Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Home.sweetim.com und Norton Antivirus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.10.2012, 10:41   #1
Rapunzel
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Hallo Ihr Lieben,
ich sitze im Moment an dem PC meiner Eltern und hier stimmen mal wieder ein paar Sachen nicht.
Erstens kommt bei Google Chrome immer die Seite Home.sweetim.com, da würde mich interessieren wie ich diese los werde!

Zweitens hatten meine Eltern den Norton AV drauf, dieser ist mittlerweile abgelaufen und sie haben Avast drauf. Trotzdem spukt der Norton noch herum, wenn meine Mutter von der Arbeit eine .doc Datei auf ihre Yahoo Emailadresse bekommt behauptet Norton es handle sich um einen Virus und die Datei werde gelöscht - diese lässt sich dann also weder speichern noch aufmachen. Wobei sie auch ganz sicher kein Virus ist oder beinhaltet. Kann mir hier bitte jemand helfen? Ich bin bis Dienstag Früh hier, danach fahren wir wieder nach Hause (300 km).
LG Rapunzel

Alt 28.10.2012, 12:54   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Zitat:
Trotzdem spukt der Norton noch herum
Vllt mal deinstallieren?
Von allein verschwindet das Programm nicht auch wenn es abgelaufen ist!


Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Alt 28.10.2012, 14:11   #3
Rapunzel
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Den Norton haben wir deinstalliert, er findet sich nicht mehr in der Liste der Programme.


Zum OTL. ich hab das kleine Problem, dass ich den gar nicht erst runterladen kann, da kommt die Fehlermeldung: C:\\Users\Edith\Downloads\OTL.exe konnte nicht gefunden werden. Stellen sie sicher, dass sie den richtigen Namen eingegeben haben und wiederholen sie den Vorgang. Die Meldung krieg ich wenn ich es mit GoogleChrome versuche, wenn ich es mit dem InternetExplorer versuche wird behauptet das Dokument hätte einen Virus enthalten und wurde gelöscht (genauso wie bei dem Word Dokument meiner Mutter)

Ich hatte auch grad versucht den Malewarebytes runter zu laden, da passiert das gleiche...
__________________

Geändert von Rapunzel (28.10.2012 um 14:21 Uhr)

Alt 28.10.2012, 15:07   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Zitat:
Den Norton haben wir deinstalliert, er findet sich nicht mehr in der Liste der Programme.
Und wie erklärst du dir, dass Norton trotzdem noch im System vorhanden ist?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.10.2012, 15:18   #5
Rapunzel
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Ich erkläre mir das gar nicht, er ist in der Liste der Programme nicht mehr zu finden. Meine Mutter wollte mir gestern zeigen, dass sich Downloads nicht öffnen lassen, ist in ihr Yahoo Postfach rein, hat eine Word datei angeklickt und es kam die Meldung dass die Datei angeblich einen Virus enthalten würde, da stand dann in dem Fenster auf der rechten Seite der Norton dabei, allerdings tauchte das Norton Symbol heut nicht mehr auf als ich versucht hab OTL zu downloaden. Ich hab keine Ahnung welches Programm oder welche Einstellung das downloaden verhindert. Gibt es noch eine andere Möglichkeit?


Alt 28.10.2012, 15:36   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Damit Norton bitte entfernen => https://www-secure.symantec.com/nort...=1&lg=en&ct=us
__________________
--> Home.sweetim.com und Norton Antivirus

Alt 28.10.2012, 18:38   #7
Rapunzel
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



anbei das OTL Logfile, Norton Deinstaller hab ich drüber laufen lassen - Danke

OTL Logfile:
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL logfile created on: 28.10.2012 18:05:08 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Edith\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,79% Memory free
6,20 Gb Paging File | 4,66 Gb Available in Paging File | 75,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,59 Gb Total Space | 115,77 Gb Free Space | 49,77% Space Free | Partition Type: NTFS
Drive D: | 348,93 Gb Total Space | 348,82 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Drive E: | 12,15 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: EDITH-PC | User Name: Edith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Edith\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Programme\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
PRC - C:\Programme\NetRatingsNetSight\NetSight\NielsenUpdate.exe (The Nielsen Company)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
PRC - C:\Programme\Acer\Empowering Technology\Framework.Launcher.exe ()
PRC - C:\Programme\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe (acer)
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Programme\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\meter7\npfirefoxprocessor.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\meter7\npwmi.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\meter7\npsurvey.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\meter7\npsp1.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\meter7\communication.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\nsmmc.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\Google\Google Desktop Search\gzlib.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3009.0__739b31b1908c49e5\Framework.UIComponent.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll ()
MOD - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll ()
MOD - C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
MOD - C:\Programme\Acer\Empowering Technology\Framework.Launcher.exe ()
MOD - C:\Programme\Acer\Empowering Technology\Framework.Presenter.dll ()
MOD - C:\Programme\Acer\Empowering Technology\de\Framework.AppBar.resources.dll ()
MOD - C:\Programme\Acer\Empowering Technology\Framework.AppBar.dll ()
MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Programme\Acer\Empowering Technology\eSettings\eSettings.QuickMenu.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (avast! Firewall) -- C:\Programme\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV - (ogmservice) -- C:\Programme\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
SRV - (NielsenUpdate) -- C:\Programme\NetRatingsNetSight\NetSight\NielsenUpdate.exe (The Nielsen Company)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (eDataSecurity Service) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (nnfwdk) -- C:\Programme\NetRatingsNetSight\NetSight\meter7\nnfwdk.sys (The Nielsen Company)
DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (tvicport) -- C:\Windows\System32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (ahcix86s) -- C:\Windows\System32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vb32&d=0908&m=aspire_m1201
IE - HKLM\..\URLSearchHook: {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2843456
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vb32&d=0908&m=aspire_m1201
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\..\SearchScopes\{181DC6FE-6D1D-4817-A41E-8BBBAB8A0928}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Edith\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Edith\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
 
[2012.05.06 17:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edith\AppData\Roaming\mozilla\Extensions
[2012.05.06 17:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edith\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
 
