Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: serach nu, bitte um hilfe

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.05.2013, 16:27   #1
Kungen686
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



hallo,

ich bitte euch um hilfe.
habe seit ca 4 tagen ein Problem mit meinem PC, ( Browser und Game.)

Beim Browser kommen immer als Startseite ungewöhnliche Suchmaschienen, wie zb "search nu",etc und das bei allen 3 (Chrome, Firefox und Explorer.)

Bei meinem Game "WOW" stürzt das Game nach 1min in Game komplett ab, es kommen Fehlermeldungen und ich bekomm täglich von Blizzard eine mail, dass anderswo versucht wurde sich in meinem acc. einzuloggen und ich wieder mein PW ändern sollte.

kann mir wer bitte ein gutes virenprogramm empfehlen dass kostenlos ist, und kann ich den Virus loswerden ohne meinen PC neu aufzusetzen ? " hab keine Windows 7 cd mehr)

danke

Alt 23.05.2013, 16:29   #2
markusg
/// Malware-holic
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



Hi,

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 23.05.2013, 16:34   #3
Kungen686
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



hmm seite geht nicht, da kommt das:

Not Found

The requested URL /OTL.exe<br /> <br /> was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

--------------------------------------------------------------------------------

Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at oldtimer.geekstogo.com Port 80

hmm da kommt folgendes:

Not Found

The requested URL /OTL.exe<br /> <br /> was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

--------------------------------------------------------------------------------

Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at oldtimer.geekstogo.com Port 80
__________________

Alt 23.05.2013, 16:47   #4
markusg
/// Malware-holic
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



einmal reicht auch, da ist außerdem ein zweiter Link.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.05.2013, 17:48   #5
Kungen686
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



Zitat:
Zitat von markusg Beitrag anzeigen
einmal reicht auch, da ist außerdem ein zweiter Link.
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.05.2013 18:33:25 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = L:\
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,87 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 37,09% Memory free
5,75 Gb Paging File | 3,57 Gb Available in Paging File | 62,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = H: | %SystemRoot% = H:\Windows | %ProgramFiles% = H:\Program Files
Drive H: | 78,13 Gb Total Space | 6,76 Gb Free Space | 8,66% Space Free | Partition Type: NTFS
Drive I: | 97,65 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: NTFS
Drive J: | 94,66 Gb Total Space | 94,37 Gb Free Space | 99,70% Space Free | Partition Type: NTFS
Drive K: | 97,65 Gb Total Space | 76,40 Gb Free Space | 78,23% Space Free | Partition Type: NTFS
Drive L: | 97,65 Gb Total Space | 17,19 Gb Free Space | 17,61% Space Free | Partition Type: NTFS
 
Computer Name: HORST-PC | User Name: Horst | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - L:\OTL (1).exe (OldTimer Tools)
PRC - H:\Users\Horst\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
PRC - H:\Program Files\Yontoo Layers Runtime\Y2Desktop.Updater.exe (Microsoft)
PRC - H:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe (Adobe Systems Incorporated)
PRC - H:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - H:\Program Files\Search Results Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.)
PRC - H:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.)
PRC - H:\Windows\System32\MsSpellCheckingFacility.exe (Microsoft Corporation)
PRC - H:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - H:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
PRC - H:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - H:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
PRC - H:\Program Files\BlueStacks\HD-SharedFolder.exe (BlueStack Systems)
PRC - H:\Program Files\BlueStacks\HD-BlockDevice.exe (BlueStack Systems)
PRC - H:\Program Files\BlueStacks\HD-Network.exe (BlueStack Systems)
PRC - H:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
PRC - H:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - H:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - H:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - H:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - H:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - H:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - H:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - H:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
PRC - H:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
PRC - H:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe (Razer USA Ltd)
PRC - H:\Program Files\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)
PRC - H:\Windows\explorer.exe (Microsoft Corporation)
PRC - H:\ProgramData\DatacardService\HWDeviceService.exe ()
PRC - H:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - H:\Windows\System32\atieclxx.exe (AMD)
PRC - H:\Windows\System32\atiesrxx.exe (AMD)
PRC - H:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Modules (No Company Name) ==========
 
MOD - H:\Users\Horst\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\814a45188ec5fe4b0ab709168cf4f81b\HD-Agent.ni.exe ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll ()
MOD - H:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\c94d8eba16a1c51a1cf7d7ac7f330843\JSON.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8bb2120d5a48b10e27fe82ad5d3fb982\System.Web.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - H:\ProgramData\Wincert\win32prop.dll ()
MOD - H:\ProgramData\Wincert\win32cert.dll ()
MOD - H:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
MOD - h:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - H:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - H:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - H:\Windows\System32\APOMngr.DLL ()
MOD - H:\Windows\System32\CmdRtr.DLL ()
 
