServices.exe
PRC - [2009.08.31 10:43:14 | 000,132,608 | ---- | M] () -- C:\Program Files\Join Air\UIExec.exe
PRC - [2009.08.13 14:54:30 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2009.05.29 10:13:40 | 000,729,600 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Silvercrest MTS2218 driver\KMCONFIG.exe
PRC - [2009.04.10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.23 18:00:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.02.10 08:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008.08.21 14:15:58 | 000,348,160 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Silvercrest MTS2218 driver\KMProcess.exe
PRC - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.05.30 01:17:38 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe
PRC - [2008.05.30 01:17:38 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe
PRC - [2008.05.20 17:50:50 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.05.20 11:06:00 | 006,144,000 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.25 01:00:00 | 001,753,088 | ---- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WLanGUI.exe
PRC - [2008.02.25 01:00:00 | 000,364,544 | ---- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WLanNetService.exe
PRC - [2006.11.02 13:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006.05.04 06:58:56 | 000,998,912 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe
========== Modules (No Company Name) ==========
MOD - [2013.01.13 14:54:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
MOD - [2013.01.13 14:54:41 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\259f7342c8ebb1150db3df1bc4d3394c\System.Web.ni.dll
MOD - [2013.01.13 14:54:24 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013.01.13 14:54:08 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll
MOD - [2013.01.13 14:53:58 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013.01.13 14:52:42 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013.01.13 14:52:35 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2013.01.12 12:02:29 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013.01.12 11:54:13 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\af7e2da8fcdb0d788cea0638e157c54b\System.Windows.Forms.ni.dll
MOD - [2013.01.12 11:54:07 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll
MOD - [2013.01.12 11:53:56 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll
MOD - [2013.01.12 11:53:43 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll
MOD - [2013.01.12 11:53:24 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013.01.12 11:53:20 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll
MOD - [2013.01.12 11:53:18 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\60674dde4b56087c189f576f36f6720f\PresentationFramework.Aero.ni.dll
MOD - [2013.01.12 11:53:08 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll
MOD - [2013.01.12 11:53:05 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013.01.12 11:52:56 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2012.05.30 07:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360\Engine\20.2.1.22\wincfi39.dll
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.03.02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010.09.02 10:57:40 | 000,791,112 | ---- | M] () -- C:\Program Files\AVS4YOU\AVSVideoConverter\AVSVideoConverterShExt.dll
MOD - [2009.08.31 10:43:14 | 000,132,608 | ---- | M] () -- C:\Program Files\Join Air\UIExec.exe
MOD - [2009.06.16 15:42:56 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2990.36961__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.06.16 15:42:56 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2990.36918__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:56 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2990.36974__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.06.16 15:42:56 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2990.37146__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2990.36953__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.06.16 15:42:56 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2990.37068__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:56 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2990.36939__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:55 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2990.37179__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.06.16 15:42:55 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2990.37110__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:46 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2990.36932__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.06.16 15:42:45 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2990.37076__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.06.16 15:42:45 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2990.36986__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.06.16 15:42:45 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2990.37070__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.06.16 15:42:45 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2990.37062__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.06.16 15:42:45 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2990.36940__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.06.16 15:42:45 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2990.37138__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.06.16 15:42:45 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2990.37118__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.06.16 15:42:45 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2990.36980__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.06.16 15:42:45 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2990.37177__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2009.06.16 15:42:45 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2990.37184__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.06.16 