========== Chrome  ==========
 
CHR - homepage: hxxp://home.sweetim.com/?crg=3.02010003&st=12&barid={8EF9C8D5-6BBD-4F5F-A082-4CA5E908351A}
CHR - default_search_provider: SweetIM Search (Enabled)
CHR - default_search_provider: search_url = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={8EF9C8D5-6BBD-4F5F-A082-4CA5E908351A}
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://home.sweetim.com/?crg=3.02010003&st=12&barid={8EF9C8D5-6BBD-4F5F-A082-4CA5E908351A}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Edith\AppData\Local\Google\Chrome\Application\22.0.1229.96\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Edith\AppData\Local\Google\Chrome\Application\22.0.1229.96\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Edith\AppData\Local\Google\Chrome\Application\22.0.1229.96\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: NielsenOnline (Enabled) = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.3.0_0\chrometracker.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Edith\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: AT_EdwardMonkton = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\booflobnmaoihdbknliaicjbfdndgamf\2_0\
CHR - Extension: Google-Suche = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1473_0\
CHR - Extension: SweetIM for Facebook = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: Nielsen = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.7.2_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.0.0.1_0\
CHR - Extension: Google Mail = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: YouTube = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: AT_EdwardMonkton = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\booflobnmaoihdbknliaicjbfdndgamf\2_0\
CHR - Extension: Google-Suche = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1473_0\
CHR - Extension: SweetIM for Facebook = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: Nielsen = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.7.2_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.0.0.1_0\
CHR - Extension: Google Mail = C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Bigpoint Games DE Toolbar) - {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O3 - HKLM\..\Toolbar: (Bigpoint Games DE Toolbar) - {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O3 - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\..\Toolbar\WebBrowser: (Bigpoint Games DE Toolbar) - {0E3DBC69-A682-48DA-84E1-82C63A5D678E} - C:\Programme\Bigpoint_Games_DE\prxtbBig0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NielsenOnline] C:\Programme\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe File not found
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - Startup: C:\Users\Edith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Common Files\microsoft shared\Encarta Researcher\EROPROJ.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\..Trusted Domains: localhost ([]http in Lokales Intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} hxxp://acerde.oberon-media.com/online/online2/zuma/oberongamesloader.cab (OberongamesLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96895559-8754-4D3B-8B4B-1A2717C5CBFC}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\msero {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Programme\Common Files\microsoft shared\Encarta Researcher\MSERO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Edith\Pictures\ApfelBrombeer[2].JPG
O24 - Desktop BackupWallPaper: C:\Users\Edith\Pictures\ApfelBrombeer[2].JPG
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ea62eb42-af7b-11e0-9a05-002268049f90}\Shell - "" = AutoRun
O33 - MountPoints2\{ea62eb42-af7b-11e0-9a05-002268049f90}\Shell\AutoRun\command - "" = L:\Password.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.28 18:03:42 | 010,669,952 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Edith\Desktop\mbam-setup-1.65.1.1000.exe
[2012.10.28 18:03:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Edith\Desktop\OTL.exe
[2012.10.28 10:30:39 | 000,000,000 | ---D | C] -- C:\Users\Edith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2012.10.22 09:33:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.10.10 08:37:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.10.10 08:36:47 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.10.10 08:36:45 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.28 18:00:13 | 000,000,558 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Edith.job
[2012.10.28 17:50:22 | 010,669,952 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Edith\Desktop\mbam-setup-1.65.1.1000.exe
[2012.10.28 17:47:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Edith\Desktop\OTL.exe
[2012.10.28 17:27:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523784361-1419484075-2864972026-1000UA.job
[2012.10.28 17:11:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.28 16:30:26 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.28 16:30:26 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.28 14:09:07 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.10.28 14:00:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.28 10:36:16 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.28 10:36:15 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.28 10:36:15 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.28 10:36:15 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.28 10:30:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012.10.28 10:30:20 | 3220,365,312 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.28 09:26:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523784361-1419484075-2864972026-1000Core.job
[2012.10.27 14:58:25 | 000,000,104 | ---- | M] () -- C:\Users\Edith\Desktop\Papierkorb - Verknüpfung.lnk
[2012.10.23 12:18:34 | 000,738,504 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.10.23 12:18:34 | 000,360,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.10.23 12:18:34 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.10.23 12:18:34 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.10.23 12:18:33 | 000,199,320 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2012.10.23 12:18:33 | 000,058,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.10.23 12:18:32 | 000,106,560 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2012.10.23 12:18:32 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.10.23 12:18:32 | 000,020,624 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2012.10.23 12:17:48 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.10.23 12:17:38 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.10.22 09:31:30 | 000,000,232 | ---- | M] () -- C:\Users\Edith\Desktop\Search the Web.url
[2012.10.16 12:11:54 | 000,010,752 | ---- | M] () -- C:\Users\Edith\Documents\Nachhilfeschüler.xlr
[2012.10.16 12:11:54 | 000,004,962 | ---- | M] () -- C:\Users\Edith\AppData\Roaming\wklnhst.dat
[2012.10.09 08:19:11 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.10.09 08:19:10 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.27 14:58:25 | 000,000,104 | ---- | C] () -- C:\Users\Edith\Desktop\Papierkorb - Verknüpfung.lnk
[2012.10.22 09:31:30 | 000,000,232 | ---- | C] () -- C:\Users\Edith\Desktop\Search the Web.url
[2012.05.28 08:16:45 | 000,000,209 | ---- | C] () -- C:\Windows\settings.ini
[2011.03.06 15:08:24 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.10.29 13:13:59 | 000,000,680 | ---- | C] () -- C:\Users\Edith\AppData\Local\d3d9caps.dat
[2010.05.29 19:09:18 | 002,316,435 | ---- | C] () -- C:\Users\Edith\schmehle2.jpg
[2010.05.29 19:08:52 | 002,026,392 | ---- | C] () -- C:\Users\Edith\schmehle1.jpg
[2010.05.29 19:08:21 | 002,139,614 | ---- | C] () -- C:\Users\Edith\schmehle.jpg
[2009.08.20 19:19:21 | 000,052,224 | ---- | C] () -- C:\Users\Edith\Zeitungsliste.xlr
[2009.05.26 10:40:31 | 000,004,962 | ---- | C] () -- C:\Users\Edith\AppData\Roaming\wklnhst.dat
[2009.05.14 20:10:21 | 000,027,648 | ---- | C] () -- C:\Users\Edith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.13 23:40:24 | 000,007,090 | ---- | C] () -- C:\Users\Edith\AppData\Local\slot1.mm1
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 407 bytes -> C:\ProgramData\TEMP:B890E098
@Alternate Data Stream - 405 bytes -> C:\ProgramData\TEMP:80873EE2
@Alternate Data Stream - 403 bytes -> C:\ProgramData\TEMP:AB985F7C
@Alternate Data Stream - 402 bytes -> C:\ProgramData\TEMP:F0A4F95E
@Alternate Data Stream - 402 bytes -> C:\ProgramData\TEMP:3A35C29C
@Alternate Data Stream - 400 bytes -> C:\ProgramData\TEMP:C72E5875
@Alternate Data Stream - 397 bytes -> C:\ProgramData\TEMP:E1A68E67
@Alternate Data Stream - 397 bytes -> C:\ProgramData\TEMP:CB66E9B7
@Alternate Data Stream - 397 bytes -> C:\ProgramData\TEMP:9A071EA2
@Alternate Data Stream - 396 bytes -> C:\ProgramData\TEMP:B203B914
@Alternate Data Stream - 395 bytes -> C:\ProgramData\TEMP:D4CD7005
@Alternate Data Stream - 394 bytes -> C:\ProgramData\TEMP:94C8B75E
@Alternate Data Stream - 394 bytes -> C:\ProgramData\TEMP:44B5FE44
@Alternate Data Stream - 393 bytes -> C:\ProgramData\TEMP:28A1F3CB
@Alternate Data Stream - 392 bytes -> C:\ProgramData\TEMP:CE1DA626
@Alternate Data Stream - 391 bytes -> C:\ProgramData\TEMP:E96C83D4
@Alternate Data Stream - 390 bytes -> C:\ProgramData\TEMP:BE03B635
@Alternate Data Stream - 390 bytes -> C:\ProgramData\TEMP:92B1F486
@Alternate Data Stream - 390 bytes -> C:\ProgramData\TEMP:5177EEE7
@Alternate Data Stream - 390 bytes -> C:\ProgramData\TEMP:387A6F49
@Alternate Data Stream - 388 bytes -> C:\ProgramData\TEMP:A060A953
@Alternate Data Stream - 385 bytes -> C:\ProgramData\TEMP:1F3EEC32
@Alternate Data Stream - 384 bytes -> C:\ProgramData\TEMP:F85284EA
@Alternate Data Stream - 384 bytes -> C:\ProgramData\TEMP:02067B2A
@Alternate Data Stream - 382 bytes -> C:\ProgramData\TEMP:D6BDD51E
@Alternate Data Stream - 382 bytes -> C:\ProgramData\TEMP:B01C2351
@Alternate Data Stream - 382 bytes -> C:\ProgramData\TEMP:4C96DCB8
@Alternate Data Stream - 382 bytes -> C:\ProgramData\TEMP:453C1FA2
@Alternate Data Stream - 381 bytes -> C:\ProgramData\TEMP:3CC5A5D1
@Alternate Data Stream - 380 bytes -> C:\ProgramData\TEMP:FEE5129B
@Alternate Data Stream - 380 bytes -> C:\ProgramData\TEMP:FBC7D82D
@Alternate Data Stream - 379 bytes -> C:\ProgramData\TEMP:9060A47A
@Alternate Data Stream - 376 bytes -> C:\ProgramData\TEMP:804A4210
@Alternate Data Stream - 369 bytes -> C:\ProgramData\TEMP:E5E4A530
@Alternate Data Stream - 367 bytes -> C:\ProgramData\TEMP:4B476508
@Alternate Data Stream - 365 bytes -> C:\ProgramData\TEMP:5A05820A
@Alternate Data Stream - 361 bytes -> C:\ProgramData\TEMP:8BC965A1
@Alternate Data Stream - 357 bytes -> C:\ProgramData\TEMP:1D32EC29
@Alternate Data Stream - 353 bytes -> C:\ProgramData\TEMP:DE3A8059
@Alternate Data Stream - 353 bytes -> C:\ProgramData\TEMP:83FDB6DC
@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:94B65E3C
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:BA660D25
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:EF20E652
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:07E55929
@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:C7F76735
@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:9F9D57FD
@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:2C16E576
@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:20D0F267
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:E1B0CF05
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:5690D76E
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:A2FC7F08
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:92298B59
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:683BD5A8
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:65AAB2AD
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:26B7B9EA
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:0B32B6C9
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:E779F65A
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:C0601E00
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:874EE5CB
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:7A30DA6A
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:E1031541
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:9959803A
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:1E3397DC
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:1DECED1B
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:1C93E55E
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:1960DAF2
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:9AB338B9
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:9A7901A9
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:9756362E
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:7CACEF61
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:4CD2D817
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:3D11302A
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:2D6D1D25
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:21637AEC
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:1B1330FD
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:1A60DE96
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:05816AFA
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:05650B69
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:0105A66F
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:EDE8EA85
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:E189EC1B
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:CD6978FC
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:ACFD5043
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:AC57032B
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:A5808D58
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:A118E9A3
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:9CD61266
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:9A842F5C
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:942BD321
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:61FB58C9
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:3EEE7620
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:3B9582E0
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:FEF919E6
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:E7F71472
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:E35A81F4
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:DB4758C6
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:BAE8784F
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:A967571A
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:9F36615A
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:8FF962C6
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:7FB8A209
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:7F66BF58
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:68C4BECC
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:3C75E5BE
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:2FF4577A
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:049C87B7
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:F62CAE78
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:EF4B1DA9
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:EDED3240
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:EC36F550
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:D8A7F3FF
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:D16E7091
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:C9F873D0
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:C5C5F2F2
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:B1B9AE56
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:B110897C
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:AE78B77A
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:99A72E3A
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:81C88EA7
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:7991541F
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:700B8E2E
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:5E0617AC
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:21745EE1
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:01D3D7F4
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:ECB488E5
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:E6E9EB6C
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:E10DCAF3
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:DB365884
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:D16A56DE
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:BA4AE5FC
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:ACDADE10
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:AB554F94
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:9BE4A88F
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:948CDB3D
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:6B9828AE
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:5E748D4C
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:5E4A7758
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:56530ABD
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:4EB84EC1
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:41326804
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:2E0A3B1D
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:26EE282C
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:24AB14E7
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:23A1F55B
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:20FFCF0B
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:1D9ED8F7
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:158CC5FF
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:0EC9720B
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:05113FB9
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:FC89CE5A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:EC4E61E4
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:CD9B334A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:BD8705CE
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:ABD3B354
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:A68B9D77
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:8FC027DE
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:88BFF41D
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:794BB94F
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:742F1EE5
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:4D3513A5
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:3BAD46F6
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:26C2E4B1
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:17FF6514
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:0AE8FC60
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:FDAF118C
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:FD20BDA6
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:F59916B9
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:DE22D45C
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:ABA71843
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:730BC923
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:5A27D490
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:53992C73
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:3612C9BE
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:2D1BE4C6
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:24DC7949
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:2085D07D
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:EBE4F6FC
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:E463CA56
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:E3AFC61E
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:E1069F99
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:CF2C26D2
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:CEED62ED
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:C3A4217C
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:BAD88AD2
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8D79965B
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8AD1F2E0
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:82C50600
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:77271429
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:6B5A665E
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:53F381F1
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:531637AD
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:442B1B91
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:3EA1C214
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:29DA7FEE
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:18295838
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0651F96C
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:06253D7D
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0207454C
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:FA8ADCCD
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:F19EC797
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:CBCE0A92
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:C226A7C2
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:B8B102B9
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:7C4DCB5B
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:765C6A14
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:593E515D
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:43ABA97D
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:375B96CE
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:34BCB6A9
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:226A6E31
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0C5A6770
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:F79DAA38
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E60D24D7
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:C8E9D804
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:C104B0EF
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:9B750A13
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:97AB2056
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:7E100A8C
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:6A16A184
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:60D0CFE2
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:48529647
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:45BC0AAA
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:3965C4E8
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:37CE0F2E
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:204BEE0F
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:16A2C6C0
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0E37A445
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:03033228
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:FF818E2B
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:FB914833
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:EF2D54F9
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:E90251A2
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:DD3F5AF4
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:D74C2847
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:C44E62F1
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:BB24555F
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:B9775780
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:ADE91125
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:AB5B8755
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:A94968B5
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:9CB2B6C5
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:8A026284
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:860D9052
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:81F83028
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:7E26B7DC
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:6EAE3ABC
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:6BD1DCDD
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:5D2DC0A6
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:35632DDA
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:232300C2
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:1D60AEC3
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:1CE3DF80
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:FE144218
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:E7700065
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:E31D4564
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:DCDE7C60
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:DCAF903C
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:CE0A077E
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:C70C12CF
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:ACCFB883
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A9C7B545
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A9B2AAD0
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A362A045
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9B9441A5
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9AB9ECE0
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:8C443193
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:69FA7876
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:6051163F
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:5A13AEC2
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:4A48591F
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:195E9213
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:18AE7C5A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:100384F2
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:0D864221
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:003A85AC
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:F565FB91
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:DBA1A307
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:DB563BE7
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:B5D277AB
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9C504A4D
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9BCE9E9B
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9658F8A2
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:93CE17D1
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:91CF76E3
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:8E6845BC
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:8BBD1F9A
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:80A70180
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:7EE43C06
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:74456BF5
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:5304CF6F
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:4F8BECB9
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:46545F5C
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:2B059D79
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:268F887D
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:13B137AF
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:E0CDAF60
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:D93DCF15
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:D77C0A61
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:D417F0D5
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:792C1D5C
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:61AF91EC
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:3FF8D96E
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:3F22DA14
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:2A615C9C
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0E341035
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0256104B
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:E62BE020
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:E40BF3ED
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:E22211E1
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:CDFF58FE
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:C40E212B
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:B79388B4
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:B310C233
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:ADCBD4B1
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A13E0480
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:9C5E2795
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:93DE1838
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:9296EC11
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:8F76671E
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:6720DF40
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:49F896E9
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:3064D21D
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:1DFC024D
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:19AD1878
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:FE4E15B1
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:F68CB977
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:D478F292
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:C71DF9C6
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:C36E5828
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:956EC010
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:92D18A5E
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:898C038B
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:84744B34
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:798F4CE4
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:7079A696
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:687D1056
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:52FE3CCD
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:4C33F119
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:45A334DD
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:404C30E3
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:3AE22B1A
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:20B17557
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:18FCA3F2
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:17C6C557
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:131C0EE9
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:072B9E55
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:FAC5BCF5
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:F82CA780
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:F2F115B4
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:F1FE38D7
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:D8EA2847
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:D3930F74
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:940ECC98
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:858D9994
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:80234CE0
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:6A7B7A50
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:5D7E5A8F
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:550179F5
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:50A11A00
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:4EAD6852
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:4B112591
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:386E239F
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:38317199
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:30F1AD86
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:029E021F
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:02573978
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:023F0743
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:002640E3
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:FDD78BE5
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:E4EAA06A
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:DE38CB5F
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:D61069DE
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:CDA9D806
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:C8EAE2CC
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:C2E33402
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:B54102AD
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:7DFDF9DF
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:72E546C1
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:651AC260
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:3A29D202
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:39294FE1
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:1B154164
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:1AD5880D
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:174B11D8
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:15FA1ECB
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:C9B93CC4
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:B83BF1A6
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:91DFBB4A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:8F7ECF6A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:87F524B2
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:8599F087
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:7C0CBD4C
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:7B227418
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:76986D86
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:6CFD36EA
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:54997B77
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:4890C28A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:322EAACD
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:2E0BE9CA
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:2CBB1EC8
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:2504A086
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:225C4FFC
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0E640041
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:09DC8014
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:FACC16FC
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:FA45F5FF
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:F4BE8180
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:F42CF153
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:D0397AE3
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:C762A926
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:C4AAD3E4
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:97A03D0F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:902B6A44
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:8FBE0E9C
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:8DCF53BE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5E3FBF9D
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:541F9F51
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:47317C33
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:42275BC2
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:373C6DC2
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:2FAFBD6A
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:2A5BC0A9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:26140299
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:1FDDA142
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:1ECB0F6C
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:1DDD0008
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:128A6DC9
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:F131B2B8
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:E6B1AD87
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:E55CE2D1
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:D3FFFBA9
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:B837C568
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:9A6A9036
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:73CCE32D
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:6FCD73D7
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:63A71C6F
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:55781AF7
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:516FF8A1
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:3E424252
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:3D4CCD1E
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:22C80839
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:1AE68282
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:0B9176C0
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:EB3A09D6
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:EA43B001
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:DDE7FCF4
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:A5E0BCE9
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:949E3D1B
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:90E60569
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:8EEE3BBB
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:7D49B96B
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:700CD00E
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:64A7B9DE
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:51F17074
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:5199C971
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:017D5143
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:F65733F1
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:E8F2A400
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:BC521608
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:ABE89FFE
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:AA9519A6
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:A3F4C22C
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:98A71B94
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:95B8F7F6
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:74699137
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:595E476D
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:45E33ED2
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:39F44D9C
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:2A8CD561
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:2A0E0B9F
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:20B9E63F
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D20FFA63
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C5B70C5D
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:88555A1F
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:8750DCE4
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:70F0A2F4
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:6C22B38A
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:62197B73
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:4D7FCCD3
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:48070A48
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:4300D829
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:2F46E9A6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:2B99FE60
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:1AF93AF4
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:0A18093F
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:01453AF3
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:F86CC73E
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:F854B030
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:E8E51D31
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:D6C2C750
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:D5C1AF61
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:CCF42AF8
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:C0D722EB
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A9D9351A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A4AD016E
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:98104906
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8DD623B3
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8C885EDD
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:7D2C5D65
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:799B8AA7
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:793ABD2B
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:6C3B96F0
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:51C0853C
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:4C97EF04
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:444C53BA
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3E7C402E
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:087D1C56
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:01EDA307
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:E71141D2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:D091E13E
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:C6DBBC03
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:B8EA2C49
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:981884E7
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:8F925134
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:8D8F3340
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:74B502CB
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:5425B7F5
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:52A42F4C
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:4DBBB4EA
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:4B1807BE
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:369A9F46
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:30376ACC
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:2CFBE2D1
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0503B6B8
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:F6E5C7FB
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E89EDC52
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D30CE047
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:CCBF0D67
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:B358A070
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:8F5346F2
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:5D458568
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:51387F29
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:07A75CBF
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:F9CEBD79
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:EAB1AD1B
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:E9CB5ECC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:D43ACD11
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:C7D36B80
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:B42328DE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:92209557
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:90FE524C
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:895798AD
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:85B53F5F
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:7E68DD27
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:756C8543
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:741CA49D
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5743A858
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4DE8C719
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4BB26BE9
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:3867977D
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:2A8A3140
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:02C1CB6D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:FDA8D6AE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:F84F494D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:E7AD9690
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:E749BCD7
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:DF3D49ED
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:CBEB737E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C77DCC63
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A86C3734
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A0405560
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:9E64EBA6
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:8C84073F
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:857692EC
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:85526F54
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:77B90F12
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:726A7C8D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:6C81A062
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:5B111056
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:551E1CB4
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:54F7A151
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:53546330
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:2E964D2D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:1AAEFD5D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:1013B07C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DF5BAC78
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DE29D4A1
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DAFAF1BF
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:C8D1C36C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:BE9A1C90
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:A833FADB
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:A3857D86
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:981349EA
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:93F6D130
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:864A52B8
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:5EBA4934
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:4ABFB16D
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3FBB88CF
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3CA18B6B
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:38788EA7
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3095BD69
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:1BC99E01
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:1941675B
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:F01E7F17
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:ED66F190
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E6433F27
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E2C7E93F
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:D44D0CA3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:B3B92717
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:ABCD2B94
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9950163C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:4E158DDD
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:478FEFC3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:409F27A9
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:33C7F7F2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:0A9883D3
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:D5458F6B
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:4EDDC66F
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:D6BE1CEA
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5F538558
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5EC637CB
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:DFA00BA4
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:74BB299D
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:2D723B3A
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:F791B5EF
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:D68C96C3
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8C4F2D2B
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8C458D50
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:81365633
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:56AB0B90
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:45E74272
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:147DA06A
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:F7124EAF
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:A78FEBF9
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:93C494CA
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:40DEEFF7
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:FC420CE6
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:793F316E
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:D226F1A4
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:2411B07C
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:CFE0B346

< End of report >
         
--- --- ---

--- --- ---
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 28.10.2012 18:06:30 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Edith\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,79% Memory free
6,20 Gb Paging File | 4,66 Gb Available in Paging File | 75,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,59 Gb Total Space | 115,77 Gb Free Space | 49,77% Space Free | Partition Type: NTFS
Drive D: | 348,93 Gb Total Space | 348,82 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Drive E: | 12,15 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: EDITH-PC | User Name: Edith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006954EA-33EB-4662-842D-0ED75DD46D48}" = rport=138 | protocol=17 | dir=out | app=system | 
"{076F689E-8ECD-49E8-A6B7-2C378EFA8001}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{158A323B-9C9C-49CC-88F6-9CD905A9329C}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1C9DCB09-DDC2-4518-B255-B85D904D8A16}" = rport=445 | protocol=6 | dir=out | app=system | 
"{378D3547-7232-430F-BB97-950712323872}" = rport=139 | protocol=6 | dir=out | app=system | 
"{64760F7B-A695-459C-8A9F-DA03B5794472}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6E1202A5-ACBB-434E-BA4D-CDD4028A90E6}" = lport=138 | protocol=17 | dir=in | app=system | 
"{713027EE-D076-43AF-922B-152A5683D367}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare | 
"{9153DF09-CB74-44B5-9907-3A5408B5B33D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{B226DB71-3A87-47DD-91DF-79157A395E3F}" = lport=139 | protocol=6 | dir=in | app=system | 
"{EAC019C5-CB53-4DF6-AB6B-176CFF971BC8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{EE0D3293-F606-4D14-A416-7A2174A78452}" = rport=137 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C0300E0-A979-4BAF-99B6-D1E1A16B62FD}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{0F4BC87E-4228-4DAF-A68C-0B4ADE147DC7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{12A2D350-28D1-4D9D-8529-AB016AB1C531}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{29FF0134-CA76-4EA9-A866-900368701297}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{3C88ADDF-D00B-47B0-A939-6529FAB84096}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{44F6BF40-064A-4511-A88A-11F2346325B6}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{450833A5-9B15-4522-A5B8-DAB59789A67C}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{5F0717ED-4813-42AF-B6C4-0FC5D9F9227F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{725B2B26-300D-42E2-BC4D-FDCD06C164CD}" = protocol=17 | dir=in | app=c:\users\edith\appdata\local\temp\7zsd11c.tmp\symnrt.exe | 
"{78F19545-1C99-4A05-8C12-DC0A101ED625}" = protocol=6 | dir=in | app=c:\users\edith\appdata\local\temp\7zsd11c.tmp\symnrt.exe | 
"{7FC539DC-5998-4546-ABC2-AD96E2392336}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | 
"{842CF817-E40C-4A33-B135-30D12DC90F21}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{984D4E27-97C0-4E6A-811E-CF5BBEB3E983}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{B0C4A9FA-72B1-4FBB-B296-24B4A5D03155}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{C33B3561-5982-4C24-ACA4-945964DAD405}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{C4C37BC7-AB14-42D3-BAB2-2C8502F01D02}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{CBD20412-4AE2-410E-B5BF-E26CD4BCBDCD}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{D4C0F7E0-D2A5-4F32-BD66-7F5C599ADD23}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{D7DD609E-67B8-4721-A1F7-AAFEB4DA645A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{E612B596-AA13-4AD5-8501-7C1BE788A785}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{E7FE9AAF-B804-4E40-B0B7-8B72E9B91ECA}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{EC48B1AF-1698-461C-9F67-6C2A96872912}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{F849A470-A959-46AE-909C-AF15096DB7A9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{FFFCBA17-1084-478B-AD4A-BB469A226CD1}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04440141-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Professional 2004
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{1BA978E7-2F4C-442F-BB58-6DCCC6BB0074}" = Haushaltsbuch8
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4C7F547E-DDE3-51BF-1D2E-04816F30AD66}" = ATI Catalyst Install Manager
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 7.0 with 5.1ch
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114039310}" = Turbo Subs
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114669510}" = Egyptian Ball
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115050127}" = Mystery PI The Vegas Heist
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115430860}" = Amazing Adventures Around The World
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116555140}" = Farm Frenzy Pizza Party
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116609607}" = Undiscovered World The Incan Sun
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117327560}" = Kuros
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117398253}" = Build a Lot 4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117673440}" = Hide and Secret 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117770767}" = Every Day Genius Square Logic
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117779147}" = Age of Oracles TM  Tara’s Journey
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118514767}" = Youda Fairy
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118753180}" = Agatha Christie Bundle - 3 in 1
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector (Acer DT)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"510005827" = Crazy Rings
"510005835" = Oddly Enough - Pied Piper
"510006725" = Worlds Greatest Temples Mahjong
"510006975" = Amulet of Time: Shadow of la Rochelle
"510006978" = Sticky Linky
"510006983" = Hide & Secret - The Lost World
"510006995" = Isla Dorada The sands of Ephranis
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"amelie'scafedeluxe" = Amelie's Cafe Deluxe
"avast" = avast! Internet Security
"Bigpoint_Games_DE Toolbar" = Bigpoint Games DE Toolbar
"d0ad26f8b4c2bbee98449bb9fe537b08" = Mystic Emporium
"Diamond Caves 3" = Diamond Caves 3
"ElsterFormular 11.2.0.4074" = ElsterFormular
"Google Desktop" = Google Desktop
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector (Acer DT)
"king.com" = king.com (remove only)
"LHTTSGED" = L&H TTS3000 Deutsch
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NetSight" = Nielsen Online
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Online Games Manager" = Online Games Manager v1.10
"Shockwave" = Shockwave
"SystemRequirementsLab" = System Requirements Lab
"TomTom HOME" = TomTom HOME 2.8.3.2499
"Yahoo! Toolbar" = Yahoo! Toolbar
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Gemini Lost Deluxe" = Gemini Lost Deluxe
"Google Chrome" = Google Chrome
"Wandering Willows Deluxe" = Wandering Willows Deluxe
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 04.04.2012 03:04:47 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 04.04.2012 03:04:47 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 04.04.2012 03:04:53 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 04.04.2012 03:04:53 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 04.04.2012 03:05:23 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 04.04.2012 03:05:23 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 05.04.2012 18:00:16 | Computer Name = Edith-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Lara Gates. The Lost Talisman.exe, Version 1.5.0.0,
 Zeitstempel 0x4e5f5619, fehlerhaftes Modul Lara Gates. The Lost Talisman.exe, Version
 1.5.0.0, Zeitstempel 0x4e5f5619, Ausnahmecode 0xc0000005, Fehleroffset 0x00131de0,
Prozess-ID
 0x12b4, Anwendungsstartzeit 01cd13704caf6380.
 