 
========== Services (SafeList) ==========
 
SRV - (ZuneWlanCfgSvc) -- H:\Program Files\Zune\ZuneWlanCfgSvc.exe File not found
SRV - (ZuneNetworkSvc) -- H:\Program Files\Zune\ZuneNss.exe File not found
SRV - (Yontoo Desktop Updater) -- H:\Program Files\Yontoo Layers Runtime\Y2Desktop.Updater.exe H:\Users\Horst\AppData\Roaming\Yontoo\YontooDesktop.exe File not found
SRV - (WMZuneComm) -- H:\Program Files\Zune\WMZuneComm.exe File not found
SRV - (wlcrasvc) -- H:\Program Files\Windows Live\Mesh\wlcrasvc.exe File not found
SRV - (gusvc) -- H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe File not found
SRV - (gupdatem) -- H:\Program Files\Google\Update\GoogleUpdate.exe /medsvc File not found
SRV - (gupdate) -- H:\Program Files\Google\Update\GoogleUpdate.exe /svc File not found
SRV - (fsssvc) -- H:\Program Files\Windows Live\Family Safety\fsssvc.exe File not found
SRV - (Creative Audio Engine Licensing Service) -- H:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- H:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- H:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (DatamngrCoordinator) -- H:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.)
SRV - (Steam Client Service) -- H:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (BstHdLogRotatorSvc) -- H:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- H:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (BrowserProtect) -- H:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
SRV - (nvUpdatusService) -- H:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- H:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (McComponentHostService) -- H:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- H:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance) -- H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (WatAdminSvc) -- H:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (HWDeviceService.exe) -- H:\ProgramData\DatacardService\HWDeviceService.exe ()
SRV - (AMD External Events Utility) -- H:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SensrSvc) -- H:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- H:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CTAudSvcService) -- H:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found
DRV - (hwusbdev) -- system32\DRIVERS\ewusbdev.sys File not found
DRV - (ewusbnet) -- system32\DRIVERS\ewusbnet.sys File not found
DRV - (hwdatacard) -- H:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_wwanecm) -- H:\Windows\System32\drivers\ew_juwwanecm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- H:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_cdcacm) -- H:\Windows\System32\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_enumerator) -- H:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_ext_ctrl) -- H:\Windows\System32\drivers\ew_juextctrl.sys (Huawei Technologies Co., Ltd.)
DRV - (tcpipBM) -- H:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (BMLoad) -- H:\Windows\System32\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV - (ew_usbenumfilter) -- H:\Windows\System32\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)
DRV - (BstHdDrv) -- H:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems)
DRV - (nvlddmkm) -- H:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (FTSER2K) -- H:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- H:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (EuMusDesignVirtualAudioCableWdm) -- H:\Windows\System32\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
DRV - (RzSynapse) -- H:\Windows\System32\drivers\RzSynapse.sys (Razer USA Ltd)
DRV - (TsUsbFlt) -- H:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (winusb) -- H:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- H:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (P17) -- H:\Windows\System32\drivers\P17.sys (Creative Technology Ltd.)
DRV - (atikmdag) -- H:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (Atc002) -- H:\Windows\System32\drivers\l260x86.sys (Atheros Communications, Inc.)
DRV - (MTsensor) -- H:\Windows\System32\drivers\ASACPI.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - SOFTWARE\Classes\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=559&systemid=406&apn_uid=5476213633344063&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={17FB94E8-CC2A-4A08-A089-1D5E0C4B1E2A}
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120120083518926&tb_oid=20-01-2012&tb_mrud=20-01-2012
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?affID=119781&tt=gc_&babsrc=HP_ss&mntrId=E4E6001D60DB6421
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = L:\
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchnu.com/406?appid=559
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 18 D4 D4 09 29 A1 CC 01  [binary data]
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - SOFTWARE\Classes\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{04C780E6-C682-4F97-B151-6932DBDE79AC}: "URL" = hxxp://search.softonic.com/MOY00006/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=00000000000000000000001d60db6421&r=397
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119781&tt=gc_&babsrc=SP_ss&mntrId=E4E6001D60DB6421
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{4CC30D01-69C8-4993-8BE2-EEDD8904D876}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deAT445
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://www.bigseekpro.com/search/browser/hypercam/{8008C83A-FEF9-43BE-85A8-6FFE0A4425DB}?q={searchTerms}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=559&systemid=406&apn_uid=5476213633344063&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={17FB94E8-CC2A-4A08-A089-1D5E0C4B1E2A}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120120083518926&tb_oid=20-01-2012&tb_mrud=20-01-2012
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = L:\
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/hypercam/{8008C83A-FEF9-43BE-85A8-6FFE0A4425DB}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 BB 9D 23 8C 5F CC 01  [binary data]
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - SOFTWARE\Classes\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100489&mntrId=00000000000000000000582c80139263
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{4CC30D01-69C8-4993-8BE2-EEDD8904D876}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_de
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://www.bigseekpro.com/search/browser/hypercam/{8008C83A-FEF9-43BE-85A8-6FFE0A4425DB}?q={searchTerms}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{C65F971D-0D1A-4667-BDA9-6AE58C9C805F}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={17FB94E8-CC2A-4A08-A089-1D5E0C4B1E2A}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120120083518926&tb_oid=20-01-2012&tb_mrud=20-01-2012
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406?appid=559"
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.9.0.0
FF - prefs.js..extensions.enabledAddons: {C4A4F5A0-4B89-4392-AFAC-D58010E349AF}:5.0.0.7254
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=559&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5476213633344063&o=APN10645&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://search.bearshare.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: H:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: H:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: H:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: H:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: H:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: H:\Users\Horst\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Users\Horst\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Users\Horst\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2012.06.30 21:50:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2012.06.30 21:50:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins
 