15:42:45 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2990.37090__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.06.16 15:42:45 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2990.37125__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.06.16 15:42:45 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2990.37076__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:45 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2990.37118__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:45 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2990.37068__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:45 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2990.37177__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:45 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2990.36992__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:45 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2990.37075__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:45 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2990.37089__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:45 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2990.37103__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.06.16 15:42:45 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.06.16 15:42:44 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.06.16 15:42:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.06.16 15:42:44 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.06.16 15:42:44 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.06.16 15:42:44 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2009.06.16 15:42:44 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.06.16 15:42:44 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.06.16 15:42:44 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.06.16 15:42:44 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.06.16 15:42:41 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2990.37161_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2009.06.16 15:42:40 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2990.36947__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.06.16 15:42:40 | 000,413,696 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2990.37161__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.06.16 15:42:40 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2990.37169__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.06.16 15:42:40 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2990.36911__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.06.16 15:42:40 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2990.37168__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.06.16 15:42:40 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.06.16 15:42:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.06.16 15:42:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2990.37194__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.06.16 15:42:40 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.06.16 15:42:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.06.16 15:42:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.06.16 15:42:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2009.06.16 15:42:40 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2990.37205__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2009.06.16 15:42:40 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2990.36910__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.06.16 15:42:39 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2990.36926__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.06.16 15:42:39 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2990.36911__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.06.16 15:42:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2990.36909__90ba9c70f846762e\APM.Server.dll
MOD - [2009.06.16 15:42:39 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2990.36910__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.06.16 15:42:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.06.16 15:42:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2990.37169__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.06.16 15:42:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.06.16 15:42:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.06.16 15:42:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.03.29 20:42:14 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.29 20:42:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.07.11 16:27:08 | 000,106,496 | ---- | M] () -- C:\Program Files\Silvercrest MTS2218 driver\keydll.dll
MOD - [2008.06.16 09:06:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Silvercrest MTS2218 driver\MouseHook.dll
MOD - [2008.03.09 15:01:08 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.02.20 16:30:04 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2006.05.04 06:58:56 | 000,998,912 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe
MOD - [2006.05.04 06:58:38 | 001,239,040 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vspdfdialogs100.bpl
MOD - [2006.05.04 06:58:38 | 000,237,056 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\expertpdf4core.bpl
MOD - [2006.05.04 06:58:36 | 003,014,656 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vspdfcore100.bpl
MOD - [2006.05.04 06:58:36 | 001,026,048 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vsvector100.bpl
MOD - [2006.05.04 06:58:36 | 000,230,912 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vspdfeditor100.bpl
MOD - [2006.04.15 06:34:26 | 000,568,320 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\TMSlite100.bpl
MOD - [2006.03.02 20:39:28 | 001,844,224 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\te100.bpl
MOD - [2006.03.02 20:33:18 | 000,444,928 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\VirtualTree100.bpl