Error - 06.04.2012 03:54:28 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 06.04.2012 03:54:28 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 06.04.2012 03:56:03 | Computer Name = Edith-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 28.10.2012 13:09:05 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 28.10.2012 13:09:05 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 28.10.2012 13:09:05 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 28.10.2012 13:09:06 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 28.10.2012 13:09:06 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 28.10.2012 13:09:06 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 28.10.2012 13:09:06 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 28.10.2012 13:09:06 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 28.10.2012 13:09:06 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 28.10.2012 13:09:07 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
 
< End of report >
         
--- --- ---


Hier auch der eben durchgeführte Scan von Malwarbytes:
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.28.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Edith :: EDITH-PC [Administrator]

Schutz: Aktiviert

28.10.2012 18:43:20
mbam-log-2012-10-28 (19-32-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 354806
Laufzeit: 48 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
 Malwarebytes Anti-Malware  (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.28.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Edith :: EDITH-PC [Administrator]

Schutz: Aktiviert

28.10.2012 18:43:20
mbam-log-2012-10-28 (19-32-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 354806
Laufzeit: 48 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
 Malwarebytes Anti-Malware  (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.28.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Edith :: EDITH-PC [Administrator]

Schutz: Aktiviert

28.10.2012 18:43:20
mbam-log-2012-10-28 (19-32-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 354806
Laufzeit: 48 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 29.10.2012, 08:28   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus.

aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 29.10.2012, 14:37   #9
Rapunzel
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Gmer ist abgestürzt und beim aswMBR kam ebenfalls die Fehlermeldung (hab ich dann so eingestellt wie du gesagt hast), hier also das Logfile.

Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-29 14:33:08
-----------------------------
14:33:08.177    OS Version: Windows 6.0.6002 Service Pack 2
14:33:08.177    Number of processors: 2 586 0x6B02
14:33:08.177    ComputerName: EDITH-PC  UserName: Edith
14:33:09.004    Initialize success
14:33:09.113    AVAST engine defs: 12102900
14:34:00.948    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:34:00.948    Disk 0 Vendor: WDC_WD6400AAKS-22A7B0 01.03B01 Size: 610480MB BusType: 3
14:34:00.980    Disk 0 MBR read successfully
14:34:00.980    Disk 0 MBR scan
14:34:00.995    Disk 0 unknown MBR code
14:34:01.011    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        15005 MB offset 63
14:34:01.026    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       238170 MB offset 30734336
14:34:01.058    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       357302 MB offset 518506496
14:34:01.089    Disk 0 scanning sectors +1250260992
14:34:01.167    Disk 0 scanning C:\Windows\system32\drivers
14:34:13.349    Service scanning
14:34:26.875    Modules scanning
14:34:38.497    Disk 0 trace - called modules:
14:34:38.996    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 
14:34:38.996    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c10030]
14:34:39.011    3 CLASSPNP.SYS[8ab9e8b3] -> nt!IofCallDriver -> [0x85c12918]
14:34:39.011    5 acpi.sys[806106bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85bf7030]
14:34:39.027    Scan finished successfully
14:34:49.900    Disk 0 MBR has been saved successfully to "C:\Users\Edith\Desktop\MBR.dat"
14:34:49.900    The log file has been saved successfully to "C:\Users\Edith\Desktop\aswMBR.txt"
         
ach ja das runterladen der jeweiligen Programme funktioniert immer noch nicht, ich lade immer erst auf einen anderen Rechner und zieh mir das ganze dann per Stick auf den Rechner hier.

Alt 29.10.2012, 15:11   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 29.10.2012, 15:40   #11
Rapunzel
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Code:
ATTFilter
 