[2012.05.09 18:39:48 | 000,000,000 | ---D | M] (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Extensions
[2013.05.23 17:53:47 | 000,000,000 | ---D | M] (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions
[2013.05.22 20:10:57 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}
[2013.05.22 20:10:52 | 000,000,000 | ---D | M] (New Tab) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}
[2013.05.22 20:05:32 | 000,000,000 | ---D | M] (Delta Toolbar) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\ffxtlbr@delta.com
[2013.05.22 20:04:56 | 000,000,000 | ---D | M] (Yontoo) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\plugin@yontoo.com
[2012.07.31 13:59:18 | 000,221,380 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\gophoto@gophoto.it.xpi
[2013.04.17 15:50:46 | 000,201,930 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\hdvc@hdvc.com.xpi
[2013.04.08 19:11:52 | 000,199,379 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\m2k@m2kdownloader.com.xpi
[2013.04.24 15:55:52 | 000,190,000 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2013.05.22 20:05:19 | 000,006,505 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\babylon.xml
[2013.05.22 20:05:34 | 000,001,294 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\delta.xml
[2013.05.22 20:10:52 | 000,002,646 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\Search_Results.xml
[2013.05.17 20:40:31 | 000,001,434 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\softonic.xml
[2012.07.01 13:47:14 | 000,004,117 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\sweetim.xml
[2012.05.09 18:39:30 | 000,000,000 | ---D | M] (No name found) -- H:\Program Files\Mozilla Firefox\extensions
[2012.06.30 21:50:26 | 000,085,472 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.30 21:50:24 | 000,001,392 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.01 12:46:51 | 000,002,352 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.06.30 21:50:24 | 000,002,252 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.30 21:50:24 | 000,001,153 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.30 21:50:24 | 000,006,805 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.05.22 20:10:52 | 000,002,646 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012.06.30 21:50:24 | 000,001,178 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.30 21:50:24 | 000,001,105 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Search Results ()
CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=559&systemid=406&apn_uid=5476213633344063&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.searchnu.com/406?appid=559
CHR - Extension: Softonic Chrome Toolbar = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\
CHR - Extension: Delta Toolbar = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: iLivid New Tabs = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\jbajpeofkjjeiamcglnmldoboonfkiol\5.0.0.7254_0\
CHR - Extension: HDvid Codec = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\kpkbnefaikfaeadgidhpoanckoiaheli\2.0_0\
CHR - Extension: M2k Downloader = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\lbbbdmbjkgojacipgefbifkiebpcdjhn\1.0_0\
CHR - Extension: Yontoo = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\
CHR - Extension: GoPhoto.it = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.4_0\
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - H:\Windows\System32\drivers\etc\hosts
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - H:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - H:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - H:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - H:\Program Files\Winload\prxtbWin0.dll File not found
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - H:\Program Files\BittorrentBar_DE\prxtbBitt.dll File not found
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - H:\Program Files\Windows Live\Companion\companioncore.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll File not found
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - H:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
O2 - BHO: (Wincore Mediabar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - H:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - H:\Program Files\Softonic\Softonic\1.8.19.3\bh\Softonic.dll (Softonic.com)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - H:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - H:\Program Files\Hyperionics DB Toolbar\tbcore3.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - H:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKLM\..\Toolbar: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - H:\Program Files\Hyperionics DB Toolbar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - H:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - H:\Program Files\Winload\prxtbWin0.dll File not found
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - H:\Program Files\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - H:\Program Files\BittorrentBar_DE\prxtbBitt.dll File not found
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - H:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - H:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll File not found
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - H:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - H:\Program Files\Winload\prxtbWin0.dll File not found