MOD - [2006.03.02 20:28:36 | 000,139,776 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\uoolep100.bpl
MOD - [2006.03.02 20:01:50 | 000,071,168 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\VSDesktop100.bpl
MOD - [2006.03.02 19:57:48 | 000,383,488 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\visage100.bpl
MOD - [2006.03.02 19:55:22 | 000,089,088 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vsmisc100.bpl
MOD - [2005.12.26 13:20:52 | 002,098,176 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\PKIECtrl100.bpl
MOD - [2003.08.22 07:23:16 | 000,225,792 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\sqlite.dll
========== Services (SafeList) ==========
SRV - [2013.02.05 06:40:37 | 000,865,792 | ---- | M] () [Auto | Running] -- C:\Users\sb-geb\AppData\Local\Temp\OCS\Downloads\d340164aef134ca45f5d3a3a8b8d1b79\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe -- (AddonsHelper)
SRV - [2013.01.12 11:17:12 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.12.05 02:40:03 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe -- (N360)
SRV - [2010.06.14 14:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.13 15:36:21 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010.03.13 15:36:17 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.08.31 10:43:46 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files\Join Air\AssistantServices.exe -- (UI Assistant Service)
SRV - [2009.08.21 15:24:02 | 000,070,336 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Haufe\iDesk\iDeskService\ideskservice.exe -- (HRService)
SRV - [2009.08.13 14:54:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2009.02.10 08:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.05.30 01:17:38 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2008.05.20 17:50:50 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008.02.25 01:00:00 | 000,364,544 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\drivers\int15.sys -- (int15)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - [2013.01.16 06:41:39 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130206.006\NAVEX15.SYS -- (NAVEX15)
DRV - [2013.01.16 06:41:39 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130206.006\NAVENG.SYS -- (NAVENG)
DRV - [2013.01.16 03:51:12 | 000,997,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130116.013\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013.01.12 11:09:43 | 000,105,728 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaura.sys -- (avmaura)
DRV - [2013.01.11 16:34:02 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130205.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012.12.15 21:27:39 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.10.09 02:00:02 | 000,586,400 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\1402010.016\srtsp.sys -- (SRTSP)
DRV - [2012.10.04 02:40:35 | 000,927,904 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1402010.016\symefa.sys -- (SymEFA)
DRV - [2012.10.04 02:40:20 | 000,368,288 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1402010.016\symds.sys -- (SymDS)
DRV - [2012.09.20 05:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.09.20 05:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.09.07 03:05:14 | 000,350,368 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1402010.016\symtdiv.sys -- (SYMTDIv)
DRV - [2012.09.07 02:48:08 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1402010.016\ironx86.sys -- (SymIRON)
DRV - [2012.08.22 20:04:45 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012.08.20 20:49:49 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1402010.016\ccsetx86.sys -- (ccSet_N360)
DRV - [2012.08.09 05:35:42 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.05.24 22:36:56 | 000,032,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1402010.016\srtspx.sys -- (SRTSPX)
DRV - [2012.03.02 15:03:00 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2012.03.02 15:03:00 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2012.03.02 15:03:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2011.09.15 15:28:55 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaudio.sys -- (avmaudio)
DRV - [2009.12.11 17:13:36 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2009.10.03 09:01:15 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.10.03 09:01:02 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.09.29 07:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 07:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 07:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009.04.22 16:35:04 | 000,009,728 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009.02.02 18:14:20 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.02.02 18:14:20 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.02.02 18:14:20 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008.12.17 13:42:50 | 000,018,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFilter.SYS -- (KMWDFilter)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.02 05:40:48 | 000,175,632 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008.03.09 15:58:42 | 003,533,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.12.19 01:00:00 | 000,401,920 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV - [2007.11.07 02:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV - [2006.10.30 04:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\..\URLSearchHook: {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Program Files\WiseConvert_1.3\prxtbWise.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {721061fb-eb79-4568-a03c-3ce26d68dae9}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=dsse
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=390&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=6085727531724040&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2843456