15:37:23.0292 5916  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
15:37:23.0587 5916  ============================================================
15:37:23.0587 5916  Current date / time: 2012/10/29 15:37:23.0587
15:37:23.0587 5916  SystemInfo:
15:37:23.0587 5916  
15:37:23.0587 5916  OS Version: 6.0.6002 ServicePack: 2.0
15:37:23.0587 5916  Product type: Workstation
15:37:23.0587 5916  ComputerName: EDITH-PC
15:37:23.0587 5916  UserName: Edith
15:37:23.0587 5916  Windows directory: C:\Windows
15:37:23.0587 5916  System windows directory: C:\Windows
15:37:23.0588 5916  Processor architecture: Intel x86
15:37:23.0588 5916  Number of processors: 2
15:37:23.0588 5916  Page size: 0x1000
15:37:23.0588 5916  Boot type: Normal boot
15:37:23.0588 5916  ============================================================
15:37:24.0736 5916  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:37:24.0852 5916  ============================================================
15:37:24.0852 5916  \Device\Harddisk0\DR0:
15:37:24.0852 5916  MBR partitions:
15:37:24.0853 5916  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4F800, BlocksNum 0x1D12D000
15:37:24.0853 5916  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1EE7C800, BlocksNum 0x2B9DB000
15:37:24.0853 5916  ============================================================
15:37:24.0902 5916  C: <-> \Device\Harddisk0\DR0\Partition1
15:37:24.0929 5916  D: <-> \Device\Harddisk0\DR0\Partition2
15:37:24.0929 5916  ============================================================
15:37:24.0930 5916  Initialize success
15:37:24.0930 5916  ============================================================
15:37:37.0713 3908  ============================================================
15:37:37.0713 3908  Scan started
15:37:37.0713 3908  Mode: Manual; SigCheck; TDLFS; 
15:37:37.0713 3908  ============================================================
15:37:38.0495 3908  ================ Scan system memory ========================
15:37:38.0495 3908  System memory - ok
15:37:38.0495 3908  ================ Scan services =============================
15:37:38.0631 3908  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:37:38.0734 3908  ACPI - ok
15:37:38.0808 3908  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:37:38.0834 3908  AdobeFlashPlayerUpdateSvc - ok
15:37:38.0867 3908  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:37:38.0888 3908  adp94xx - ok
15:37:38.0909 3908  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:37:38.0926 3908  adpahci - ok
15:37:38.0950 3908  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:37:38.0964 3908  adpu160m - ok
15:37:38.0982 3908  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:37:38.0997 3908  adpu320 - ok
15:37:39.0015 3908  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:37:39.0122 3908  AeLookupSvc - ok
15:37:39.0166 3908  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
15:37:39.0197 3908  AFD - ok
15:37:39.0212 3908  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:37:39.0228 3908  agp440 - ok
15:37:39.0251 3908  [ 0DEE2B628D4C6E23285BB91EFFDABFDE ] ahcix86s        C:\Windows\system32\drivers\ahcix86s.sys
15:37:39.0273 3908  ahcix86s - ok
15:37:39.0285 3908  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:37:39.0299 3908  aic78xx - ok
15:37:39.0311 3908  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
15:37:39.0386 3908  ALG - ok
15:37:39.0401 3908  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:37:39.0412 3908  aliide - ok
15:37:39.0428 3908  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:37:39.0440 3908  amdagp - ok
15:37:39.0449 3908  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:37:39.0460 3908  amdide - ok
15:37:39.0480 3908  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
15:37:39.0519 3908  AmdK7 - ok
15:37:39.0531 3908  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:37:39.0562 3908  AmdK8 - ok
15:37:39.0590 3908  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
15:37:39.0611 3908  Appinfo - ok
15:37:39.0626 3908  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
15:37:39.0637 3908  arc - ok
15:37:39.0647 3908  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:37:39.0660 3908  arcsas - ok
15:37:39.0684 3908  [ 598DAF89E7B2AD88FF6511CB9C4BA61A ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
15:37:39.0694 3908  aswFsBlk - ok
15:37:39.0726 3908  [ 1F0A5DE979684ECCA5D3EADC1FD08EC9 ] aswFW           C:\Windows\system32\drivers\aswFW.sys
15:37:39.0738 3908  aswFW - ok
15:37:39.0781 3908  [ 026A545EACA7DAC6421D76A81061F5DE ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
15:37:39.0792 3908  aswKbd - ok
15:37:39.0815 3908  [ 7233224B8A2081CDB684826056B89561 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:37:39.0827 3908  aswMonFlt - ok
15:37:39.0839 3908  [ 7B948E3657BEA62E437BC46CA6EF6012 ] aswNdis         C:\Windows\system32\DRIVERS\aswNdis.sys
15:37:39.0848 3908  aswNdis - ok
15:37:39.0862 3908  [ 3B3BD66FB53E13D1076258408E31BE69 ] aswNdis2        C:\Windows\system32\drivers\aswNdis2.sys
15:37:39.0875 3908  aswNdis2 - ok
15:37:39.0884 3908  [ 816C6DCD6BF930C8FD8F68137E1BDDC4 ] AswRdr          C:\Windows\system32\drivers\AswRdr.sys
15:37:39.0895 3908  AswRdr - ok
15:37:39.0919 3908  [ 6C8B09E245795E98B6BCC983D0AA4D26 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:37:39.0948 3908  aswSnx - ok
15:37:39.0974 3908  [ 437E3F4B4529AA616D4979A2B74CF8C5 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:37:40.0013 3908  aswSP - ok
15:37:40.0020 3908  [ BD07C8162C7FAD38FE4AAAE18E835216 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
15:37:40.0032 3908  aswTdi - ok
15:37:40.0065 3908  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:37:40.0098 3908  AsyncMac - ok
15:37:40.0123 3908  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:37:40.0135 3908  atapi - ok
15:37:40.0156 3908  [ 4AA1EB65481C392955939E735D27118B ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
15:37:40.0181 3908  AtiPcie - ok
15:37:40.0217 3908  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:37:40.0249 3908  AudioEndpointBuilder - ok
15:37:40.0267 3908  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:37:40.0292 3908  Audiosrv - ok
15:37:40.0337 3908  [ FB05FF189FC5F57DE636315B1F5E56DB ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:37:40.0350 3908  avast! Antivirus - ok
15:37:40.0394 3908  [ 353D1D0F7AE900EE8C1FF1A30DE13AF5 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
15:37:40.0408 3908  avast! Firewall - ok
15:37:40.0460 3908  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:37:40.0503 3908  Beep - ok
15:37:40.0534 3908  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
15:37:40.0571 3908  BFE - ok
15:37:40.0630 3908  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
15:37:40.0725 3908  BITS - ok
15:37:40.0759 3908  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:37:40.0799 3908  blbdrive - ok
15:37:40.0820 3908  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:37:40.0846 3908  bowser - ok
15:37:40.0862 3908  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:37:40.0894 3908  BrFiltLo - ok
15:37:40.0912 3908  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:37:40.0953 3908  BrFiltUp - ok
15:37:40.0972 3908  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
15:37:41.0017 3908  Browser - ok
15:37:41.0040 3908  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:37:41.0179 3908  Brserid - ok
15:37:41.0201 3908  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:37:41.0267 3908  BrSerWdm - ok
15:37:41.0286 3908  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:37:41.0357 3908  BrUsbMdm - ok
15:37:41.0375 3908  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:37:41.0443 3908  BrUsbSer - ok
15:37:41.0469 3908  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:37:41.0525 3908  BTHMODEM - ok
15:37:41.0563 3908  [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc     C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
15:37:41.0577 3908  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
15:37:41.0577 3908  BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
15:37:41.0600 3908  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:37:41.0623 3908  cdfs - ok
15:37:41.0642 3908  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:37:41.0660 3908  cdrom - ok
15:37:41.0689 3908  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:37:41.0715 3908  CertPropSvc - ok
15:37:41.0729 3908  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
15:37:41.0762 3908  circlass - ok
15:37:41.0803 3908  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
15:37:41.0819 3908  CLFS - ok
15:37:41.0899 3908  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:37:41.0912 3908  clr_optimization_v2.0.50727_32 - ok
15:37:41.0975 3908  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:37:41.0988 3908  clr_optimization_v4.0.30319_32 - ok
15:37:42.0006 3908  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:37:42.0017 3908  cmdide - ok
15:37:42.0028 3908  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:37:42.0040 3908  Compbatt - ok
15:37:42.0047 3908  COMSysApp - ok
15:37:42.0057 3908  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:37:42.0069 3908  crcdisk - ok
15:37:42.0083 3908  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
15:37:42.0111 3908  Crusoe - ok
15:37:42.0154 3908  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:37:42.0180 3908  CryptSvc - ok
15:37:42.0222 3908  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:37:42.0311 3908  DcomLaunch - ok
15:37:42.0346 3908  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:37:42.0367 3908  DfsC - ok
15:37:42.0428 3908  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
15:37:42.0533 3908  DFSR - ok
15:37:42.0560 3908  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:37:42.0595 3908  Dhcp - ok
15:37:42.0627 3908  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
15:37:42.0640 3908  disk - ok
15:37:42.0659 3908  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:37:42.0701 3908  Dnscache - ok
15:37:42.0722 3908  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:37:42.0757 3908  dot3svc - ok
15:37:42.0783 3908  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
15:37:42.0826 3908  DPS - ok
15:37:42.0855 3908  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:37:42.0887 3908  drmkaud - ok
15:37:42.0949 3908  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:37:42.0982 3908  DXGKrnl - ok
15:37:43.0019 3908  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
15:37:43.0055 3908  E1G60 - ok
15:37:43.0081 3908  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
15:37:43.0108 3908  EapHost - ok
15:37:43.0131 3908  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:37:43.0150 3908  Ecache - ok
15:37:43.0208 3908  [ B1F2503E23425B386DF0F3413B2596F3 ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
15:37:43.0233 3908  eDataSecurity Service - ok
15:37:43.0256 3908  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:37:43.0282 3908  elxstor - ok
15:37:43.0320 3908  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:37:43.0356 3908  EMDMgmt - ok
15:37:43.0368 3908  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:37:43.0391 3908  ErrDev - ok
15:37:43.0447 3908  [ 27D2754314D12EB27D81D462FD0D86C0 ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
15:37:43.0479 3908  ETService ( UnsignedFile.Multi.Generic ) - warning
15:37:43.0479 3908  ETService - detected UnsignedFile.Multi.Generic (1)
15:37:43.0500 3908  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
15:37:43.0524 3908  EventSystem - ok
15:37:43.0552 3908  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
15:37:43.0586 3908  exfat - ok
15:37:43.0615 3908  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:37:43.0650 3908  fastfat - ok
15:37:43.0666 3908  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:37:43.0696 3908  fdc - ok
15:37:43.0716 3908  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:37:43.0740 3908  fdPHost - ok
15:37:43.0798 3908  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:37:43.0895 3908  FDResPub - ok
15:37:43.0921 3908  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:37:43.0934 3908  FileInfo - ok
15:37:43.0943 3908  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:37:43.0971 3908  Filetrace - ok
15:37:43.0988 3908  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:37:44.0019 3908  flpydisk - ok
15:37:44.0059 3908  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:37:44.0076 3908  FltMgr - ok
15:37:44.0118 3908  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
15:37:44.0190 3908  FontCache - ok
15:37:44.0255 3908  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:37:44.0269 3908  FontCache3.0.0.0 - ok
15:37:44.0286 3908  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:37:44.0308 3908  Fs_Rec - ok
15:37:44.0326 3908  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:37:44.0340 3908  gagp30kx - ok
15:37:44.0398 3908  [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
15:37:44.0409 3908  GoogleDesktopManager-051210-111108 - ok
15:37:44.0443 3908  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:37:44.0526 3908  gpsvc - ok
15:37:44.0567 3908  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:37:44.0620 3908  HdAudAddService - ok
15:37:44.0655 3908  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:37:44.0745 3908  HDAudBus - ok
15:37:44.0767 3908  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:37:44.0831 3908  HidBth - ok
15:37:44.0845 3908  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:37:44.0893 3908  HidIr - ok
15:37:44.0911 3908  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
15:37:44.0928 3908  hidserv - ok
15:37:44.0941 3908  [ 854CA287AB7FAF949617A788306D967E ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:37:44.0963 3908  HidUsb - ok
15:37:44.0981 3908  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:37:45.0012 3908  hkmsvc - ok
15:37:45.0024 3908  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:37:45.0035 3908  HpCISSs - ok
15:37:45.0065 3908  [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:37:45.0133 3908  HTTP - ok
15:37:45.0163 3908  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:37:45.0175 3908  i2omp - ok
15:37:45.0197 3908  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:37:45.0221 3908  i8042prt - ok
15:37:45.0237 3908  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:37:45.0253 3908  iaStorV - ok
15:37:45.0297 3908  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:37:45.0354 3908  idsvc - ok
15:37:45.0392 3908  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:37:45.0403 3908  iirsp - ok
15:37:45.0448 3908  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:37:45.0476 3908  IKEEXT - ok
15:37:45.0523 3908  [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15           C:\Windows\system32\drivers\int15.sys
15:37:45.0534 3908  int15 - ok
15:37:45.0594 3908  [ 8A4341616976E47712B60F18C7049DCC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:37:45.0701 3908  IntcAzAudAddService - ok
15:37:45.0732 3908  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:37:45.0744 3908  intelide - ok
15:37:45.0760 3908  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:37:45.0792 3908  intelppm - ok
15:37:45.0808 3908  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:37:45.0852 3908  IPBusEnum - ok
15:37:45.0875 3908  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:37:45.0910 3908  IpFilterDriver - ok
15:37:45.0936 3908  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:37:45.0962 3908  iphlpsvc - ok
15:37:45.0968 3908  IpInIp - ok
15:37:45.0988 3908  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:37:46.0023 3908  IPMIDRV - ok
15:37:46.0036 3908  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:37:46.0072 3908  IPNAT - ok
15:37:46.0090 3908  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:37:46.0129 3908  IRENUM - ok
15:37:46.0146 3908  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:37:46.0162 3908  isapnp - ok
15:37:46.0186 3908  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:37:46.0203 3908  iScsiPrt - ok
15:37:46.0225 3908  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:37:46.0239 3908  iteatapi - ok
15:37:46.0263 3908  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:37:46.0277 3908  iteraid - ok
15:37:46.0290 3908  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:37:46.0306 3908  kbdclass - ok
15:37:46.0322 3908  [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:37:46.0364 3908  kbdhid - ok
15:37:46.0381 3908  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
15:37:46.0405 3908  KeyIso - ok
15:37:46.0444 3908  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:37:46.0470 3908  KSecDD - ok
15:37:46.0503 3908  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:37:46.0566 3908  KtmRm - ok
15:37:46.0597 3908  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:37:46.0620 3908  LanmanServer - ok
15:37:46.0649 3908  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:37:46.0674 3908  LanmanWorkstation - ok
15:37:46.0722 3908  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:37:46.0736 3908  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
15:37:46.0736 3908  LightScribeService - detected UnsignedFile.Multi.Generic (1)
15:37:46.0747 3908  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:37:46.0782 3908  lltdio - ok
15:37:46.0809 3908  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:37:46.0860 3908  lltdsvc - ok
15:37:46.0874 3908  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:37:46.0936 3908  lmhosts - ok
15:37:46.0957 3908  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:37:46.0969 3908  LSI_FC - ok
15:37:46.0984 3908  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:37:46.0997 3908  LSI_SAS - ok
15:37:47.0019 3908  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:37:47.0032 3908  LSI_SCSI - ok
15:37:47.0048 3908  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
15:37:47.0077 3908  luafv - ok
15:37:47.0091 3908  [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:37:47.0102 3908  MBAMProtector - ok
15:37:47.0145 3908  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:37:47.0163 3908  MBAMScheduler - ok
15:37:47.0185 3908  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:37:47.0217 3908  MBAMService - ok
15:37:47.0248 3908  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:37:47.0260 3908  megasas - ok
15:37:47.0287 3908  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:37:47.0313 3908  MegaSR - ok
15:37:47.0376 3908  Microsoft SharePoint Workspace Audit Service - ok
15:37:47.0401 3908  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
15:37:47.0440 3908  MMCSS - ok
15:37:47.0451 3908  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
15:37:47.0488 3908  Modem - ok
15:37:47.0504 3908  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:37:47.0549 3908  monitor - ok
15:37:47.0559 3908  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:37:47.0571 3908  mouclass - ok
15:37:47.0587 3908  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:37:47.0619 3908  mouhid - ok
15:37:47.0632 3908  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:37:47.0645 3908  MountMgr - ok
15:37:47.0671 3908  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:37:47.0685 3908  mpio - ok
15:37:47.0699 3908  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:37:47.0722 3908  mpsdrv - ok
15:37:47.0749 3908  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:37:47.0786 3908  MpsSvc - ok
15:37:47.0811 3908  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:37:47.0823 3908  Mraid35x - ok
15:37:47.0852 3908  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:37:47.0875 3908  MRxDAV - ok
15:37:47.0897 3908  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:37:47.0934 3908  mrxsmb - ok
15:37:47.0964 3908  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:37:47.0990 3908  mrxsmb10 - ok
15:37:48.0012 3908  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:37:48.0026 3908  mrxsmb20 - ok
15:37:48.0044 3908  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
15:37:48.0057 3908  msahci - ok
15:37:48.0069 3908  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:37:48.0084 3908  msdsm - ok
15:37:48.0101 3908  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
15:37:48.0148 3908  MSDTC - ok
15:37:48.0172 3908  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:37:48.0201 3908  Msfs - ok
15:37:48.0223 3908  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:37:48.0237 3908  msisadrv - ok
15:37:48.0266 3908  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:37:48.0311 3908  MSiSCSI - ok
15:37:48.0319 3908  msiserver - ok
15:37:48.0356 3908  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:37:48.0399 3908  MSKSSRV - ok
15:37:48.0414 3908  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:37:48.0456 3908  MSPCLOCK - ok
15:37:48.0473 3908  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:37:48.0502 3908  MSPQM - ok
15:37:48.0527 3908  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:37:48.0546 3908  MsRPC - ok
15:37:48.0561 3908  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:37:48.0576 3908  mssmbios - ok
15:37:48.0590 3908  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:37:48.0619 3908  MSTEE - ok
15:37:48.0638 3908  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
15:37:48.0654 3908  Mup - ok
15:37:48.0669 3908  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
15:37:48.0715 3908  napagent - ok
15:37:48.0737 3908  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:37:48.0765 3908  NativeWifiP - ok
15:37:48.0795 3908  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:37:48.0828 3908  NDIS - ok
15:37:48.0870 3908  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:37:48.0897 3908  NdisTapi - ok
15:37:48.0915 3908  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:37:48.0950 3908  Ndisuio - ok
15:37:48.0967 3908  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:37:48.0995 3908  NdisWan - ok
15:37:49.0013 3908  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:37:49.0040 3908  NDProxy - ok
15:37:49.0052 3908  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:37:49.0083 3908  NetBIOS - ok
15:37:49.0106 3908  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:37:49.0136 3908  netbt - ok
15:37:49.0151 3908  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
15:37:49.0164 3908  Netlogon - ok
15:37:49.0189 3908  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
15:37:49.0227 3908  Netman - ok
15:37:49.0240 3908  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
15:37:49.0269 3908  netprofm - ok
15:37:49.0282 3908  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:37:49.0294 3908  NetTcpPortSharing - ok
15:37:49.0313 3908  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:37:49.0324 3908  nfrd960 - ok
15:37:49.0385 3908  [ 56E7999EE68837453B177298542F5A75 ] NielsenUpdate   C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
15:37:49.0432 3908  NielsenUpdate - ok
15:37:49.0465 3908  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:37:49.0499 3908  NlaSvc - ok
15:37:49.0539 3908  [ 59D2B30A1B3D56AE543FEB44D02D22BB ] nnfwdk          C:\Program Files\NetRatingsNetSight\NetSight\meter7\nnfwdk.sys