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - H:\Program Files\Winload\prxtbWin0.dll File not found
O4 - HKLM..\Run: [APSDaemon] H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BlueStacks Agent] H:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [DATAMNGR] H:\Program Files\Search Results Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.)
O4 - HKLM..\Run: [P17RunE] H:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [QuickTime Plugin Install] H:\Program Files\QuickTime\Plugins\DeleteMe1.exe ()
O4 - HKLM..\Run: [Razer Anansi Driver] H:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [Razer Naga Driver] H:\Program Files\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [SweetIM] H:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] H:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Zune Launcher] H:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [EADM] "H:\Program Files\Origin\Origin.exe" -AutoStart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Facebook Update] "H:\Users\Horst\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [RegistryBooster] "H:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000  File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Spotify] "H:\Users\Horst\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Steam] H:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Yontoo Desktop] H:\Users\Horst\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [EADM] "H:\Program Files\Origin\Origin.exe" -AutoStart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [Facebook Update] "H:\Users\Horst\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [RegistryBooster] "H:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000  File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [Spotify] "H:\Users\Horst\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [CTAutoUpdate] "H:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe" /RunFromInstaller File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [FlashPlayerUpdate] H:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe -update plugin File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [InetReg] "H:\Program Files\Creative\Produktregistrierung\German\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6 File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Google Sidewiki... - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Web-Suche - H:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra Button: @H:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - H:\Program Files\Windows Live\Companion\companioncore.dll File not found
O9 - Extra Button: @H:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll File not found
O9 - Extra 'Tools' menuitem : @H:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C0279CB-C7EC-4E56-812A-16CD781ABAB8}: NameServer = 213.162.69.170 213.162.69.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D966CB7E-CEDB-4CB0-AF5E-E011ABA4BB8F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - H:\Program Files\Windows Live\Mail\mailcomm.dll File not found
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - H:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll File not found
O20 - AppInit_DLLs: (H:\PROGRA~3\Wincert\WIN32C~1.DLL) - H:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (H:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll ()
O20 - AppInit_DLLs: (h:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - h:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - H:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\Windows\system32\userinit.exe) - H:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - H:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - H:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012.03.26 21:26:05 | 000,000,000 | ---D | M] - J:\Automatisch zu iTunes hinzufügen -- [ NTFS ]
O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell\AutoRun\command - "" = M:\Autorun.exe
O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell - "" = AutoRun
O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell\AutoRun\command - "" = O:\AutoRun.exe
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x86 - (H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - H:\Windows\system32\cmd.exe /D /C start H:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - H:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - H:\Windows\system32\Rundll32.exe H:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - H:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.23 17:54:03 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013.05.23 17:54:03 | 000,000,000 | ---D | C] -- H:\Program Files\ffdshow
[2013.05.23 17:53:47 | 000,000,000 | ---D | C] -- H:\Program Files\Gophoto.it
[2013.05.23 17:53:34 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com
[2013.05.23 17:53:34 | 000,000,000 | ---D | C] -- H:\Program Files\hdvidcodec.com
[2013.05.22 20:11:06 | 000,000,000 | ---D | C] -- H:\ProgramData\Wincert
[2013.05.22 20:10:49 | 000,000,000 | ---D | C] -- H:\Program Files\Search Results Toolbar
[2013.05.22 20:10:49 | 000,000,000 | ---D | C] -- H:\ProgramData\Datamngr
[2013.05.22 20:09:51 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\iLivid
[2013.05.22 20:05:50 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013.05.22 20:05:46 | 000,000,000 | ---D | C] -- H:\ProgramData\BrowserProtect