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Google [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Program Files\WiseConvert_1.3\prxtbWise.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {721061fb-eb79-4568-a03c-3ce26d68dae9}
IE - HKCU\..\SearchScopes\{0FC6DC25-5303-4C4C-A799-12F5D948D3C4}: "URL" = hxxp://go.web.de/suchbox/google?q={searchTerms}
IE - HKCU\..\SearchScopes\{32C99870-D78F-4068-808B-3A4EB56D006D}: "URL" = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
IE - HKCU\..\SearchScopes\{477BB521-8C51-471C-9CB2-2C8BBB6097BD}: "URL" = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ADRA_deDE451
IE - HKCU\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=dsse
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=390&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=6085727531724040&q={searchTerms}
IE - HKCU\..\SearchScopes\{B3D5209D-9CCC-4326-9C1B-9E50A8F30A6F}: "URL" = hxxp://go.1und1.de/br/ie8_search_amazon/?keywords={searchTerms}
IE - HKCU\..\SearchScopes\{B4FC88E2-72F6-4E28-97DD-518AE2D73EAF}: "URL" = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
IE - HKCU\..\SearchScopes\{C839F9CD-0C18-4292-98E9-7748C172D5AB}: "URL" = hxxp://go.1und1.de/br/ie8_search_ebay/?q={searchTerms}
IE - HKCU\..\SearchScopes\{D6B3C5E3-7061-4692-A44F-1C5B142C286A}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=1a963cce-5cab-499c-83da-f9d55c21da6e&apn_sauid=337B36C4-4120-4706-BD69-9A5512841594
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406"
FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4
FF - prefs.js..extensions.enabledAddons: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.5.1.00
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: toolbar@ask.com:3.15.4.23821
FF - prefs.js..extensions.enabledAddons: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledAddons: {f34c9277-6577-4dff-b2d7-7d58092f272f}:1.0.0.12
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 3
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=390&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=6085727531724040&o=APN10645&q="
FF - prefs.js..network.proxy.no_proxies_on: "fritz.box"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013.02.06 20:42:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013.01.12 18:57:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.01 08:57:02 | 000,000,000 | ---D | M]
[2012.11.25 10:04:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sb-geb\AppData\Roaming\mozilla\Extensions
[2013.02.05 06:41:55 | 000,002,820 | ---- | M] () -- C:\Users\sb-geb\AppData\Roaming\mozilla\firefox\profiles\ea7elmfd.default\searchplugins\askcom.xml
[2012.11.25 10:04:09 | 000,002,687 | ---- | M] () -- C:\Users\sb-geb\AppData\Roaming\mozilla\firefox\profiles\ea7elmfd.default\searchplugins\Search_Results.xml
[2012.11.25 10:04:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.06.30 14:43:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012.11.25 10:04:29 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\WINDOWS ILIVID TOOLBAR\DATAMNGR\FIREFOXEXTENSION
File not found (No name found) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
File not found (No name found) -- C:\USERS\SB-GEB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EA7ELMFD.DEFAULT\EXTENSIONS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
File not found (No name found) -- C:\USERS\SB-GEB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EA7ELMFD.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
File not found (No name found) -- C:\USERS\SB-GEB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EA7ELMFD.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\USERS\SB-GEB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EA7ELMFD.DEFAULT\EXTENSIONS\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
File not found (No name found) -- C:\USERS\SB-GEB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EA7ELMFD.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
File not found (No name found) -- C:\USERS\SB-GEB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EA7ELMFD.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2012.05.28 10:17:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.06.22 06:04:23 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.06 07:29:54 | 000,001,400 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.06 07:29:54 | 000,001,679 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.02.06 07:29:54 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.06 07:29:54 | 000,006,818 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.25 10:04:09 | 000,002,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2013.02.05 06:41:55 | 000,001,278 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.06 07:29:54 | 000,000,903 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: Search
CHR - homepage: Search
CHR - Extension: No name found = C:\Users\sb-geb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\sb-geb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\sb-geb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
CHR - Extension: No name found = C:\Users\sb-geb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\sb-geb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (1und1 Konfiguration) - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)
O2 - BHO: (WiseConvert 1.3 Toolbar) - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Program Files\WiseConvert_1.3\prxtbWise.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.2.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.2.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc)
O2 - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (WiseConvert 1.3 Toolbar) - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Program Files\WiseConvert_1.3\prxtbWise.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.2.1.22\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.2.1.22\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe (Bandoo Media Inc)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UIExec] C:\Program Files\Join Air\UIExec.exe ()