15:37:49.0549 3908  nnfwdk - ok
15:37:49.0573 3908  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:37:49.0600 3908  Npfs - ok
15:37:49.0607 3908  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
15:37:49.0636 3908  nsi - ok
15:37:49.0658 3908  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:37:49.0689 3908  nsiproxy - ok
15:37:49.0729 3908  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:37:49.0787 3908  Ntfs - ok
15:37:49.0823 3908  [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:37:49.0840 3908  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - warning
15:37:49.0841 3908  NTIBackupSvc - detected UnsignedFile.Multi.Generic (1)
15:37:49.0860 3908  [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
15:37:49.0871 3908  NTIDrvr - ok
15:37:49.0900 3908  [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:37:49.0911 3908  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
15:37:49.0911 3908  NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
15:37:49.0933 3908  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
15:37:49.0978 3908  ntrigdigi - ok
15:37:50.0000 3908  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
15:37:50.0037 3908  Null - ok
15:37:50.0232 3908  [ 73A70F1D89C942EEDD99A3F10459B051 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:37:51.0286 3908  nvlddmkm - ok
15:37:51.0305 3908  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:37:51.0318 3908  nvraid - ok
15:37:51.0332 3908  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:37:51.0344 3908  nvstor - ok
15:37:51.0372 3908  [ 342FCBF0B293DBEC54B055418DF1EE7E ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:37:51.0399 3908  nvsvc - ok
15:37:51.0417 3908  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:37:51.0430 3908  nv_agp - ok
15:37:51.0436 3908  NwlnkFlt - ok
15:37:51.0444 3908  NwlnkFwd - ok
15:37:51.0488 3908  [ 0182074B2B8915C8371EA5A006BAC44E ] ogmservice      C:\Program Files\Online Games Manager\ogmservice.exe
15:37:51.0509 3908  ogmservice - ok
15:37:51.0608 3908  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:37:51.0642 3908  ohci1394 - ok
15:37:51.0692 3908  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:37:51.0705 3908  ose - ok
15:37:51.0812 3908  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:37:51.0991 3908  osppsvc - ok
15:37:52.0037 3908  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:37:52.0108 3908  p2pimsvc - ok
15:37:52.0120 3908  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:37:52.0160 3908  p2psvc - ok
15:37:52.0207 3908  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
15:37:52.0269 3908  Parport - ok
15:37:52.0286 3908  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:37:52.0300 3908  partmgr - ok
15:37:52.0314 3908  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:37:52.0361 3908  Parvdm - ok
15:37:52.0377 3908  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:37:52.0403 3908  PcaSvc - ok
15:37:52.0423 3908  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
15:37:52.0437 3908  pci - ok
15:37:52.0448 3908  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
15:37:52.0459 3908  pciide - ok
15:37:52.0477 3908  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:37:52.0490 3908  pcmcia - ok
15:37:52.0520 3908  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:37:52.0614 3908  PEAUTH - ok
15:37:52.0678 3908  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
15:37:52.0732 3908  pla - ok
15:37:52.0782 3908  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:37:52.0806 3908  PlugPlay - ok
15:37:52.0820 3908  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:37:52.0869 3908  PNRPAutoReg - ok
15:37:52.0881 3908  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:37:52.0922 3908  PNRPsvc - ok
15:37:52.0972 3908  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:37:53.0041 3908  PolicyAgent - ok
15:37:53.0067 3908  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:37:53.0092 3908  PptpMiniport - ok
15:37:53.0111 3908  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
15:37:53.0147 3908  Processor - ok
15:37:53.0169 3908  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:37:53.0196 3908  ProfSvc - ok
15:37:53.0203 3908  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:37:53.0219 3908  ProtectedStorage - ok
15:37:53.0235 3908  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:37:53.0259 3908  PSched - ok
15:37:53.0283 3908  [ 628321C8DD76AD369B362B202E655A68 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
15:37:53.0296 3908  PSDFilter - ok
15:37:53.0308 3908  [ 79D7117E62709C7690CF3DD55ACEAD37 ] PSDNServ        C:\Windows\system32\drivers\PSDNServ.sys
15:37:53.0319 3908  PSDNServ - ok
15:37:53.0332 3908  [ CAE5E82827990CF4BD4A49576BDE3A43 ] psdvdisk        C:\Windows\system32\drivers\psdvdisk.sys
15:37:53.0343 3908  psdvdisk - ok
15:37:53.0385 3908  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:37:53.0443 3908  ql2300 - ok
15:37:53.0477 3908  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:37:53.0491 3908  ql40xx - ok
15:37:53.0538 3908  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
15:37:53.0575 3908  QWAVE - ok
15:37:53.0588 3908  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:37:53.0614 3908  QWAVEdrv - ok
15:37:53.0627 3908  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:37:53.0657 3908  RasAcd - ok
15:37:53.0673 3908  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
15:37:53.0711 3908  RasAuto - ok
15:37:53.0733 3908  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:37:53.0770 3908  Rasl2tp - ok
15:37:53.0800 3908  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
15:37:53.0849 3908  RasMan - ok
15:37:53.0874 3908  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:37:53.0904 3908  RasPppoe - ok
15:37:53.0929 3908  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:37:53.0942 3908  RasSstp - ok
15:37:53.0965 3908  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:37:53.0991 3908  rdbss - ok
15:37:54.0009 3908  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:37:54.0032 3908  RDPCDD - ok
15:37:54.0056 3908  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:37:54.0081 3908  rdpdr - ok
15:37:54.0087 3908  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:37:54.0109 3908  RDPENCDD - ok
15:37:54.0144 3908  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:37:54.0158 3908  RDPWD - ok
15:37:54.0186 3908  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:37:54.0220 3908  RemoteAccess - ok
15:37:54.0246 3908  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:37:54.0271 3908  RemoteRegistry - ok
15:37:54.0314 3908  [ A035A7BF5132682F53F1E7B955690CE7 ] RichVideo       C:\Program Files\Cyberlink\Shared files\RichVideo.exe
15:37:54.0328 3908  RichVideo ( UnsignedFile.Multi.Generic ) - warning
15:37:54.0328 3908  RichVideo - detected UnsignedFile.Multi.Generic (1)
15:37:54.0351 3908  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
15:37:54.0365 3908  RpcLocator - ok
15:37:54.0388 3908  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
15:37:54.0417 3908  RpcSs - ok
15:37:54.0423 3908  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:37:54.0449 3908  rspndr - ok
15:37:54.0456 3908  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
15:37:54.0471 3908  SamSs - ok
15:37:54.0487 3908  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:37:54.0499 3908  sbp2port - ok
15:37:54.0533 3908  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:37:54.0562 3908  SCardSvr - ok
15:37:54.0592 3908  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
15:37:54.0618 3908  Schedule - ok
15:37:54.0638 3908  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:37:54.0658 3908  SCPolicySvc - ok
15:37:54.0684 3908  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:37:54.0714 3908  SDRSVC - ok
15:37:54.0734 3908  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:37:54.0789 3908  secdrv - ok
15:37:54.0802 3908  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
15:37:54.0836 3908  seclogon - ok
15:37:54.0851 3908  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
15:37:54.0896 3908  SENS - ok
15:37:54.0911 3908  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:37:54.0970 3908  Serenum - ok
15:37:54.0989 3908  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
15:37:55.0037 3908  Serial - ok
15:37:55.0059 3908  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:37:55.0082 3908  sermouse - ok
15:37:55.0099 3908  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:37:55.0126 3908  SessionEnv - ok
15:37:55.0138 3908  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:37:55.0156 3908  sffdisk - ok
15:37:55.0168 3908  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:37:55.0190 3908  sffp_mmc - ok
15:37:55.0203 3908  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:37:55.0225 3908  sffp_sd - ok
15:37:55.0242 3908  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:37:55.0282 3908  sfloppy - ok
15:37:55.0298 3908  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:37:55.0336 3908  SharedAccess - ok
15:37:55.0362 3908  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:37:55.0380 3908  ShellHWDetection - ok
15:37:55.0397 3908  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:37:55.0410 3908  sisagp - ok
15:37:55.0421 3908  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:37:55.0433 3908  SiSRaid2 - ok
15:37:55.0450 3908  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:37:55.0463 3908  SiSRaid4 - ok
15:37:55.0540 3908  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
15:37:55.0739 3908  slsvc - ok
15:37:55.0802 3908  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:37:55.0826 3908  SLUINotify - ok
15:37:55.0863 3908  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:37:55.0941 3908  Smb - ok
15:37:55.0977 3908  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:37:55.0994 3908  SNMPTRAP - ok
15:37:56.0006 3908  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
15:37:56.0020 3908  spldr - ok
15:37:56.0046 3908  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
15:37:56.0074 3908  Spooler - ok
15:37:56.0101 3908  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:37:56.0136 3908  srv - ok
15:37:56.0158 3908  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:37:56.0181 3908  srv2 - ok
15:37:56.0206 3908  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:37:56.0228 3908  srvnet - ok
15:37:56.0249 3908  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:37:56.0291 3908  SSDPSRV - ok
15:37:56.0311 3908  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:37:56.0332 3908  SstpSvc - ok
15:37:56.0364 3908  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
15:37:56.0404 3908  stisvc - ok
15:37:56.0452 3908  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:37:56.0466 3908  swenum - ok
15:37:56.0494 3908  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
15:37:56.0525 3908  swprv - ok
15:37:56.0535 3908  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:37:56.0549 3908  Symc8xx - ok
15:37:56.0568 3908  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:37:56.0583 3908  Sym_hi - ok
15:37:56.0603 3908  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:37:56.0618 3908  Sym_u3 - ok
15:37:56.0647 3908  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
15:37:56.0736 3908  SysMain - ok
15:37:56.0763 3908  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:37:56.0787 3908  TabletInputService - ok
15:37:56.0821 3908  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:37:56.0866 3908  TapiSrv - ok
15:37:56.0879 3908  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
15:37:56.0927 3908  TBS - ok
15:37:56.0969 3908  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:37:57.0031 3908  Tcpip - ok
15:37:57.0085 3908  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:37:57.0123 3908  Tcpip6 - ok
15:37:57.0143 3908  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:37:57.0169 3908  tcpipreg - ok
15:37:57.0190 3908  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:37:57.0234 3908  TDPIPE - ok
15:37:57.0257 3908  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:37:57.0303 3908  TDTCP - ok
15:37:57.0330 3908  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:37:57.0372 3908  tdx - ok
15:37:57.0390 3908  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:37:57.0408 3908  TermDD - ok
15:37:57.0431 3908  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
15:37:57.0506 3908  TermService - ok
15:37:57.0537 3908  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
15:37:57.0562 3908  Themes - ok
15:37:57.0575 3908  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
15:37:57.0611 3908  THREADORDER - ok
15:37:57.0657 3908  [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
15:37:57.0672 3908  TomTomHOMEService - ok
15:37:57.0693 3908  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
15:37:57.0742 3908  TrkWks - ok
15:37:57.0780 3908  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:37:57.0813 3908  TrustedInstaller - ok
15:37:57.0830 3908  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:37:57.0868 3908  tssecsrv - ok
15:37:57.0884 3908  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:37:57.0900 3908  tunmp - ok
15:37:57.0932 3908  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:37:57.0953 3908  tunnel - ok
15:37:57.0973 3908  [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport        C:\Windows\system32\drivers\tvicport.sys
15:37:57.0980 3908  tvicport ( UnsignedFile.Multi.Generic ) - warning
15:37:57.0981 3908  tvicport - detected UnsignedFile.Multi.Generic (1)
15:37:57.0999 3908  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:37:58.0017 3908  uagp35 - ok
15:37:58.0043 3908  [ F763E070843EE2803DE1395002B42938 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
15:37:58.0056 3908  UBHelper - ok
15:37:58.0092 3908  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:37:58.0120 3908  udfs - ok
15:37:58.0147 3908  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:37:58.0198 3908  UI0Detect - ok
15:37:58.0214 3908  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:37:58.0232 3908  uliagpkx - ok
15:37:58.0252 3908  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:37:58.0268 3908  uliahci - ok
15:37:58.0279 3908  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:37:58.0290 3908  UlSata - ok
15:37:58.0304 3908  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:37:58.0318 3908  ulsata2 - ok
15:37:58.0327 3908  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:37:58.0363 3908  umbus - ok
15:37:58.0384 3908  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
15:37:58.0424 3908  upnphost - ok
15:37:58.0442 3908  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:37:58.0469 3908  usbccgp - ok
15:37:58.0483 3908  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:37:58.0530 3908  usbcir - ok
15:37:58.0549 3908  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:37:58.0573 3908  usbehci - ok
15:37:58.0591 3908  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:37:58.0621 3908  usbhub - ok
15:37:58.0633 3908  [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:37:58.0653 3908  usbohci - ok
15:37:58.0663 3908  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:37:58.0695 3908  usbprint - ok
15:37:58.0705 3908  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:37:58.0727 3908  usbscan - ok
15:37:58.0738 3908  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:37:58.0782 3908  USBSTOR - ok
15:37:58.0803 3908  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:37:58.0833 3908  usbuhci - ok
15:37:58.0859 3908  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
15:37:58.0880 3908  UxSms - ok
15:37:58.0909 3908  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
15:37:58.0959 3908  vds - ok
15:37:58.0986 3908  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:37:59.0021 3908  vga - ok
15:37:59.0039 3908  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:37:59.0063 3908  VgaSave - ok
15:37:59.0082 3908  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:37:59.0094 3908  viaagp - ok
15:37:59.0110 3908  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
15:37:59.0134 3908  ViaC7 - ok
15:37:59.0152 3908  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
15:37:59.0164 3908  viaide - ok
15:37:59.0180 3908  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:37:59.0192 3908  volmgr - ok
15:37:59.0219 3908  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:37:59.0235 3908  volmgrx - ok
15:37:59.0266 3908  [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:37:59.0281 3908  volsnap - ok
15:37:59.0298 3908  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:37:59.0313 3908  vsmraid - ok
15:37:59.0351 3908  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
15:37:59.0417 3908  VSS - ok
15:37:59.0459 3908  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
15:37:59.0485 3908  W32Time - ok
15:37:59.0503 3908  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:37:59.0547 3908  WacomPen - ok
15:37:59.0569 3908  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:37:59.0598 3908  Wanarp - ok
15:37:59.0603 3908  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:37:59.0625 3908  Wanarpv6 - ok
15:37:59.0642 3908  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:37:59.0688 3908  wcncsvc - ok
15:37:59.0723 3908  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:37:59.0765 3908  WcsPlugInService - ok
15:37:59.0783 3908  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
15:37:59.0797 3908  Wd - ok
15:37:59.0829 3908  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:37:59.0865 3908  Wdf01000 - ok
15:37:59.0901 3908  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:37:59.0942 3908  WdiServiceHost - ok
15:37:59.0948 3908  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:37:59.0976 3908  WdiSystemHost - ok
15:38:00.0003 3908  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
15:38:00.0021 3908  WebClient - ok
15:38:00.0041 3908  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:38:00.0060 3908  Wecsvc - ok
15:38:00.0070 3908  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:38:00.0092 3908  wercplsupport - ok
15:38:00.0110 3908  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:38:00.0133 3908  WerSvc - ok
15:38:00.0164 3908  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:38:00.0178 3908  WinDefend - ok
15:38:00.0185 3908  WinHttpAutoProxySvc - ok
15:38:00.0217 3908  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:38:00.0236 3908  Winmgmt - ok
15:38:00.0278 3908  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:38:00.0379 3908  WinRM - ok
15:38:00.0435 3908  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:38:00.0475 3908  Wlansvc - ok
15:38:00.0500 3908  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:38:00.0524 3908  WmiAcpi - ok
15:38:00.0556 3908  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:38:00.0579 3908  wmiApSrv - ok
15:38:00.0605 3908  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:38:00.0677 3908  WMPNetworkSvc - ok
15:38:00.0707 3908  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:38:00.0732 3908  WPCSvc - ok
15:38:00.0752 3908  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:38:00.0783 3908  WPDBusEnum - ok
15:38:00.0843 3908  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:38:00.0879 3908  WPFFontCache_v0400 - ok
15:38:00.0902 3908  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:38:00.0938 3908  ws2ifsl - ok
15:38:00.0972 3908  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
15:38:00.0989 3908  wscsvc - ok
15:38:00.0994 3908  WSearch - ok
15:38:01.0160 3908  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
15:38:01.0302 3908  wuauserv - ok
15:38:01.0325 3908  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:38:01.0354 3908  wudfsvc - ok
15:38:01.0389 3908  [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
15:38:01.0417 3908  yukonwlh - ok
15:38:01.0439 3908  [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport         C:\Windows\system32\drivers\zntport.sys
15:38:01.0452 3908  zntport ( UnsignedFile.Multi.Generic ) - warning
15:38:01.0452 3908  zntport - detected UnsignedFile.Multi.Generic (1)
15:38:01.0456 3908  ================ Scan global ===============================
15:38:01.0474 3908  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
15:38:01.0502 3908  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
15:38:01.0536 3908  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
15:38:01.0569 3908  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
15:38:01.0586 3908  [Global] - ok
15:38:01.0586 3908  ================ Scan MBR ==================================
15:38:01.0601 3908  [ EF9CDC51B437D322D54016B68F003416 ] \Device\Harddisk0\DR0
15:38:03.0942 3908  \Device\Harddisk0\DR0 - ok
15:38:03.0943 3908  ================ Scan VBR ==================================
15:38:03.0946 3908  [ E248D45138BE7EE37337D9281B61475A ] \Device\Harddisk0\DR0\Partition1
15:38:03.0948 3908  \Device\Harddisk0\DR0\Partition1 - ok
15:38:03.0972 3908  [ 7F832EBCCC8E8ECF76AD66C893C5BC8D ] \Device\Harddisk0\DR0\Partition2
15:38:03.0974 3908  \Device\Harddisk0\DR0\Partition2 - ok
15:38:03.0974 3908  ============================================================
15:38:03.0974 3908  Scan finished
15:38:03.0974 3908  ============================================================
15:38:03.0991 4728  Detected object count: 8
15:38:03.0991 4728  Actual detected object count: 8
15:38:36.0461 4728  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:38:36.0461 4728  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:38:36.0464 4728  ETService ( UnsignedFile.Multi.Generic ) - skipped by user
15:38:36.0465 4728  ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:38:36.0468 4728  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
15:38:36.0468 4728  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:38:36.0471 4728  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:38:36.0471 4728  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:38:36.0474 4728  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:38:36.0475 4728  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:38:36.0478 4728  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
15:38:36.0478 4728  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:38:36.0482 4728  tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
15:38:36.0482 4728  tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:38:36.0485 4728  zntport ( UnsignedFile.Multi.Generic ) - skipped by user
15:38:36.0485 4728  zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 31.10.2012, 14:32   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.01.2013, 15:07   #13
Rapunzel
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Hi Cosinus,
so nachdem ich mal wieder bei meinen Eltern bin und feststellen musste, dass sich mein Bruder nicht wie gebeten um ihren Rechner gekümmert hat... bin ich mal wieder dabei.
Dein letzter Post sagt ich soll den ADW Cleaner downloaden, muss ich jetzt vorher nochmal was anderes machen, oder können wir an dem punkt weiter machen? Der Rechner zeigt noch die gleichen symptome wie beim letzen mal.