[2013.05.22 20:05:38 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\BabSolution
[2013.05.22 20:05:32 | 000,000,000 | ---D | C] -- H:\Program Files\Delta
[2013.05.22 20:05:31 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Delta
[2013.05.22 20:04:55 | 000,000,000 | ---D | C] -- H:\Program Files\Yontoo Layers Runtime
[2013.05.22 20:04:55 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Yontoo
[2013.05.22 20:04:13 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\PutLockerDownloader
[2013.05.22 20:04:05 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
[2013.05.22 20:04:05 | 000,000,000 | ---D | C] -- H:\Program Files\Movie2KDownloader.com
[2013.05.21 15:36:33 | 000,000,000 | ---D | C] -- H:\Users\Horst\Desktop\addons
[2013.05.21 14:58:46 | 000,000,000 | ---D | C] -- H:\Users\Horst\Desktop\gramsch2
[2013.05.19 16:28:55 | 013,011,504 | ---- | C] (Blizzard Entertainment) -- H:\Users\Horst\Desktop\Wow.exe
[2013.05.18 12:35:26 | 000,074,072 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_5.dll
[2013.05.18 12:35:25 | 002,106,216 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_43.dll
[2013.05.18 12:35:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_43.dll
[2013.05.18 12:35:25 | 001,868,128 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dcsx_43.dll
[2013.05.18 12:35:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_6.dll
[2013.05.18 12:35:25 | 000,527,192 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_7.dll
[2013.05.18 12:35:25 | 000,470,880 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_43.dll
[2013.05.18 12:35:25 | 000,248,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx11_43.dll
[2013.05.18 12:35:25 | 000,239,960 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_7.dll
[2013.05.18 12:35:25 | 000,238,936 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_6.dll
[2013.05.18 12:35:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_4.dll
[2013.05.18 12:35:25 | 000,022,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_7.dll
[2013.05.18 12:35:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_5.dll
[2013.05.18 12:35:21 | 004,178,264 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_41.dll
[2013.05.18 12:35:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_4.dll
[2013.05.18 12:35:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_40.dll
[2013.05.18 12:35:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_40.dll
[2013.05.18 12:35:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_40.dll
[2013.05.18 12:35:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_4.dll
[2013.05.18 12:35:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_6.dll
[2013.05.18 12:35:19 | 001,493,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_39.dll
[2013.05.18 12:35:19 | 000,514,384 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_3.dll
[2013.05.18 12:35:19 | 000,509,448 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_2.dll
[2013.05.18 12:35:19 | 000,467,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_39.dll
[2013.05.18 12:35:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_2.dll
[2013.05.18 12:35:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_3.dll
[2013.05.18 12:35:19 | 000,070,992 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_2.dll
[2013.05.18 12:35:19 | 000,068,616 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_1.dll
[2013.05.18 12:35:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_5.dll
[2013.05.18 12:35:18 | 003,851,784 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_39.dll
[2013.05.18 12:35:18 | 000,507,400 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_1.dll
[2013.05.18 12:35:18 | 000,065,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_0.dll
[2013.05.18 12:35:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_38.dll
[2013.05.18 12:35:17 | 001,491,992 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_38.dll
[2013.05.18 12:35:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_0.dll
[2013.05.18 12:35:17 | 000,467,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_38.dll
[2013.05.18 12:35:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_1.dll
[2013.05.18 12:35:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_0.dll
[2013.05.18 12:35:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_4.dll
[2013.05.18 12:35:16 | 003,786,760 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_37.dll
[2013.05.18 12:35:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_37.dll
[2013.05.18 12:35:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_37.dll
[2013.05.18 12:35:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_36.dll
[2013.05.18 12:35:16 | 000,267,272 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_10.dll
[2013.05.18 12:35:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_3.dll
[2013.05.18 12:35:15 | 003,734,536 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_36.dll
[2013.05.18 12:35:15 | 003,727,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_35.dll
[2013.05.18 12:35:15 | 001,374,232 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_36.dll
[2013.05.18 12:35:15 | 001,358,192 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_35.dll
[2013.05.18 12:35:15 | 000,444,776 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_35.dll