O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Users\sb-geb\AppData\Local\Apps\2.0\Z32ND9MC.P9B\J4WNBKKH.82J\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe (AVM Berlin)
O4 - HKCU..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Domains: lexoffice.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: lexware.de ([lexlohn] http in Vertrauenswürdige Sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F88E6B7-CE6F-43E8-BFAD-599362BDF14B}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\haufereader - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files\Search Results Toolbar\Datamngr\datamngr.dll (Bandoo Media Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) - C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\sb-geb\Pictures\Unbenannt.jpg
O24 - Desktop BackupWallPaper: C:\Users\sb-geb\Pictures\Unbenannt.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{115eca96-3335-11df-bc1b-8000600fe800}\Shell - "" = AutoRun
O33 - MountPoints2\{115eca96-3335-11df-bc1b-8000600fe800}\Shell\AutoRun\command - "" = K:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX: >{CB987270-F1D7-4517-80FB-C9A1E3521067} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - File not found
MsConfig - StartUpReg: iCloudServices - hkey= - key= - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013.02.06 20:49:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\sb-geb\Desktop\OTL.exe
[2013.02.06 07:29:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\IO
[2013.02.05 06:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2013.02.05 06:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.02.05 06:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.02.05 06:41:56 | 000,000,000 | ---D | C] -- C:\Users\sb-geb\AppData\Roaming\Opera
[2013.02.05 06:41:40 | 000,000,000 | ---D | C] -- C:\Users\sb-geb\AppData\Local\SwvUpdater
[2013.02.05 06:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\DNSErrorHelper
[2013.02.05 06:40:50 | 000,000,000 | ---D | C] -- C:\Users\sb-geb\AppData\Roaming\OCS
[2013.02.05 06:40:50 | 000,000,000 | ---D | C] -- C:\Users\sb-geb\AppData\Roaming\DesktopIconForAmazon
[2013.02.04 18:23:43 | 000,000,000 | ---D | C] -- C:\Users\sb-geb\AppData\Roaming\Malwarebytes
[2013.02.04 18:23:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.04 18:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.04 18:23:33 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.02.04 18:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.29 20:58:52 | 000,000,000 | ---D | C] -- C:\Users\sb-geb\Desktop\Bilder
[2013.01.12 11:10:02 | 000,105,728 | ---- | C] (AVM Berlin) -- C:\Windows\System32\drivers\avmaura.sys
[2013.01.09 15:37:44 | 004,940,344 | ---- | C] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxXtreme110.dll
[2013.01.09 15:37:42 | 000,104,504 | ---- | C] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxUISettingsN100.dll
[2013.01.09 15:37:40 | 000,026,168 | ---- | C] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxTPSW100.dll
[2013.01.09 15:37:38 | 001,360,952 | ---- | C] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxTool110.dll
[2013.01.09 15:37:34 | 000,063,544 | ---- | C] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxPXTree100.dll
[2013.01.09 15:37:32 | 000,127,544 | ---- | C] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxMail100.dll
[2013.01.09 15:37:16 | 000,207,416 | ---- | C] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxBasics100.dll
[2011.03.26 11:04:52 | 000,245,760 | ---- | C] (Ask.com) -- C:\Program Files\Uninstall Ask Toolbar.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.02.06 20:49:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sb-geb\Desktop\OTL.exe
[2013.02.06 20:42:57 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2013.02.06 20:39:12 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.06 20:39:12 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.06 20:39:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.06 20:38:59 | 2951,929,856 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.06 13:23:35 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.02.06 13:16:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.06 13:02:12 | 000,002,591 | ---- | M] () -- C:\Users\sb-geb\Desktop\Microsoft Office Word 2007.lnk
[2013.02.06 07:33:33 | 000,006,972 | ---- | M] () -- C:\Users\sb-geb\Desktop\SB-Gebäudedienstleistungen\Kunden\cc_20130206_073326.reg
[2013.02.05 06:57:55 | 000,022,082 | ---- | M] () -- C:\Users\sb-geb\Desktop\SB-Gebäudedienstleistungen\Kunden\cc_20130205_065750.reg
[2013.02.05 06:42:18 | 000,000,805 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.02.04 18:23:36 | 000,000,907 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.26 09:55:41 | 017,751,803 | ---- | M] () -- C:\Users\sb-geb\Desktop\expertpdf_v_4_softonic_deu.zip
[2013.01.26 09:22:31 | 000,000,072 | ---- | M] () -- C:\Windows\EurekaLog.ini
[2013.01.24 06:44:45 | 002,422,876 | ---- | M] () -- C:\Windows\System32\drivers\N360\1402010.016\Cat.DB
[2013.01.24 06:43:58 | 000,014,818 | ---- | M] () -- C:\Windows\System32\drivers\N360\1402010.016\VT20130115.021
[2013.01.23 21:37:26 | 000,000,680 | ---- | M] () -- C:\Users\sb-geb\AppData\Local\d3d9caps.dat
[2013.01.14 19:08:55 | 005,471,132 | ---- | M] () -- C:\Users\sb-geb\LFO1703_130114_190846.zip
[2013.01.14 19:06:04 | 000,000,222 | ---- | M] () -- C:\Windows\DTABegleit.INI
[2013.01.14 19:01:22 | 000,647,170 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.14 19:01:22 | 000,131,986 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.14 19:01:22 | 000,017,812 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.14 19:01:22 | 000,011,430 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.13 14:51:15 | 000,345,416 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.12 11:35:32 | 000,002,735 | ---- | M] () -- C:\Users\Public\Desktop\Lexware financial office.lnk