ich hab den AdwCleaner nun mal laufen lassen und poste dir das Ergebnis nun schon mal ohne deine Antwort zu kennen.

Code:
ATTFilter
# AdwCleaner v2.104 - Datei am 03/01/2013 um 15:17:39 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Benutzer : Edith - EDITH-PC
# Bootmodus : Normal
# Ausgeführt unter : E:\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\Edith\Desktop\Search The Web.url
Datei Gefunden : C:\Windows\system32\conduitEngine.tmp
Ordner Gefunden : C:\Program Files\Bigpoint_Games_DE
Ordner Gefunden : C:\Program Files\Conduit
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\ProgramData\iWin
Ordner Gefunden : C:\ProgramData\Trymedia
Ordner Gefunden : C:\Users\Edith\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Ordner Gefunden : C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Ordner Gefunden : C:\Users\Edith\AppData\LocalLow\Bigpoint_Games_DE
Ordner Gefunden : C:\Users\Edith\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Edith\AppData\LocalLow\ConduitEngine
Ordner Gefunden : C:\Users\Edith\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Edith\AppData\Roaming\iWin

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Bigpoint_Games_DE
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bigpoint_Games_DE Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E3DBC69-A682-48DA-84E1-82C63A5D678E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E3DBC69-A682-48DA-84E1-82C63A5D678E}
Schlüssel Gefunden : HKCU\Software\SweetIM
Schlüssel Gefunden : HKLM\Software\Bigpoint_Games_DE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0D6377AE-E658-438B-86CB-3E391E222697}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0E3DBC69-A682-48DA-84E1-82C63A5D678E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2843456
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E1BF2A3-E2F2-42D6-8D53-5E91145FFAA5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91B40B02-2E6E-4ABA-B801-394F7FB67252}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E3DBC69-A682-48DA-84E1-82C63A5D678E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0D6377AE-E658-438B-86CB-3E391E222697}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00e1b559ced624f1a3ef930630c2d865
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\014247aa6684667a1a6cb0649a76f2b1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\02bf65d645994df0ab711ea0e293f29d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0376013e604e0b4b294e2c4dee4619ee
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\04220b3d475d34046c07d6c88393c6ae
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\057c882e103cd9589befac1883d55afa
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\05a245f300cbbd4d08570a384a12266a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\05ea5bdc3f82769bb2eeb89a386bc782
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\07d6cf989c5f059b3f8bcdfe40ef602c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\08ab9cbf5344299c7d466bd8e94d7e0a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\09edeccd5d83ce98357d9c9991943252
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0adcb073481050cbb1b7b4175b8e6588
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0af1005bb5d169e13b87405110fa5ef6
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0c6992c24d5411a5081752bd53f1477e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0d493cf1ad29a3b70fa8ed923dcd00cf
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0e246099ed902dfce12f78e15c73590f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0f99af491aff00c16d849d3fe4096272
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0fd0f6b44956cb2766bbd2c1777f3eb8
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\106b85ae83d539b13f7d9b3d85969b2f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\10888a5b8643982a1f8e7de8c303ccbd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11325312fbcca72c44e7b1d79ff1d91a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1162837562abe15d1f81648f0bf48c9a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1165ec625d3e139776a56cf67f3d6120
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\124154c710f34c2474907671b8f8d183
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\13049109b58c0d3b0b2dde8ad176c8be
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\139391eab118382ba57764aed1efc415
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\13992c6e5ee111d5353a87e99437fe05
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\151910def50927b17077484b701c0e7d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\16029eb9b71484ce74db737c7af8be19
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\16e88445017ad311f6ee00aa68ad2f53
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\17435ae919ade1a7a5ad799e118be3ff
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\17687044a0d8ac2e646c61a964a4b542
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\176aa715340657344ab3186f2a18bc6f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\181b963359067c16a71d29c79f05dcc0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\18278aee4149e8f4ef69c5850e7520cf
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\182cbaeb29e16344e6068a8f7880ee1f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\18fde4a01007ce9439cb02fb04abeb36
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1a6860eb24d1408da168a07da9d8fbdb
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1b7bca932e8e58197c81aef12b0aeb51
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1cc8d8bd45a3736808a050a1ec834a7f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1daa2201c34811fab931e7d9e24e8bab
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1f61e7ec2576786d48806290a053bfc4
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1f94e3503efccce0a4a7b6aaa3e4966e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2158fc2337e2d7fc47cbdfe0e2d81acc
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\22ae7ae20bca60d6b860e5b4c7b732da
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\234f2db111d5257db058c4a7a67bbdf8
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\253042ea9cb0f11924b0565b43ad207a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2546bbc711ce5fa2f9007029f8f41a40
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\26262d06e9eb8c338e30052561cdebf9
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\269bc42580c75874604de6aabd7493b1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\271fd06e44020a7a4aeaf9c9e14f84d9
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\289a1f7f4e306bd2cfd29deb7953aaf2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\28a30c291dd46a8ea81af217e55f07d0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\291f2434253d459d7bccc321e67eecec
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\296ecb9fc13764e0230ab0c5473bcbdd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2997096f191e156e0bd9d4b2df6615f2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2b51f04928bae3f46132cd762d65793e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2b6ef53c8be587bac43502dbd99083d3
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2c403620cd48401a3145a4d7e035a8be
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2d7b387535d20c673575b79c6f81e85b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2e73ddef438329af74a9f65da2854cf8
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2e76f555ba3c48d5febe6f629efe4b04
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2f67f0bcfdb22734dcc9aeb05adc571f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2ff5c2a2a6aedcc826318e2ff538b3ba
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\306339fc7e9aaa3081845b0fafe0a749
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\30d1f9df6e6bc9f26b2b50f5c59a2dfb
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3117e5a058258a628389ce9ce6e48899
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\32299b1241ce153602d531040bd52cd4
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\325569938ff50c58c55f13c8ab650131
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\33b709e6d787d5e9ad13c6d2e7561ee9
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\34eaf87e3d1c24ff16de0a4f63ebf4d5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\351e339326ab9d6f3dd0d8125eae7347
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3569f141f918485bad7c95db3c5634f9
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3579ddfd54c5f785ab5b7ad236e820d2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\35aefe586be6c37117d9ba273996dd43
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\37e10e4eaf44e0b4f634b76a940b6c2d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\392ba32b43af5a364c6b8a1860db5821
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3b39a580e29238f298e9acef5ee89895
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3bd6085ebcbece804b58ed374c123eed
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3c1e9102e37066ea59a11eb8e457c538
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3c5ae2f8642e34b5ed77d3a9ce2f38aa
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3c6518896eaed5bca9bc15359c93214f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3c8f832a24987a30adf8e9147475f954
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3cb1e59e3f781367097efff509bd1537
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3cf9394bb563d58bfa5096cb7f7afbc8
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3d240b89e6b43faa69c1111923dcfa2d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3d25bed01b591f56276c095686a8cbac
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3d6a0fd7d50d9d5415e8469c14994675
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3d9bb6f7c8c05e39b710a5f836304e5a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3dce5944431156c5fe7e1b7de9b8349c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3ddd5ff4440c4d302b788f62232b6777
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\40cc73d9b0e87fa550d9782c60c15533
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\413e9c1f7ba7850ebd0333569b38edc5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\41aa27a9faf6b15693cebb87ccf93d67
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\423ec29fab27f6e2f661c7bb6c1da0c8
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\42b10e78bfce371ba8e27bf741d8f884
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\43553c524e6061eba688e14da37a60c0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\43a2de983fdf705ec26cae90d18ae727
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\43dce29cfe68202d94002ef8c63c0fbe
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\45b3610e9ea2612f552fc6d784acaa36
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\45c023a4ea225afc375e1c5d3c061dcb
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\45e12825b160579182be32e117908b5c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\46d948619265fe329bdcead717ccea2f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\471ba6cd33131738cf23e42fb0ab4663
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\477ddef69c1f5f948c934c84eb573b5e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\47f3fb5508a5d1441e6fe813b4135c5f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\48f6e89a797a5cfede263da0af1b2b9e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\49a213cae8c161bbc6283bb92a2911cb
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4aeffab8a8c3ec7a5a93e7cf705ab2af
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4c11b52be6506492b1916ad45d6be024
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4c2650c511b32052b3ea2f2bc2ada406
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4c8bcaea192ff95078a4791d7d80e13d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4e22301604a3a670489ec087182c3f06
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4e23c238b344d82a7faaf1494690f46f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4e37bd09df0b501e93734444fb8cdc07
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4eed420afb59b307ce0db3d79b957aef
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4effc537753f11aa3e22e5e228023e7c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\50116be4cf279d7647d17eb0c3223d70
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\522905884c7f43e562d60cb52a53ffc9
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5230c37c45a6b65fb90ac0e374480681
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\55a745e2adb3fde72f09d82e3f341b08
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5639b1fad48fcb9c53127645315023fd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\56a33af394bc3377592ce7cb81fc57d0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\57326bc7834f0e00393c951940d1434b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\57ba3f53445489d370f4fd720039d66b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5836b121df832989d8645df4169ace0a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5b301c8ce8ee9659ef55dbc14703bf44
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5cbcf11a490d1678b3560e8983c718a7
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5e0945296ba275875c8dd1e439d3edbf
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5e5ff56847becc5026ea09356e60c70c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5f99b19701411b5b611d3bb2ee2d2b68
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5ff194752835a6fc03805ee8491efcc2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\60cd22a3127c1cc8fd38a8d878c7071f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\60cedf44a24ae5bc6c4ff75e86f36b06
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\61cbfe06316f53e1c8518aee65463f2d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\61f6d19a00f59fc4d27e8eb21f84b843
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\635f4d5c8f14d472ee7b8f16b2e99bbe
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6397f6165463b131a2b4942ad60a5df8
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6446c312450fd427c4f7551cf20ce3ae
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\65df6446db757f428ab8c929827ab03b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\666888ec6a50632cb5dd620f18da86cc
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\66db8e62cf0f1ce07680a7bc11555b35
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6705ae1f3da4b4f6b0111b3b060d6e9b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6708a40481812f7b6411c106621ddd31
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6729c8094a6a3b5a6abc86f976924cbe
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\678d7e1d45224cab05717f206d3fb25b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\67e5d2ae09a0f7f7e8a0d2766fb5acb7
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\68a0880c89e76dd899e0dbc4efe1cda1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\697b5ff6c1ec62038e8d61209bc5b894
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\69e2f5cc670c6e6287f53adfe469fbb2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6a6097d0dea833d0214ccfa7c5cd7176
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6ad7899c318eaf3ec3c5fdb85ece0524
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6afe50de9e18cca03f159da105f3dc10
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6c75f92a6dfe86ddccc56157a58bf4e9
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6e9626d7f3447702b5661b801c9fbc95
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\70b76023a3ddc11710578e44672821c2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\713520d164215414124cf835cf12f18a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\718d12a9362689dd7bb4e6467d30994d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7290350c215a1c496a9dcc5bdb4f18b5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\72baa5516b21d0e55eb8ddff53046e92
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\73e8da76c041545a75a93a83ac3b7c43
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\73fdc4e3610f9d8ceb6657563a4edaa7
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7466c8e5f9dbf3dc2c9340b688c393b3
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\747195eaea84191f99837a0096920c62
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\74d96a04121039bc879021757c9779d8
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7678f2885f11f24562a4f5a474e8c0a6
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\76b63e7fe0fc8747db2c74e2b5aec244
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\770f4fed8b0399cde2b6c8829b750439
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\772ca1b4cfec1273789e8ea562455ac1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\786908f419ff1a7e4c2b7eb1bf2ec204
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\78a6b53ed6faf3bd24ac28dbeb5cde01
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\78dc5179eaa99267fa9b0d3b99562fa0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\79445319d1160bb762f86e17d5887e1b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7992daaf908e8e9d112e37a4588a4c4e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7a89af5716b75390b9bbc95d4ed03a4a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7b279fce8b9d0ab06093a67a8a794224
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7c9c1bffb57f1000a4e856bc3ac10962
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7dd60215c3d8cffbd06672b0367fb333
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7dd85f6e307e66d9ac9603da5b928215
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7e11af21bcb249877171dd973aa23cf6
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7efeb9935159a92ad4e101276c2a02bb
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7f7c3e80a2874a12de71660ab6b64cf3
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\7ff0b1b72a74bdf5488c7464ef1b606e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8207cdb33866eea9d9b08268c0d61fa2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\826ab6f0395d85256a88547e0cd988bf
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\827bc50d929d3142db3db7d83e32ee38
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\82bc3cbda6901a08f61c03cdf2301e70
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8352ffee66421e4f1f82228ec726498a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\835602981aae4bf1bc1ff3a182ab991c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8397e6a20ce644b4673f26d56b4b7f31
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\83c898e9263916123458b0e2f3518c62
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8457237efec07770b6e3b130aaa0ec9d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\84cb41c798293c618d90d611dcf85607
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8617b280ce3d8581e46e17e0197f18ad
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\86dcd08c485560adeb3e20f4268c273e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\88f158cb2805a52a4032207bec2bd9c9
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8b567f6f25e6a3d6abf028aeb1d36a31
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8b9f129ce2fc50581550300def4096fc
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8ba0281c26cce311ea8876194c2cca4b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8c73f5764e9fe1888d67d186db4df253
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8d010cd5a14870411b985b9380d151f1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8d34dcbf4d969d9461fc5f65d73c6c57
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\8f4eeb8f19c703c870e9805dfadc343c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\92e6403d1dd3b3d683753ae3cbc5c9a0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\93089dc81e08bdcfc15fb39117c66117
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\94026ad2e6d719179a68f94cb9fb25f4
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\94a888f0cc14f46f31dbe64760d265e3
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\951e8e9b5071a0be49c3397471682c1c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\970422b33ac557118989a5a968fba920
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\97aa6660c2eb5d7678ec45247eba5328
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\97c729204bb11c03f1a73996b7eeab21
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9827693c674f0e9c022217c8990a70bc
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\989488a56fa041e1f64e1f57f1c35f9d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\991f99f096d8e5496b7bc09fa0270ff4
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\997f0cf6c175a5a902a9b866c3367672
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\998a6e19dcb96681ff0907f0379d97b6
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9a0330bf9b61721724f9d5ce6a50fbb4
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9ac1643eb7e8f26282321d12c5baf3bb
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9bfa59cd9387022c9df48f096691c809
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9c9c5338e0567bbe27cc20b4e137575c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9e355f5d79e9bfe6c16a3c3e03255ace
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a0a2618df2ff10438b6252fd72cf47b1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a16c96001b7336d3f47b42e6e9f29eb3
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a17fb27351279b6fe4586668f874a341
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a1a101f30f5b601361515c8f8f1ff2a5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a271cc6b77ac1a656f0ce84536bd92fd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a2d4cc8b39cb20b9d1ac5da7e5d9ae89
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a32bdc26715a658db8a3a83728f65a6d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a4e02b1a3f0af5eacacb28fd9ec66a68
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a5c20e9a5fdba5e0e7c53cd440c0f550
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a5ca1c6c4feb0b356ccfb636f44b4f77
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a63cb40de598f8262bd8ace6002eda2e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a69062b89c30ed42468ecdfcceb1ff58
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a6fd6c4342f11477142aa13a2d4a6901
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a74bf894030acb7ac2bd7564ff2d97a5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a777c78c9146e4f45fe2f83e9aed40e6
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a78dac81f21286a9f5ebf5e45939c7ee
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a7d6a8b7310cd2714b7cd7402a53c2a8
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a825afb2697bb77a7d4b3642dac0df8f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a8f1d0bcd4b9b29c92d0e8dc4789ae27
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a90308deb488b90b0543ff928e822886
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a94cfec0f7ba1b87f53f8e28012731f7
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\aa47603f119b46e5131391fb9bfb05cf
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\aab6280399726c8989597e722cf7d817
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ab4453330c5c346fb68c5aeb893ec52a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\acb4d43cb13748f0de98ee93a416e523
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ada537fcf303021844317a63bfda5913
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ade3fe09e36103d093c6645eeb8f4e7c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adfb4a5cc879860f0bed0174db0d1be3
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\aef5a9657cfa26e443c05396ad19fd45
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\aefc89c74a022e0ea17e0b0162a69c28
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\afb0d8a873f1310ba3407f1f7b63f462
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b0410d01ae8e35678d1e63e8f89099aa
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b0e75ac12f880fb0187f87dd7ab867b8
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b18c34a406d214d888e13d82a8012b1c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b25edbb15a5d509921d3e65dec17a3ed
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b2da15c36e2b63d8436b7a24207fcd29
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b30f9ae43e897553d04c7f2cfac6f3ff
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b344d627364ac71e5c2cc5782c4aa312
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b4291d6d7c9a1f520cfd708e28b2ba30
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b6496738c533a699d9fd84019cbbb409
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b66f63d81b4fe553a19b99f1c66ce1fd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b69241404897e9d5e82a784891295943
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b71e06c6295af9b9f75fcfc123e2928b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b78c8d913ae136387442e0609b8898e4
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b863b10f162295618688a9fbd43f290f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b90ce29cf478a8fb9bbac8adf6878013
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b9a1d34ea5d250cf97c89f6259b235a2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b9c1511e23aafcf04319e3a1ffaa182a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b9c537df522b7530c37f545bf9e46f8e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ba26ac7b8de4f51a8bd11dee6334e370
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bab3573d4d9b902ade5e750cb61a6c3f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bc1946cb4508c2f2d50782d5b0ef9b50
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bc79366f42827fe0504765ca103ab3cd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bc824e8e93a63ff6625394a6ca700d2f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bcb57787f07de542295cdd37d7b208aa
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bd1a1f16cb175a721d7add372740fd2b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bd2f9de62eb6554c561207a752e73b85
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bddc84d8532d2a1cfc81cee637a2272d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\be34dc910c6b59eef85bb3d69e6d4dcd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\be6ab7ef2720f6472c3ca6535ec90e2f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bed362e778ff6452d844eb92def7ff8b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bf28585d035ebda81d8dad6bba4b578b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bfcba5e185dcadebf291762490f98a06
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bfe812881dce3f50b0b3a8a50ef99ae5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bigpoint_Games_DE Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c0208e2cd329954d4577af5927c2251f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c0d72b740a43567a06dfe7b5224cb107
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c0ddc7391c2206c4ef46a60e81fd7b22
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c1abac18d5e13c3266c8783d32b97e5c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c1e0825237035e41578235c690260f75
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c2df1ee061daacfe2a406dc3b3a3a3e9
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c381d702bc2676a35e6dfb2e3dbc2136
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c40ba4951166b25188105b97864d7512
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c664cf804326a3d82a947929ca42bbed
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c6aa27fd20b4ce3bd40a6e91b5892168
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c7bdf000efa3f2f32977d770027a79b4
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c9b68857e9c3ba1a5ed9a1c6b50209c0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c9d31884ce42e5f1b44a7ee2534efc52
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c9da0260b146f45e13d1f4130ff849df
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c9fc4ddfc18ce28c6b91574e48c1ed01
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ca255af5cb6e1e0d58703a1c3cb68ab0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ca67c40049541084a074b894ebbd9339
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cb17b1142fa287e9a7421ae36c2d1cdf
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cb190d64a8a5519d00c138dd283bc4b5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cb1a5afad7706cb07fe9f1c363f95469
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cd2687ed9cb8e326a2e0fd992f08c18c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cd50fcf2fa979c22ba6eff7bb7460b7a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cd7913543af33219d56ad2719d852e0c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cda6c19e0b22721a6a5512e6dd48fc8b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ce6de3d80f47b5251fdc89bac7ce2493
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cee92db041d5906bf5d0aed40a5eea58
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cf6e38019d336eeedc346759493bd1f6
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d0ad26f8b4c2bbee98449bb9fe537b08
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d0f64871084b88bc004f8a63130a691f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d29220003a0ea3b8d3f2a89b09479459
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d33cd9870bf3cfce8e8576a746fb4aff
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d3e34edbc4e705f32b1886f020982e50
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d4bf59ffab632c190ac4b5b18352daf2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d5a7490122d345d97667274c68c8a828
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d6114b77d0bfac9b2f3ff09a5766658b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d651238e74d032648955f69331eace22
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d76b76d8965ca413ab169999e07df4f2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d7879d2f63b407e6e57379f06dc1aa78
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d8070d7e8c4274252401fb288a234cd0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d81afa1ea41cb6f904a9dd1e78a7a567
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d826ecda1f039b32feb97b6d5cbbaa08
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d8dcfd372189508fa2b61e7cd2357f50
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d93a1c6595d22217f20ed1c5e9653db9
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d93b5ebe950ce6da0abf14a6dda77cde
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d98f52976e41632129699108bd8e3418
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\da4f42c103308f853d4bf9f8d74a3867
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dd557eeb5183d25fb04a56ad822c3892
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\df6388156c61ad40a17847927787c4bd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e021185b80aa484806a106e0f5a59d43
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e07659f36e65d6adb22c8f4b548bb42c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e08c82c87e91a23ce17f319e290420fd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e17b8341209b0b0eed0c2d6a0efd16ee
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e39774d1ce03b1a97c606f8ed7d1a04d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e3b2ba44533323c1275d594a526fa9ee
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e4ca13f016c650b1f2072aee3cee37fd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e50958c0e0cb7acb43f66d5398e0f258
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e5512dab491648d446cf7dc420d66387
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e5712b4fb8d990849dcf68488bfc982a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e5acbe65a254f8240b2d6cd1299a195e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e64b7c18a9cb9917f521c6e69f5b7fdf
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e65f7f34c3d171b5ae11c4e3f8a0300b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e6aff4f81160413deb91cdeea0f98f4f
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e76a332bb178fecd32a78a3fffa62d0b
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e7b9ee1f8e59f55a9cbff28b7ddd7e73
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e8d5b7bf5a6bf65977cb25793049512e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e9cf750b4c09f6d0f569578192ee0511
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e9e5d26c9c08ebd9e5b3f7fd3ab6f04c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ea896d0011037d5c7d4ad5657b8283a0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eb0afb25bbcbce3e9e03d77b4bc59e60
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eb23d6bafee0a77e02ed8543c655bee2
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eb5486530c957e82d3ca8661e6123465
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ec2e3c5059cc4f06bf348dbc34140a02
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ed9a0e8e507cf2dda83b5590a10a0072
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ee0f29c00e79d594917a793c52696436
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eef9c77abdce5b3d33dddd330d3fcfc3
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ef0fb31eaa5898fd24dc211df0834426
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ef1bf1ce152cd61e99dc9d012525be2c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ef69b544b545c7245ca42205a62d0798
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ef88c8b4ccaf356b17a8914c0635327d
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f048260e844f3ab1d8076f640cec61bb
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f053e4b1eb9a0cc9979846de731a38b1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f06b690a072db37fa9eb3b87f7f3eaef
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f0f6700c4c9b31d495f856d81d17adcf
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f1333d154fc2c5fa31789e277660399c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f25e98477d07474ed38fe87208f4efab
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f31e70399eb1c9a997d4c5a67e1d75d5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f387904eb1812f6be4654d65d7065356
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f391612f1dc75ecfd794b51eda4d1db0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f3b4252df963b5a5fae1199eb2930ae5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f442e5f870b74dfd00064ccbb016b378
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f44ec1c968f4678f57fdae0f94d4549a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f524540ae2b3e2ee8ce4c8b93d3412f4
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f5a80829226b7d8ffa1fe30406caadf5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f62f0718cd2d01b943368aebc900f204
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f75f14af08912bb4a95c45153399bd7e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f7db434943edb3e4d1e50482e27c244c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f854b0771d0d1c61c32a7bd6548cef7a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f94b86cd19427df95206fdb2aa9f428c
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f9586e355ae8c8fbd90eb14a01e12c3a
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fa70aa07058bd9864be8bbb5c52be07e
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fa7dedc709e5854130b511e314498b38
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fb25fd262adb12672092f3827f355795
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbca83a76ff0906d6cf11296b6ec9449
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbe83e4b6f63f3e850ac3907350adb95
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fc705c18cc104803845f923429661dcb
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fc9203299058725d5223b972754719ab
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fcb5ed2b348b175e662944cb9a497361
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fd31db37f368bf575c9eb3d51ef0b9a4
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fe2183dd58b677049b0a49ab442c4024
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fe75f177fb50a71d96b061e7d8cc4dff
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ff3df36df5d91f8b709a22f71ab1f052
Schlüssel Gefunden : HKLM\Software\SweetIM
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0E3DBC69-A682-48DA-84E1-82C63A5D678E}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0E3DBC69-A682-48DA-84E1-82C63A5D678E}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0E3DBC69-A682-48DA-84E1-82C63A5D678E}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v23.0.1271.97

Datei : C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gefunden [l.13] : homepage = "hxxp://home.sweetim.com/?crg=3.02010003&st=12&barid={8EF9C8D5-6BBD-4F5F-A082-4CA5E908351A}",
Gefunden [l.17] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?st=2&barid={8EF9C8D5-6BBD-4F5F-A082-4CA5E908351A}", "hxxp://www.google.de/" ]
Gefunden [l.57] : keyword = "search.sweetim.com",
Gefunden [l.60] : search_url = "hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={8EF9C8D5-6BBD-4F5F-A082-4CA5E908351A}",
Gefunden [l.1789] : homepage = "hxxp://home.sweetim.com/?crg=3.02010003&st=12&barid={8EF9C8D5-6BBD-4F5F-A082-4CA5E908351A}",
Gefunden [l.2147] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?st=2&barid={8EF9C8D5-6BBD-4F5F-A082-4CA5E908351A}", "hxxp://www.google.de/" ]