[2013.05.18 12:35:15 | 000,267,112 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_9.dll
[2013.05.18 12:35:14 | 003,497,832 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_34.dll
[2013.05.18 12:35:14 | 001,124,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_34.dll
[2013.05.18 12:35:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_33.dll
[2013.05.18 12:35:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_34.dll
[2013.05.18 12:35:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_33.dll
[2013.05.18 12:35:14 | 000,266,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_8.dll
[2013.05.18 12:35:14 | 000,261,480 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_7.dll
[2013.05.18 12:35:14 | 000,017,928 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_2.dll
[2013.05.18 12:35:13 | 003,495,784 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_33.dll
[2013.05.18 12:35:13 | 000,440,080 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10.dll
[2013.05.18 12:35:13 | 000,255,848 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_6.dll
[2013.05.18 12:35:13 | 000,251,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_5.dll
[2013.05.18 12:35:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_4.dll
[2013.05.18 12:35:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\x3daudio1_1.dll
[2013.05.18 12:35:11 | 000,236,824 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_3.dll
[2013.05.18 12:35:11 | 000,230,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_2.dll
[2013.05.18 12:35:11 | 000,229,584 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_1.dll
[2013.05.18 12:35:11 | 000,062,744 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xinput1_2.dll
[2013.05.18 12:35:11 | 000,062,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xinput1_1.dll
[2013.05.18 12:35:06 | 002,388,176 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_30.dll
[2013.05.18 12:35:06 | 002,332,368 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_29.dll
[2013.05.18 12:35:06 | 002,323,664 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_28.dll
[2013.05.18 12:35:06 | 002,319,568 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_27.dll
[2013.05.18 12:35:06 | 000,230,096 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_0.dll
[2013.05.18 12:35:06 | 000,014,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\x3daudio1_0.dll
[2013.05.18 12:35:05 | 002,337,488 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_25.dll
[2013.05.18 12:35:05 | 002,297,552 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_26.dll
[2013.05.18 12:35:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_24.dll
[2013.05.18 03:08:02 | 002,706,432 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\mshtml.tlb
[2013.05.18 03:08:01 | 002,877,440 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\jscript9.dll
[2013.05.18 03:08:00 | 000,391,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieui.dll
[2013.05.18 03:08:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iesetup.dll
[2013.05.18 03:08:00 | 000,039,424 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\jsproxy.dll
[2013.05.18 03:07:59 | 000,493,056 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msfeeds.dll
[2013.05.18 03:07:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iesysprep.dll
[2013.05.18 03:07:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\RegisterIEPKEYs.exe
[2013.05.18 03:07:59 | 000,042,496 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ie4uinit.exe
[2013.05.18 03:07:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iernonce.dll
[2013.05.17 20:42:34 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Curse Advertising
[2013.05.17 20:42:07 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2013.05.17 20:40:02 | 000,000,000 | ---D | C] -- H:\Program Files\Softonic
[2013.05.17 20:39:24 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Softonic
[2013.05.17 20:39:07 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\PerformerSoft
[2013.05.17 20:39:07 | 000,000,000 | ---D | C] -- H:\ProgramData\IBUpdaterService
[2013.05.17 20:39:05 | 000,018,096 | ---- | C] (PerformerSoft LLC) -- H:\Windows\System32\roboot.exe
[2013.05.17 20:39:03 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
[2013.05.17 20:39:02 | 000,000,000 | ---D | C] -- H:\Program Files\PC Performer
[2013.05.17 20:29:58 | 000,000,000 | ---D | C] -- H:\Users\Horst\Documents\My Curse
[2013.05.17 20:20:54 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013.05.17 20:20:19 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\Deployment
[2013.05.17 19:23:37 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\ElevatedDiagnostics
[2013.05.17 19:10:25 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2013.05.17 16:12:31 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013.05.17 15:46:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wwanprotdim.dll
[2013.05.17 15:46:32 | 002,347,520 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\win32k.sys
[2013.05.17 15:46:22 | 000,218,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\dxgmms1.sys
[2013.05.17 15:46:15 | 001,796,096 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\authui.dll
[2013.05.17 15:46:15 | 000,101,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\consent.exe
[2013.05.17 15:43:45 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\PopCap Games