[2013.01.12 11:09:43 | 000,105,728 | ---- | M] (AVM Berlin) -- C:\Windows\System32\drivers\avmaura.sys
[2013.01.10 08:46:06 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\1402010.016\isolate.ini
[2013.01.09 15:37:44 | 004,940,344 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxXtreme110.dll
[2013.01.09 15:37:42 | 000,104,504 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxUISettingsN100.dll
[2013.01.09 15:37:40 | 000,026,168 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxTPSW100.dll
[2013.01.09 15:37:38 | 001,360,952 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxTool110.dll
[2013.01.09 15:37:34 | 000,063,544 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxPXTree100.dll
[2013.01.09 15:37:32 | 000,127,544 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxMail100.dll
[2013.01.09 15:37:16 | 000,207,416 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Windows\System32\LxBasics100.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.02.06 07:33:30 | 000,006,972 | ---- | C] () -- C:\Users\sb-geb\Desktop\SB-Gebäudedienstleistungen\Kunden\cc_20130206_073326.reg
[2013.02.05 06:57:53 | 000,022,082 | ---- | C] () -- C:\Users\sb-geb\Desktop\SB-Gebäudedienstleistungen\Kunden\cc_20130205_065750.reg
[2013.02.05 06:42:17 | 000,000,805 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.02.05 06:41:45 | 000,000,360 | ---- | C] () -- C:\Windows\tasks\AmiUpdXp.job
[2013.02.04 18:23:36 | 000,000,907 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.26 09:55:15 | 017,751,803 | ---- | C] () -- C:\Users\sb-geb\Desktop\expertpdf_v_4_softonic_deu.zip
[2013.01.14 19:08:50 | 005,471,132 | ---- | C] () -- C:\Users\sb-geb\LFO1703_130114_190846.zip
[2013.01.12 11:46:40 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.01.12 11:46:40 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.20 17:13:54 | 005,236,421 | ---- | C] () -- C:\Users\sb-geb\(SYS)LFO1702_121220_171340.zip
[2012.10.07 12:23:10 | 000,207,488 | ---- | C] () -- C:\Windows\System32\LXPrnUtil10.dll
[2012.10.07 12:23:08 | 000,138,368 | ---- | C] () -- C:\Windows\System32\LxDNTvmc100.dll
[2012.10.07 12:23:08 | 000,074,368 | ---- | C] () -- C:\Windows\System32\LxDNTvm100.dll
[2012.10.07 12:23:06 | 000,318,592 | ---- | C] () -- C:\Windows\System32\LxDNT100.dll
[2012.09.26 19:57:16 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.08.11 09:31:21 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2012.08.11 09:31:21 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2012.05.29 14:10:12 | 000,000,043 | ---- | C] () -- C:\Windows\FAFirmAssi.INI
[2012.05.20 10:23:18 | 000,000,081 | ---- | C] () -- C:\Windows\loge.dat
[2012.04.29 13:07:54 | 000,000,144 | ---- | C] () -- C:\Windows\PCFK32.INI
[2012.04.27 10:43:55 | 000,000,043 | ---- | C] () -- C:\Windows\FAStdCompany.INI
[2012.04.17 19:06:32 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012.04.03 14:25:45 | 000,013,065 | ---- | C] () -- C:\Users\sb-geb\AppData\Roaming\Microsoft Excel 97-2003.CAL
[2012.04.03 14:25:04 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.04.01 10:41:55 | 000,038,429 | ---- | C] () -- C:\Users\sb-geb\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2011.10.08 09:20:59 | 000,122,048 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.05.13 09:03:16 | 000,303,104 | ---- | C] () -- C:\Windows\System32\dnt27VC8.dll
[2011.05.13 09:01:22 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dntvmc27VC8.dll
[2011.05.13 09:01:00 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dntvm27VC8.dll
[2011.04.18 22:24:21 | 000,000,072 | ---- | C] () -- C:\Windows\EurekaLog.ini
[2011.04.10 08:41:29 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.04.08 07:43:36 | 000,000,038 | ---- | C] () -- C:\Windows\System32\ZX9EQJT7_{1CA6066F-60D2-4E22-B07F-49FFF1E2E5CB}.dat
[2010.12.10 11:50:01 | 000,001,628 | ---- | C] () -- C:\Users\sb-geb\.recently-used.xbel
[2010.05.23 10:55:49 | 000,024,206 | ---- | C] () -- C:\Users\sb-geb\AppData\Roaming\UserTile.png
[2010.03.13 13:06:06 | 000,000,680 | ---- | C] () -- C:\Users\sb-geb\AppData\Local\d3d9caps.dat
[2010.03.01 19:40:25 | 000,001,774 | ---- | C] () -- C:\Users\sb-geb\AppData\Roaming\wklnhst.dat
[2010.02.17 17:45:44 | 000,017,408 | ---- | C] () -- C:\Users\sb-geb\AppData\Local\WebpageIcons.db
[2009.11.25 12:55:03 | 000,000,680 | RHS- | C] () -- C:\Users\sb-geb\ntuser.pol
[2009.09.21 16:06:44 | 000,033,280 | ---- | C] () -- C:\Users\sb-geb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009.10.27 13:30:43 | 000,000,000 | -HSD | M] -- C:\Users\sb-geb\AppData\Roaming\.#
[2009.06.16 15:46:23 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Acer GameZone Console
[2009.10.18 15:29:57 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\AmuletAdventure
[2011.04.21 19:13:34 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\BitZipper
[2009.10.11 19:24:19 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\BloodTies
[2009.10.10 14:39:37 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Boomzap
[2012.04.17 19:07:34 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Buhl Data Service
[2011.12.15 13:06:57 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Canon
[2010.01.13 15:50:19 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\cerasus.media
[2012.07.19 15:11:54 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2009.09.16 21:35:11 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\DataDesign
[2013.02.06 07:26:21 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\DesktopIconForAmazon
[2012.01.30 08:14:46 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Dropbox
[2011.07.21 20:30:50 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\DVDVideoSoft
[2011.07.21 20:29:44 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.05.13 12:25:12 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\ERS G-Studio
[2010.05.07 07:11:28 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\eXPert PDF Editor
[2011.09.14 18:42:09 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\FRITZ!