*************************

AdwCleaner[R1].txt - [49765 octets] - [03/01/2013 15:17:39]

########## EOF - C:\AdwCleaner[R1].txt - [49826 octets] ##########
         

Alt 03.01.2013, 15:32   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.01.2013, 18:37   #15
Rapunzel
 
Home.sweetim.com und Norton Antivirus - Standard

Home.sweetim.com und Norton Antivirus



Code:
ATTFilter
# AdwCleaner v2.104 - Datei am 03/01/2013 um 18:29:50 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Benutzer : Edith - EDITH-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Edith\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Ordner Gelöscht : C:\Users\Edith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

*************************

AdwCleaner[R1].txt - [49896 octets] - [03/01/2013 15:17:39]
AdwCleaner[R2].txt - [1069 octets] - [03/01/2013 18:29:30]
AdwCleaner[S1].txt - [49039 octets] - [03/01/2013 18:18:59]
AdwCleaner[S2].txt - [1003 octets] - [03/01/2013 18:29:50]

########## EOF - C:\AdwCleaner[S2].txt - [1063 octets] ##########
         
Code:
ATTFilter
OTL Extras logfile created on: 03.01.2013 18:41:04 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Edith\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 67,88% Memory free
6,22 Gb Paging File | 5,10 Gb Available in Paging File | 81,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,59 Gb Total Space | 116,33 Gb Free Space | 50,02% Space Free | Partition Type: NTFS
Drive D: | 348,93 Gb Total Space | 348,82 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Drive E: | 35,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: EDITH-PC | User Name: Edith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006954EA-33EB-4662-842D-0ED75DD46D48}" = rport=138 | protocol=17 | dir=out | app=system | 
"{076F689E-8ECD-49E8-A6B7-2C378EFA8001}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{158A323B-9C9C-49CC-88F6-9CD905A9329C}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1C9DCB09-DDC2-4518-B255-B85D904D8A16}" = rport=445 | protocol=6 | dir=out | app=system | 
"{378D3547-7232-430F-BB97-950712323872}" = rport=139 | protocol=6 | dir=out | app=system | 
"{64760F7B-A695-459C-8A9F-DA03B5794472}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6E1202A5-ACBB-434E-BA4D-CDD4028A90E6}" = lport=138 | protocol=17 | dir=in | app=system | 
"{713027EE-D076-43AF-922B-152A5683D367}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare | 
"{9153DF09-CB74-44B5-9907-3A5408B5B33D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{B226DB71-3A87-47DD-91DF-79157A395E3F}" = lport=139 | protocol=6 | dir=in | app=system | 
"{EAC019C5-CB53-4DF6-AB6B-176CFF971BC8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{EE0D3293-F606-4D14-A416-7A2174A78452}" = rport=137 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C0300E0-A979-4BAF-99B6-D1E1A16B62FD}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{0F4BC87E-4228-4DAF-A68C-0B4ADE147DC7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{12A2D350-28D1-4D9D-8529-AB016AB1C531}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{29FF0134-CA76-4EA9-A866-900368701297}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{3C88ADDF-D00B-47B0-A939-6529FAB84096}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{44F6BF40-064A-4511-A88A-11F2346325B6}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{450833A5-9B15-4522-A5B8-DAB59789A67C}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{5F0717ED-4813-42AF-B6C4-0FC5D9F9227F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{725B2B26-300D-42E2-BC4D-FDCD06C164CD}" = protocol=17 | dir=in | app=c:\users\edith\appdata\local\temp\7zsd11c.tmp\symnrt.exe | 
"{78F19545-1C99-4A05-8C12-DC0A101ED625}" = protocol=6 | dir=in | app=c:\users\edith\appdata\local\temp\7zsd11c.tmp\symnrt.exe | 
"{7FC539DC-5998-4546-ABC2-AD96E2392336}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | 
"{842CF817-E40C-4A33-B135-30D12DC90F21}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{984D4E27-97C0-4E6A-811E-CF5BBEB3E983}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{B0C4A9FA-72B1-4FBB-B296-24B4A5D03155}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{C33B3561-5982-4C24-ACA4-945964DAD405}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{C4C37BC7-AB14-42D3-BAB2-2C8502F01D02}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{CBD20412-4AE2-410E-B5BF-E26CD4BCBDCD}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{D4C0F7E0-D2A5-4F32-BD66-7F5C599ADD23}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{D7DD609E-67B8-4721-A1F7-AAFEB4DA645A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{E612B596-AA13-4AD5-8501-7C1BE788A785}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{E7FE9AAF-B804-4E40-B0B7-8B72E9B91ECA}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{EC48B1AF-1698-461C-9F67-6C2A96872912}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{F849A470-A959-46AE-909C-AF15096DB7A9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{FFFCBA17-1084-478B-AD4A-BB469A226CD1}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04440141-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Professional 2004
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{1BA978E7-2F4C-442F-BB58-6DCCC6BB0074}" = Haushaltsbuch8
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4C7F547E-DDE3-51BF-1D2E-04816F30AD66}" = ATI Catalyst Install Manager
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 7.0 with 5.1ch
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114039310}" = Turbo Subs
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114669510}" = Egyptian Ball
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115050127}" = Mystery PI The Vegas Heist
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115430860}" = Amazing Adventures Around The World
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116555140}" = Farm Frenzy Pizza Party
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116609607}" = Undiscovered World The Incan Sun
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117327560}" = Kuros
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117398253}" = Build a Lot 4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117673440}" = Hide and Secret 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117770767}" = Every Day Genius Square Logic
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117779147}" = Age of Oracles TM  Tara’s Journey
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118514767}" = Youda Fairy
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118753180}" = Agatha Christie Bundle - 3 in 1
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector (Acer DT)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"510005827" = Crazy Rings
"510005835" = Oddly Enough - Pied Piper
"510006725" = Worlds Greatest Temples Mahjong
"510006975" = Amulet of Time: Shadow of la Rochelle
"510006978" = Sticky Linky
"510006983" = Hide & Secret - The Lost World
"510006995" = Isla Dorada The sands of Ephranis
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"amelie'scafedeluxe" = Amelie's Cafe Deluxe
"avast" = avast! Internet Security
"Diamond Caves 3" = Diamond Caves 3
"ElsterFormular 11.2.0.4074" = ElsterFormular
"Google Desktop" = Google Desktop
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector (Acer DT)
"king.com" = king.com (remove only)
"LHTTSGED" = L&H TTS3000 Deutsch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NetSight" = Nielsen Online
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Online Games Manager" = Online Games Manager v1.10
"Shockwave" = Shockwave
"SystemRequirementsLab" = System Requirements Lab
"TomTom HOME" = TomTom HOME 2.8.3.2499
"Yahoo! Toolbar" = Yahoo! Toolbar
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Gemini Lost Deluxe" = Gemini Lost Deluxe
"Wandering Willows Deluxe" = Wandering Willows Deluxe
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.04.2012 00:38:06 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 17.04.2012 00:39:24 | Computer Name = Edith-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.04.2012 07:23:45 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 18.04.2012 07:23:46 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 18.04.2012 07:25:21 | Computer Name = Edith-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.04.2012 16:36:23 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 23.04.2012 16:36:23 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 23.04.2012 16:37:57 | Computer Name = Edith-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.04.2012 03:16:38 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 24.04.2012 03:16:39 | Computer Name = Edith-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL".
Die
 abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ System Events ]
Error - 03.01.2013 13:40:29 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 03.01.2013 13:40:29 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 03.01.2013 13:40:29 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 03.01.2013 13:40:29 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 03.01.2013 13:40:29 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 03.01.2013 13:40:29 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 03.01.2013 13:40:29 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 03.01.2013 13:40:30 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 03.01.2013 13:40:30 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 03.01.2013 13:40:30 | Computer Name = Edith-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
 
< End of report >
         
Code:
ATTFilter
OTL logfile created on: 03.01.2013 18:41:04 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Edith\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 67,88% Memory free
6,22 Gb Paging File | 5,10 Gb Available in Paging File | 81,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,59 Gb Total Space | 116,33 Gb Free Space | 50,02% Space Free | Partition Type: NTFS
Drive D: | 348,93 Gb Total Space | 348,82 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Drive E: | 35,03 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: EDITH-PC | User Name: Edith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Edith\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Programme\NetRatingsNetSight\NetSight\NielsenUpdate.exe (The Nielsen Company)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
PRC - C:\Programme\Acer\Empowering Technology\Framework.Launcher.exe ()
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Programme\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\nsmmc.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\meter8\npfirefoxprocessor.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\meter8\npwmi.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\meter8\npsurvey.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\meter8\npsp1.dll ()
MOD - C:\Programme\NetRatingsNetSight\NetSight\meter8\communication.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\Google\Google Desktop Search\gzlib.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3009.0__739b31b1908c49e5\Framework.UIComponent.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll ()
MOD - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll ()
MOD - C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
MOD - C:\Programme\Acer\Empowering Technology\Framework.Launcher.exe ()
MOD - C:\Programme\Acer\Empowering Technology\Framework.Presenter.dll ()
MOD - C:\Programme\Acer\Empowering Technology\de\Framework.AppBar.resources.dll ()
MOD - C:\Programme\Acer\Empowering Technology\Framework.AppBar.dll ()
MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Programme\Acer\Empowering Technology\eSettings\eSettings.QuickMenu.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (avast! Firewall) -- C:\Programme\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV - (NielsenUpdate) -- C:\Programme\NetRatingsNetSight\NetSight\NielsenUpdate.exe (The Nielsen Company)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (ogmservice) -- C:\Programme\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (eDataSecurity Service) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (nnfwdk) -- C:\Programme\NetRatingsNetSight\NetSight\meter8\nnfwdk.sys (The Nielsen Company)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (tvicport) -- C:\Windows\System32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (ahcix86s) -- C:\Windows\System32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vb32&d=0908&m=aspire_m1201
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vb32&d=0908&m=aspire_m1201
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\..\SearchScopes\{181DC6FE-6D1D-4817-A41E-8BBBAB8A0928}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1523784361-1419484075-2864972026-1001\..\SearchScopes,DefaultScope = 
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
 