[2013.05.17 15:43:30 | 000,000,000 | ---D | C] -- H:\Program Files\Common Files\Steam
[2013.05.17 15:43:28 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.05.17 15:43:26 | 000,000,000 | ---D | C] -- H:\Program Files\Steam
[2013.05.05 12:20:00 | 000,000,000 | ---D | C] -- H:\Program Files\AGEIA Technologies
[2013.05.05 12:19:33 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
[2013.05.05 12:19:29 | 000,000,000 | ---D | C] -- H:\ProgramData\PopCap Games
[2013.05.05 12:19:29 | 000,000,000 | ---D | C] -- H:\Program Files\PopCap Games
[2013.05.05 12:16:59 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvoglv32.dll
[2013.05.05 12:16:59 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcompiler.dll
[2013.05.05 12:16:59 | 008,952,608 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\drivers\nvlddmkm.sys
[2013.05.05 12:16:59 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcuda.dll
[2013.05.05 12:16:59 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvopencl.dll
[2013.05.05 12:16:59 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcuvid.dll
[2013.05.05 12:16:59 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcuvenc.dll
[2013.05.05 12:16:59 | 001,012,512 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvdispco3231422.dll
[2013.05.05 12:16:59 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvdispgenco3231422.dll
[2013.05.05 12:16:14 | 000,000,000 | ---D | C] -- H:\NVIDIA
[2013.05.05 11:43:13 | 003,913,560 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ntoskrnl.exe
[2013.05.05 11:43:12 | 003,968,856 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ntkrnlpa.exe
[2013.05.05 11:43:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\csrsrv.dll
[2013.05.05 11:42:59 | 000,131,584 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\aaclient.dll
[2013.05.05 11:42:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\tsgqec.dll
[2013.05.05 11:38:19 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2013.05.05 11:38:19 | 000,000,000 | ---D | C] -- H:\Program Files\BlueStacks
[2013.05.05 11:38:12 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\NVIDIA
[2013.05.05 11:37:58 | 000,000,000 | ---D | C] -- H:\ProgramData\BlueStacksSetup
[2013.05.05 11:37:58 | 000,000,000 | ---D | C] -- H:\ProgramData\BlueStacks
[2013.05.05 11:28:28 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.04.24 21:54:00 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- H:\Windows\System32\atmfd.dll
[2013.04.24 21:54:00 | 000,034,304 | ---- | C] (Adobe Systems) -- H:\Windows\System32\atmlib.dll
[2013.04.24 21:35:33 | 000,047,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\WdfLdr.sys
[2013.04.24 21:35:33 | 000,009,728 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Wdfres.dll
[2013.04.24 21:35:01 | 000,613,888 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WUDFx.dll
[2013.04.24 21:35:01 | 000,172,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WUDFPlatform.dll
[2013.04.24 21:35:01 | 000,038,912 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WUDFCoinstaller.dll
[2013.04.24 21:27:33 | 001,441,280 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\inetcpl.cpl
[2013.04.24 21:27:33 | 001,400,416 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dat
[2013.04.24 21:27:33 | 000,745,472 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\MsSpellCheckingFacility.exe
[2013.04.24 21:27:33 | 000,719,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\mshtmlmedia.dll
[2013.04.24 21:27:33 | 000,629,248 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dll
[2013.04.24 21:27:33 | 000,361,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\html.iec
[2013.04.24 21:27:33 | 000,357,888 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dxtmsft.dll
[2013.04.24 21:27:33 | 000,242,200 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iedkcs32.dll
[2013.04.24 21:27:33 | 000,232,960 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\url.dll
[2013.04.24 21:27:33 | 000,226,816 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dxtrans.dll
[2013.04.24 21:27:33 | 000,185,344 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\elshyph.dll
[2013.04.24 21:27:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msrating.dll
[2013.04.24 21:27:33 | 000,158,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msls31.dll
[2013.04.24 21:27:33 | 000,150,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iexpress.exe
[2013.04.24 21:27:33 | 000,138,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wextract.exe
[2013.04.24 21:27:33 | 000,137,216 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieUnatt.exe
[2013.04.24 21:27:33 | 000,117,248 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iepeers.dll
[2013.04.24 21:27:33 | 000,110,592 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\IEAdvpack.dll
[2013.04.24 21:27:33 | 000,082,432 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\inseng.dll
[2013.04.24 21:27:33 | 000,073,728 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\SetIEInstalledDate.exe
[2013.04.24 21:27:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\pngfilt.dll
[2013.04.24 21:27:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\mshtmler.dll
[2013.04.24 21:27:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msfeedsbs.dll
[2013.04.24 21:27:33 | 000,038,400 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\imgutil.dll