[2012.01.15 14:51:38 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\GetRightToGo
[2010.10.29 08:16:06 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\GrassGames
[2010.12.10 11:50:01 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\gtk-2.0
[2010.01.08 13:12:33 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Haufe
[2009.12.10 17:03:48 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\HdO Adventure
[2009.09.20 12:08:18 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Hoellische Nachbarn
[2012.05.27 09:24:07 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Lexware
[2009.10.02 15:53:35 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Meridian93
[2010.07.26 18:55:31 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Nevosoft Games
[2013.02.05 06:40:50 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\OCS
[2009.09.16 21:46:30 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\OpenOffice.org
[2013.02.05 06:41:56 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Opera
[2010.07.10 18:36:54 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Panda Security
[2010.07.09 18:15:23 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\PC Suite
[2010.05.23 10:55:49 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\PeerNetworking
[2010.04.22 12:11:41 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Playrix Entertainment
[2011.09.01 13:21:37 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Registry Mechanic
[2011.07.16 20:07:38 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Rovio
[2012.10.24 17:13:10 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Samsung
[2010.10.29 06:58:42 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\SmartTools
[2010.07.29 05:25:15 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\SurfSecret Privacy Suite
[2010.03.01 19:40:27 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\Template
[2012.10.26 17:08:50 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\TuneUp Software
[2011.01.06 21:21:11 | 000,000,000 | ---D | M] -- C:\Users\sb-geb\AppData\Roaming\XnView
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2009.11.25 15:18:37 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2009.10.05 15:48:59 | 000,000,000 | ---D | M] -- C:\ACER
[2009.09.15 12:03:45 | 000,000,000 | ---D | M] -- C:\ACERSW
[2012.01.15 18:42:21 | 000,000,000 | ---D | M] -- C:\AirPrint
[2009.01.11 13:49:23 | 000,000,000 | ---D | M] -- C:\book
[2012.04.27 07:21:30 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.04.25 18:21:28 | 000,000,000 | ---D | M] -- C:\dakotaag
[2009.09.27 17:08:11 | 000,000,000 | ---D | M] -- C:\divx
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.09.15 11:56:50 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.09.15 13:08:20 | 000,000,000 | ---D | M] -- C:\drivers
[2009.10.02 15:42:36 | 000,000,000 | ---D | M] -- C:\EGIS_Drive
[2009.10.03 11:08:16 | 000,000,000 | ---D | M] -- C:\Lxk1100
[2009.10.03 10:55:24 | 000,000,000 | ---D | M] -- C:\MFT 121705
[2009.01.11 12:49:09 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.02.03 20:10:19 | 000,000,000 | ---D | M] -- C:\N360_BACKUP
[2010.08.21 16:59:42 | 000,000,000 | ---D | M] -- C:\OEM
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.02.06 20:38:58 | 000,000,000 | ---D | M] -- C:\Program Files
[2013.02.06 07:26:43 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.09.15 11:56:50 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.02.06 21:01:50 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.12.03 13:37:01 | 000,000,000 | ---D | M] -- C:\temp
[2009.11.25 15:18:24 | 000,000,000 | R--D | M] -- C:\Users
[2013.02.06 20:42:52 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2006.11.02 10:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.04.10 22:27:18 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 14:01:49 | 000,032,530 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.10.01 17:04:25 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.10.01 17:04:28 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.05.10 05:30:42 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.02.05 06:41:45 | 000,000,360 | ---- | C] () -- C:\Windows\Tasks\AmiUpdXp.job
< MD5 for: AGP440.SYS >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: AHCIX86S.SYS >
[2007.08.08 05:55:08 | 000,122,880 | ---- | M] (Promise Technology, Inc.) MD5=4283A0F3A9557EB133D2BA8979747A77 -- C:\ACER\Preload\Autorun\DRV\ATI Chipset RS780 RS740+SB700\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys
[2008.04.02 05:40:48 | 000,175,632 | ---- | M] (AMD Technologies Inc.) MD5=844A6734E8BB3530FB1444ED698087BD -- C:\ACER\Preload\MSDRV\ahcix86s.sys
[2008.04.02 05:40:48 | 000,175,632 | ---- | M] (AMD Technologies Inc.) MD5=844A6734E8BB3530FB1444ED698087BD -- C:\Windows\System32\drivers\ahcix86s.sys
[2008.04.02 05:40:48 | 000,175,632 | R--- | M] (AMD Technologies Inc.) MD5=844A6734E8BB3530FB1444ED698087BD -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_4886f1e9\ahcix86s.sys
< MD5 for: ATAPI.SYS >
[2009.04.10 22:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.10 22:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.10 22:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.22 05:59:12 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=76D70915EB81608DC6ACA87887FAB38F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22120_none_ddac250d3ab7a648\atapi.sys
[2008.02.22 06:03:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=92210921EEFC081693F649C3631DEEC2 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_3d9c5057\atapi.sys