 
[2012.05.06 17:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edith\AppData\Roaming\mozilla\Extensions
[2012.05.06 17:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edith\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O3 - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NielsenOnline] C:\Programme\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-1523784361-1419484075-2864972026-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1523784361-1419484075-2864972026-1001..\RunOnce: [RUN] C:\Windows\Acer_Normal\run_DT.exe ()
O4 - Startup: C:\Users\Edith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Common Files\microsoft shared\Encarta Researcher\EROPROJ.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1523784361-1419484075-2864972026-1000\..Trusted Domains: localhost ([]http in Lokales Intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} hxxp://acerde.oberon-media.com/online/online2/zuma/oberongamesloader.cab (OberongamesLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96895559-8754-4D3B-8B4B-1A2717C5CBFC}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\msero {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Programme\Common Files\microsoft shared\Encarta Researcher\MSERO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Edith\Pictures\ApfelBrombeer[2].JPG
O24 - Desktop BackupWallPaper: C:\Users\Edith\Pictures\ApfelBrombeer[2].JPG
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ea62eb42-af7b-11e0-9a05-002268049f90}\Shell - "" = AutoRun
O33 - MountPoints2\{ea62eb42-af7b-11e0-9a05-002268049f90}\Shell\AutoRun\command - "" = L:\Password.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.03 18:32:00 | 000,000,000 | ---D | C] -- C:\Users\Edith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2012.12.22 03:03:52 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.22 03:03:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.14 06:35:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.14 06:35:16 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.14 06:35:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.14 06:35:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.12.14 06:35:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.14 06:35:14 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.12.14 06:35:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.14 06:35:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.12.14 06:31:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.12.14 06:31:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012.12.14 06:31:28 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.12.14 06:31:27 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.12.14 06:31:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.12.14 06:31:24 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.12.13 11:44:52 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.13 11:44:52 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012.12.13 11:44:51 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.13 11:44:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.03 18:38:31 | 035,526,599 | ---- | M] () -- C:\Users\Edith\Desktop\Firefox 17.0.1.dmg
[2013.01.03 18:31:54 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2013.01.03 18:31:44 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.03 18:31:44 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.03 18:31:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.03 18:31:24 | 3220,365,312 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.03 18:24:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Edith\Desktop\OTL.exe
[2013.01.03 18:18:59 | 000,000,240 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.01.03 18:17:27 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.03 15:28:14 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.03 15:12:15 | 000,551,997 | ---- | M] () -- C:\Users\Edith\Desktop\adwcleaner.exe
[2013.01.03 06:30:07 | 000,000,558 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Edith.job
[2012.12.27 12:20:54 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.27 12:20:54 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.27 12:20:54 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.27 12:20:54 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.22 03:23:00 | 000,437,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.12 15:11:27 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.12 15:11:27 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2013.01.03 18:38:31 | 035,526,599 | ---- | C] () -- C:\Users\Edith\Desktop\Firefox 17.0.1.dmg
[2013.01.03 18:29:11 | 000,551,997 | ---- | C] () -- C:\Users\Edith\Desktop\adwcleaner.exe
[2013.01.03 18:18:59 | 000,000,240 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2012.12.14 06:31:44 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.14 06:31:44 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.05.28 08:16:45 | 000,000,209 | ---- | C] () -- C:\Windows\settings.ini
[2011.03.06 15:08:24 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.10.29 13:13:59 | 000,001,356 | ---- | C] () -- C:\Users\Edith\AppData\Local\d3d9caps.dat
[2010.05.29 19:09:18 | 002,316,435 | ---- | C] () -- C:\Users\Edith\schmehle2.jpg
[2010.05.29 19:08:52 | 002,026,392 | ---- | C] () -- C:\Users\Edith\schmehle1.jpg
[2010.05.29 19:08:21 | 002,139,614 | ---- | C] () -- C:\Users\Edith\schmehle.jpg
[2009.08.20 19:19:21 | 000,052,224 | ---- | C] () -- C:\Users\Edith\Zeitungsliste.xlr
[2009.05.26 10:40:31 | 000,004,962 | ---- | C] () -- C:\Users\Edith\AppData\Roaming\wklnhst.dat
[2009.05.14 20:10:21 | 000,027,648 | ---- | C] () -- C:\Users\Edith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.13 23:40:24 | 000,007,090 | ---- | C] () -- C:\Users\Edith\AppData\Local\slot1.mm1
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 407 bytes -> C:\ProgramData\TEMP:B890E098
@Alternate Data Stream - 405 bytes -> C:\ProgramData\TEMP:80873EE2
@Alternate Data Stream - 403 bytes -> C:\ProgramData\TEMP:AB985F7C
@Alternate Data Stream - 402 bytes -> C:\ProgramData\TEMP:F0A4F95E
@Alternate Data Stream - 402 bytes -> C:\ProgramData\TEMP:3A35C29C
@Alternate Data Stream - 400 bytes -> C:\ProgramData\TEMP:C72E5875
@Alternate Data Stream - 397 bytes -> C:\ProgramData\TEMP:E1A68E67
@Alternate Data Stream - 397 bytes -> C:\ProgramData\TEMP:CB66E9B7
@Alternate Data Stream - 397 bytes -> C:\ProgramData\TEMP:9A071EA2
@Alternate Data Stream - 396 bytes -> C:\ProgramData\TEMP:B203B914
@Alternate Data Stream - 395 bytes -> C:\ProgramData\TEMP:D4CD7005
@Alternate Data Stream - 394 bytes -> C:\ProgramData\TEMP:94C8B75E
@Alternate Data Stream - 394 bytes -> C:\ProgramData\TEMP:44B5FE44
@Alternate Data Stream - 393 bytes -> C:\ProgramData\TEMP:28A1F3CB
@Alternate Data Stream - 392 bytes -> C:\ProgramData\TEMP:CE1DA626
@Alternate Data Stream - 391 bytes -> C:\ProgramData\TEMP:E96C83D4
@Alternate Data Stream - 390 bytes -> C:\ProgramData\TEMP:BE03B635
@Alternate Data Stream - 390 bytes -> C:\ProgramData\TEMP:92B1F486
@Alternate Data Stream - 390 bytes -> C:\ProgramData\TEMP:5177EEE7
@Alternate Data Stream - 390 bytes -> C:\ProgramData\TEMP:387A6F49
@Alternate Data Stream - 388 bytes -> C:\ProgramData\TEMP:A060A953
@Alternate Data Stream - 385 bytes -> C:\ProgramData\TEMP:1F3EEC32
@Alternate Data Stream - 384 bytes -> C:\ProgramData\TEMP:F85284EA
@Alternate Data Stream - 384 bytes -> C:\ProgramData\TEMP:02067B2A
@Alternate Data Stream - 382 bytes -> C:\ProgramData\TEMP:D6BDD51E
@Alternate Data Stream - 382 bytes -> C:\ProgramData\TEMP:B01C2351
@Alternate Data Stream - 382 bytes -> C:\ProgramData\TEMP:4C96DCB8
@Alternate Data Stream - 382 bytes -> C:\ProgramData\TEMP:453C1FA2
@Alternate Data Stream - 381 bytes -> C:\ProgramData\TEMP:3CC5A5D1
@Alternate Data Stream - 380 bytes -> C:\ProgramData\TEMP:FEE5129B
@Alternate Data Stream - 380 bytes -> C:\ProgramData\TEMP:FBC7D82D
@Alternate Data Stream - 379 bytes -> C:\ProgramData\TEMP:9060A47A
@Alternate Data Stream - 376 bytes -> C:\ProgramData\TEMP:804A4210
@Alternate Data Stream - 369 bytes -> C:\ProgramData\TEMP:E5E4A530
@Alternate Data Stream - 367 bytes -> C:\ProgramData\TEMP:4B476508
@Alternate Data Stream - 365 bytes -> C:\ProgramData\TEMP:5A05820A
@Alternate Data Stream - 361 bytes -> C:\ProgramData\TEMP:8BC965A1
@Alternate Data Stream - 357 bytes -> C:\ProgramData\TEMP:1D32EC29
@Alternate Data Stream - 353 bytes -> C:\ProgramData\TEMP:DE3A8059
@Alternate Data Stream - 353 bytes -> C:\ProgramData\TEMP:83FDB6DC
@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:94B65E3C
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:BA660D25
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:EF20E652
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:07E55929
@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:C7F76735
@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:9F9D57FD
@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:2C16E576
@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:20D0F267
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:E1B0CF05
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:5690D76E
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:A2FC7F08
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:92298B59
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:683BD5A8
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:65AAB2AD
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:26B7B9EA
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:0B32B6C9
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:E779F65A
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:C0601E00
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:874EE5CB
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:7A30DA6A
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:E1031541
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:9959803A
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:1E3397DC
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:1DECED1B
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:1C93E55E
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:1960DAF2
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:9AB338B9
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:9A7901A9
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:9756362E
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:7CACEF61
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:4CD2D817
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:3D11302A
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:2D6D1D25
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:21637AEC
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:1B1330FD
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:1A60DE96
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:05816AFA
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:05650B69
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:0105A66F
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:EDE8EA85
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:E189EC1B
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:CD6978FC
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:ACFD5043
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:AC57032B
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:A5808D58
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:A118E9A3
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:9CD61266
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:9A842F5C
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:942BD321
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:61FB58C9
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:3EEE7620
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:3B9582E0
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:FEF919E6
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:E7F71472
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:E35A81F4
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:DB4758C6
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:BAE8784F
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:A967571A
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:9F36615A
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:8FF962C6
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:7FB8A209
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:7F66BF58
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:68C4BECC
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:3C75E5BE
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:2FF4577A
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:049C87B7
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:F62CAE78
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:EF4B1DA9
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:EDED3240
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:EC36F550
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:D8A7F3FF
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:D16E7091
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:C9F873D0
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:C5C5F2F2
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:B1B9AE56
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:B110897C
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:AE78B77A
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:99A72E3A
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:81C88EA7
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:7991541F
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:700B8E2E
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:5E0617AC
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:21745EE1
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:01D3D7F4
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:ECB488E5
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:E6E9EB6C
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:E10DCAF3
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:DB365884
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:D16A56DE
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:BA4AE5FC
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:ACDADE10
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:AB554F94
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:9BE4A88F
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:948CDB3D
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:6B9828AE
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:5E748D4C
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:5E4A7758
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:56530ABD
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:4EB84EC1
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:41326804
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:2E0A3B1D
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:26EE282C
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:24AB14E7
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:23A1F55B
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:20FFCF0B
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:1D9ED8F7
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:158CC5FF
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:0EC9720B
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:05113FB9
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:FC89CE5A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:EC4E61E4
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:CD9B334A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:BD8705CE
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:ABD3B354
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:A68B9D77
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:8FC027DE
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:88BFF41D
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:794BB94F
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:742F1EE5
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:4D3513A5
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:3BAD46F6
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:26C2E4B1
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:17FF6514
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:0AE8FC60
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:FDAF118C
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:FD20BDA6
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:F59916B9
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:DE22D45C
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:ABA71843
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:730BC923
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:5A27D490
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:53992C73
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:3612C9BE
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:2D1BE4C6
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:24DC7949
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:2085D07D
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:EBE4F6FC
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:E463CA56
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:E3AFC61E
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:E1069F99
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:CF2C26D2
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:CEED62ED
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:C3A4217C
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:BAD88AD2
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8D79965B
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8AD1F2E0
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:82C50600
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:77271429
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:6B5A665E
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:53F381F1
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:531637AD
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:442B1B91
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:3EA1C214
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:29DA7FEE
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:18295838
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0651F96C
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:06253D7D
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0207454C
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:FA8ADCCD
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:F19EC797
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:CBCE0A92
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:C226A7C2
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:B8B102B9
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:7C4DCB5B
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:765C6A14
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:593E515D
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:43ABA97D
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:375B96CE
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:34BCB6A9
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:226A6E31
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0C5A6770
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:F79DAA38
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E60D24D7
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:C8E9D804
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:C104B0EF
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:9B750A13
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:97AB2056
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:7E100A8C
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:6A16A184
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:60D0CFE2
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:48529647
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:45BC0AAA
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:3965C4E8
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:37CE0F2E
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:204BEE0F
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:16A2C6C0
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0E37A445
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:03033228
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:FF818E2B
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:FB914833
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:EF2D54F9
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:E90251A2
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:DD3F5AF4
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:D74C2847
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:C44E62F1
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:BB24555F
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:B9775780
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:ADE91125
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:AB5B8755
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:A94968B5
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:9CB2B6C5
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:8A026284
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:860D9052
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:81F83028
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:7E26B7DC
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:6EAE3ABC
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:6BD1DCDD
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:5D2DC0A6
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:35632DDA
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:232300C2
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:1D60AEC3
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:1CE3DF80
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:FE144218
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:E7700065
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:E31D4564
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:DCDE7C60
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:DCAF903C
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:CE0A077E
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:C70C12CF
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:ACCFB883
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A9C7B545
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A9B2AAD0
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:A362A045
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9B9441A5
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9AB9ECE0
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:8C443193
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:69FA7876
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:6051163F
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:5A13AEC2
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:4A48591F
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:195E9213
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:18AE7C5A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:100384F2
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:0D864221
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:003A85AC
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:F565FB91
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:DBA1A307
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:DB563BE7
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:B5D277AB
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9C504A4D
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9BCE9E9B
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9658F8A2
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:93CE17D1
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:91CF76E3
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:8E6845BC
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:8BBD1F9A
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:80A70180
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:7EE43C06
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:74456BF5
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:5304CF6F
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:4F8BECB9
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:46545F5C
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:2B059D79
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:268F887D
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:13B137AF
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:E0CDAF60
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:D93DCF15
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:D77C0A61
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:D417F0D5
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:792C1D5C
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:61AF91EC
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:3FF8D96E
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:3F22DA14
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:2A615C9C
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0E341035
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0256104B
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:E62BE020
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:E40BF3ED
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:E22211E1
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:CDFF58FE
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:C40E212B
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:B79388B4
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:B310C233
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:ADCBD4B1
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A13E0480
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:9C5E2795
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:93DE1838
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:9296EC11
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:8F76671E
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:6720DF40
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:49F896E9
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:3064D21D
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:1DFC024D
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:19AD1878
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:FE4E15B1
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:F68CB977
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:D478F292
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:C71DF9C6
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:C36E5828
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:956EC010
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:92D18A5E
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:898C038B
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:84744B34
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:798F4CE4
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:7079A696
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:687D1056
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:52FE3CCD
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:4C33F119
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:45A334DD
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:404C30E3
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:3AE22B1A
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:20B17557
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:18FCA3F2
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:17C6C557
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:131C0EE9
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:072B9E55
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:FAC5BCF5
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:F82CA780
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:F2F115B4
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:F1FE38D7
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:D8EA2847
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:D3930F74
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:940ECC98
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:858D9994
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:80234CE0
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:6A7B7A50
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:5D7E5A8F
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:550179F5
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:50A11A00
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:4EAD6852
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:4B112591
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:386E239F
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:38317199
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:30F1AD86
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:029E021F
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:02573978
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:023F0743
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:002640E3
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:FDD78BE5
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:E4EAA06A
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:DE38CB5F
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:D61069DE
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:CDA9D806
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:C8EAE2CC
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:C2E33402
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:B54102AD
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:7DFDF9DF
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:72E546C1
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:651AC260
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:3A29D202
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:39294FE1
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:1B154164
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:1AD5880D
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:174B11D8
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:15FA1ECB
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:C9B93CC4
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:B83BF1A6
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:91DFBB4A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:8F7ECF6A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:87F524B2
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:8599F087
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:7C0CBD4C
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:7B227418
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:76986D86
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:6CFD36EA
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:54997B77
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:4890C28A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:322EAACD
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:2E0BE9CA
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:2CBB1EC8
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:2504A086
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:225C4FFC
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0E640041
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:09DC8014
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:FACC16FC
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:FA45F5FF
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:F4BE8180
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:F42CF153
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:D0397AE3
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:C762A926
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:C4AAD3E4
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:97A03D0F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:902B6A44
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:8FBE0E9C
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:8DCF53BE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5E3FBF9D
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:541F9F51
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:47317C33
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:42275BC2
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:373C6DC2
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:2FAFBD6A
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:2A5BC0A9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:26140299
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:1FDDA142
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:1ECB0F6C
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:1DDD0008
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:128A6DC9
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:F131B2B8
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:E6B1AD87
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:E55CE2D1
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:D3FFFBA9
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:B837C568
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:9A6A9036
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:73CCE32D
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:6FCD73D7
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:63A71C6F
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:55781AF7
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:516FF8A1
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:3E424252
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:3D4CCD1E
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:22C80839
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:1AE68282
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:0B9176C0
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:EB3A09D6
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:EA43B001
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:DDE7FCF4
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:A5E0BCE9
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:949E3D1B
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:90E60569
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:8EEE3BBB
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:7D49B96B
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:700CD00E
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:64A7B9DE
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:51F17074
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:5199C971
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:017D5143
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:F65733F1
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:E8F2A400
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:BC521608
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:ABE89FFE
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:AA9519A6
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:A3F4C22C
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:98A71B94
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:95B8F7F6
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:74699137
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:595E476D
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:45E33ED2
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:39F44D9C
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:2A8CD561
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:2A0E0B9F
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:20B9E63F
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D20FFA63
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C5B70C5D
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:88555A1F
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:8750DCE4
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:70F0A2F4
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:6C22B38A
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:62197B73
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:4D7FCCD3
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:48070A48
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:4300D829
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:2F46E9A6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:2B99FE60
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:1AF93AF4
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:0A18093F
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:01453AF3
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:F86CC73E
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:F854B030
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:E8E51D31
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:D6C2C750
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:D5C1AF61
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:CCF42AF8
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:C0D722EB
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A9D9351A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A4AD016E
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:98104906
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8DD623B3
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8C885EDD
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:7D2C5D65
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:799B8AA7
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:793ABD2B
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:6C3B96F0
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:51C0853C
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:4C97EF04
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:444C53BA
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3E7C402E
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:087D1C56
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:01EDA307
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:E71141D2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:D091E13E
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:C6DBBC03
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:B8EA2C49
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:981884E7
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:8F925134
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:8D8F3340
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:74B502CB
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:5425B7F5
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:52A42F4C
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:4DBBB4EA
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:4B1807BE
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:369A9F46
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:30376ACC
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:2CFBE2D1
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0503B6B8
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:F6E5C7FB
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E89EDC52
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D30CE047
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:CCBF0D67
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:B358A070
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:8F5346F2
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:5D458568
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:51387F29
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:07A75CBF
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:F9CEBD79
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:EAB1AD1B
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:E9CB5ECC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:D43ACD11
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:C7D36B80
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:B42328DE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:92209557
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:90FE524C
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:895798AD
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:85B53F5F
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:7E68DD27
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:756C8543
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:741CA49D
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5743A858
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4DE8C719
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4BB26BE9
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:3867977D
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:2A8A3140
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:02C1CB6D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:FDA8D6AE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:F84F494D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:E7AD9690
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:E749BCD7
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:DF3D49ED
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:CBEB737E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C77DCC63
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A86C3734
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A0405560
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:9E64EBA6
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:8C84073F
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:857692EC
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:85526F54
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:77B90F12
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:726A7C8D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:6C81A062
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:5B111056
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:551E1CB4
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:54F7A151
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:53546330
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:2E964D2D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:1AAEFD5D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:1013B07C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DF5BAC78
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DE29D4A1
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DAFAF1BF
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:C8D1C36C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:BE9A1C90
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:A833FADB
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:A3857D86
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:981349EA
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:93F6D130
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:864A52B8
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:5EBA4934
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:4ABFB16D
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3FBB88CF
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3CA18B6B
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:38788EA7
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3095BD69
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:1BC99E01
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:1941675B
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:F01E7F17
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:ED66F190
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E6433F27
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E2C7E93F
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:D44D0CA3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:B3B92717
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:ABCD2B94
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9950163C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:4E158DDD
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:478FEFC3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:409F27A9
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:33C7F7F2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:0A9883D3
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:D5458F6B
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:4EDDC66F
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:D6BE1CEA
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5F538558
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5EC637CB
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:DFA00BA4
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:74BB299D
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:2D723B3A
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:F791B5EF
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:D68C96C3
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8C4F2D2B
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8C458D50
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:81365633
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:56AB0B90
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:45E74272
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:147DA06A
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:F7124EAF
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:A78FEBF9
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:93C494CA
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:40DEEFF7
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:FC420CE6
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:793F316E
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:D226F1A4
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:2411B07C
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:CFE0B346

< End of report >
         
Ich hab das problem mit dem Runterladen aber immer noch, wenn ich z.B. OTL runterladen möchte, dann geht das Downloadfenster auf, da wird mir der Pfad und der Status angezeigt und zum Schluss (die letzten 5% des Downloads) kommt dann eine Sicherheitsüberprüfung die mir jedes Mal erklärt das Programm konnte nicht runtergeladen werden weil ein Virus darin gefunden wurde. Ich kriege dort aber auch nicht mehr Infos über diese Sicherheitsüberprüfung. Dann hatte ich vorhin die Internet Explorer Einstellungen zurückgesetzt, dann hab ich home.sweetim.com wieder als startseite?!

Geändert von Rapunzel (03.01.2013 um 18:54 Uhr)

Antwort

Themen zu Home.sweetim.com und Norton Antivirus
abgelaufen, antivirus, arbeit, avast, behauptet, datei, dienstag, emailadresse, fahren, gelöscht, google, handle, liebe, lieben, norton, sache, sachen, seite, sitze, speicher, speichern, stimmen, virus, würde, yahoo



Ähnliche Themen: Home.sweetim.com und Norton Antivirus


  1. Win 7 Home x64; Internetverbindung, Norton Internet Security und andere Programme funktionieren nicht mehr
    Log-Analyse und Auswertung - 14.08.2015 (13)
  2. Win7 Home Premium: kein Internet + Norton 360 tot
    Plagegeister aller Art und deren Bekämpfung - 11.08.2015 (21)
  3. search.sweetim.com (SweetIm) entfernen
    Anleitungen, FAQs & Links - 21.07.2014 (2)
  4. Norton Antivirus & Sicherheit
    Smartphone, Tablet & Handy Security - 10.10.2013 (0)
  5. Norton Antivirus - Zbot
    Plagegeister aller Art und deren Bekämpfung - 10.07.2009 (1)
  6. Norton AntiVirus Trojaner-Meldung
    Plagegeister aller Art und deren Bekämpfung - 15.05.2009 (1)
  7. Antivirus 2009 auf XP Home
    Plagegeister aller Art und deren Bekämpfung - 31.08.2008 (9)
  8. Norton Antivirus Problem!
    Log-Analyse und Auswertung - 12.10.2006 (12)
  9. Löschung mit norton antivirus fehlgeschlagen
    Plagegeister aller Art und deren Bekämpfung - 07.09.2005 (3)
  10. Norton AntiVirus Liveupdate
    Antiviren-, Firewall- und andere Schutzprogramme - 03.07.2005 (6)
  11. Norton antivirus funktionslos
    Antiviren-, Firewall- und andere Schutzprogramme - 17.02.2005 (9)
  12. Norton Antivirus 2005
    Mülltonne - 20.12.2004 (1)
  13. Norton Antivirus und EScan parallel
    Antiviren-, Firewall- und andere Schutzprogramme - 21.10.2004 (4)
  14. problem mit norton antivirus 04
    Plagegeister aller Art und deren Bekämpfung - 08.10.2004 (1)
  15. Norton Antivirus 2004
    Antiviren-, Firewall- und andere Schutzprogramme - 09.09.2003 (25)
  16. Norton Antivirus
    Plagegeister aller Art und deren Bekämpfung - 11.02.2003 (13)

Zum Thema Home.sweetim.com und Norton Antivirus - Hallo Ihr Lieben, ich sitze im Moment an dem PC meiner Eltern und hier stimmen mal wieder ein paar Sachen nicht. Erstens kommt bei Google Chrome immer die Seite Home.sweetim.com, - Home.sweetim.com und Norton Antivirus...
Archiv
Du betrachtest: Home.sweetim.com und Norton Antivirus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.