[2008.02.22 06:03:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=92210921EEFC081693F649C3631DEEC2 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18023_none_dd25892021975283\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTORV.SYS >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.10 22:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.10 22:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.10 22:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.10 22:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.10 22:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.10 22:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.10 22:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.10 22:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.01.11 20:11:43 | 013,115,392 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2009.01.11 20:11:34 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2009.01.11 20:11:43 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2009.01.11 20:11:52 | 017,633,280 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2009.01.11 20:11:54 | 006,680,576 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[2008.03.09 15:01:18 | 000,372,736 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
< %USERPROFILE%\*.* >
[2012.12.20 17:13:56 | 005,236,421 | ---- | M] () -- C:\Users\sb-geb\(SYS)LFO1702_121220_171340.zip
[2010.12.10 11:50:01 | 000,001,628 | ---- | M] () -- C:\Users\sb-geb\.recently-used.xbel
[2013.01.14 19:08:55 | 005,471,132 | ---- | M] () -- C:\Users\sb-geb\LFO1703_130114_190846.zip
[2013.02.06 21:25:40 | 006,029,312 | ---- | M] () -- C:\Users\sb-geb\ntuser.dat
[2013.02.06 21:25:40 | 000,262,144 | -H-- | M] () -- C:\Users\sb-geb\ntuser.dat.LOG1
[2009.09.15 12:01:05 | 000,000,000 | -H-- | M] () -- C:\Users\sb-geb\ntuser.dat.LOG2
[2012.04.27 07:21:37 | 000,065,536 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{20b7d881-9023-11e1-9590-002268681eaf}.TM.blf
[2012.04.27 07:21:37 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{20b7d881-9023-11e1-9590-002268681eaf}.TMContainer00000000000000000001.regtrans-ms
[2012.04.27 05:48:57 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{20b7d881-9023-11e1-9590-002268681eaf}.TMContainer00000000000000000002.regtrans-ms
[2011.09.02 10:03:02 | 000,065,536 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{3166ca1a-ad40-11df-ae75-001f3f029972}.TM.blf
[2011.09.02 10:03:02 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{3166ca1a-ad40-11df-ae75-001f3f029972}.TMContainer00000000000000000001.regtrans-ms
[2010.08.21 18:32:44 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{3166ca1a-ad40-11df-ae75-001f3f029972}.TMContainer00000000000000000002.regtrans-ms
[2009.10.03 12:13:43 | 000,065,536 | -HS- | M] () -- C:\Users\sb-geb\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2009.10.03 12:13:43 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009.09.15 13:12:35 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2013.01.12 09:39:53 | 000,065,536 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{5958b1be-9025-11e1-a8ac-002268681eaf}.TM.blf
[2013.01.12 09:39:53 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{5958b1be-9025-11e1-a8ac-002268681eaf}.TMContainer00000000000000000001.regtrans-ms
[2012.04.27 20:10:51 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{5958b1be-9025-11e1-a8ac-002268681eaf}.TMContainer00000000000000000002.regtrans-ms
[2010.08.21 18:08:26 | 000,065,536 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{67e2d672-b00d-11de-88cf-0009dd105f29}.TM.blf
[2010.08.21 18:08:26 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{67e2d672-b00d-11de-88cf-0009dd105f29}.TMContainer00000000000000000001.regtrans-ms
[2009.10.03 12:26:45 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{67e2d672-b00d-11de-88cf-0009dd105f29}.TMContainer00000000000000000002.regtrans-ms
[2012.04.26 19:56:52 | 000,065,536 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{9a9ecd46-d53b-11e0-a26d-002268681eaf}.TM.blf
[2012.04.26 19:56:51 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{9a9ecd46-d53b-11e0-a26d-002268681eaf}.TMContainer00000000000000000001.regtrans-ms
[2011.09.02 10:04:45 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{9a9ecd46-d53b-11e0-a26d-002268681eaf}.TMContainer00000000000000000002.regtrans-ms
[2013.02.06 13:23:16 | 000,065,536 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{b7065a29-5c97-11e2-8349-002268681eaf}.TM.blf
[2013.02.06 13:23:16 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{b7065a29-5c97-11e2-8349-002268681eaf}.TMContainer00000000000000000001.regtrans-ms
[2013.01.12 20:15:21 | 000,524,288 | -HS- | M] () -- C:\Users\sb-geb\ntuser.dat{b7065a29-5c97-11e2-8349-002268681eaf}.TMContainer00000000000000000002.regtrans-ms
[2009.09.15 12:01:05 | 000,000,020 | -HS- | M] () -- C:\Users\sb-geb\ntuser.ini
[2011.11.14 15:03:14 | 000,000,680 | RHS- | M] () -- C:\Users\sb-geb\ntuser.pol
[2009.10.03 16:39:04 | 000,021,504 | ---- | M] () -- C:\Users\sb-geb\Stephan Becker Tabellarischer Lebenslauf Sperber.doc
[2010.08.21 17:17:16 | 000,003,422 | ---- | M] () -- C:\Users\sb-geb\UpgKit.log
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:C48A983C
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:561B1D2B
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:798A3728
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:090FB735
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:AB689DEA
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:793F316E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:2634FC95
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:A42A9F39
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:F3176E45
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:DAFD38AE
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:E66FFABE
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:7CACEF61
< End of report >
--- --- ---
cordicordu |
AdwCleaner auf deinen Desktop.
WARNUNG an die MITLESER: 
Textbox.