[2013.04.24 21:27:33 | 000,023,040 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\licmgr10.dll
[2013.04.24 21:27:33 | 000,011,776 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msfeedssync.exe
[2013.04.24 21:27:09 | 000,049,152 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\taskhost.exe
[2013.04.24 21:26:23 | 002,284,544 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msmpeg2vdec.dll
[2013.04.24 21:26:23 | 001,504,768 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d11.dll
[2013.04.24 21:26:23 | 001,247,744 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\DWrite.dll
[2013.04.24 21:26:23 | 001,158,144 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XpsPrint.dll
[2013.04.24 21:26:23 | 001,080,832 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10.dll
[2013.04.24 21:26:23 | 000,417,792 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WMPhoto.dll
[2013.04.24 21:26:23 | 000,364,544 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XpsGdiConverter.dll
[2013.04.24 21:26:23 | 000,220,160 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10core.dll
[2013.04.24 21:26:23 | 000,207,872 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WindowsCodecsExt.dll
[2013.04.24 21:26:23 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.24 21:26:22 | 003,419,136 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d2d1.dll
[2013.04.24 21:26:22 | 001,988,096 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10warp.dll
[2013.04.24 21:26:22 | 000,604,160 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10level9.dll
[2013.04.24 21:26:22 | 000,293,376 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dxgi.dll
[2013.04.24 21:26:22 | 000,249,856 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1core.dll
[2013.04.24 21:26:22 | 000,187,392 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\UIAnimation.dll
[2013.04.24 21:26:22 | 000,161,792 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1.dll
[2013.04.24 16:03:42 | 000,033,280 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\RNDISMP.sys
[2013.04.24 16:03:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\usb8023.sys
[2013.04.24 16:02:53 | 000,376,832 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dpnet.dll
[2013.04.24 16:02:09 | 000,245,760 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\OxpsConverter.exe
[2013.04.24 16:01:55 | 000,187,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\FWPKCLNT.SYS
[2013.04.24 16:01:50 | 000,240,496 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\netio.sys
[2013.04.24 16:01:50 | 000,175,104 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\netcorehc.dll
[2013.04.24 16:01:50 | 000,156,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ncsi.dll
[2013.04.24 16:01:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\netevent.dll
[2013.04.24 16:01:36 | 000,271,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\conhost.exe
[2013.04.24 16:01:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.04.24 16:01:35 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.04.24 16:01:35 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.04.24 16:01:22 | 000,400,896 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\srcore.dll
[2013.04.24 16:01:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\browcli.dll
[2013.04.24 16:00:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\gameux.dll
[2013.04.24 16:00:52 | 000,308,736 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Wpc.dll
[2013.04.24 16:00:52 | 000,046,592 | ---- | C] (Microsoft) -- H:\Windows\System32\fpb.rs
[2013.04.24 16:00:52 | 000,045,568 | ---- | C] (Microsoft) -- H:\Windows\System32\oflc-nz.rs
[2013.04.24 16:00:52 | 000,044,544 | ---- | C] (Microsoft) -- H:\Windows\System32\pegibbfc.rs
[2013.04.24 16:00:52 | 000,043,520 | ---- | C] (Microsoft) -- H:\Windows\System32\csrr.rs
[2013.04.24 16:00:52 | 000,040,960 | ---- | C] (Microsoft) -- H:\Windows\System32\cob-au.rs
[2013.04.24 16:00:52 | 000,030,720 | ---- | C] (Microsoft) -- H:\Windows\System32\usk.rs
[2013.04.24 16:00:52 | 000,021,504 | ---- | C] (Microsoft) -- H:\Windows\System32\grb.rs
[2013.04.24 16:00:52 | 000,020,480 | ---- | C] (Microsoft) -- H:\Windows\System32\pegi-pt.rs
[2013.04.24 16:00:52 | 000,020,480 | ---- | C] (Microsoft) -- H:\Windows\System32\pegi.rs
[2013.04.24 16:00:52 | 000,015,360 | ---- | C] (Microsoft) -- H:\Windows\System32\djctq.rs
[2013.04.24 16:00:51 | 000,055,296 | ---- | C] (Microsoft) -- H:\Windows\System32\cero.rs
[2013.04.24 16:00:51 | 000,051,712 | ---- | C] (Microsoft) -- H:\Windows\System32\esrb.rs
[2013.04.24 16:00:51 | 000,023,552 | ---- | C] (Microsoft) -- H:\Windows\System32\oflc.rs
[2013.04.24 16:00:51 | 000,020,480 | ---- | C] (Microsoft) -- H:\Windows\System32\pegi-fi.rs
[2013.04.24 16:00:37 | 000,078,336 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\synceng.dll
[2013.04.24 16:00:35 | 000,220,160 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ncrypt.dll
[2013.04.24 16:00:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\tzres.dll
[2013.04.24 15:59:14 | 000,193,536 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dhcpcore6.dll
[2013.04.24 15:59:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dhcpcsvc6.dll
[2013.04.24 15:58:54 | 000,169,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\winsrv.dll
[2013.04.24 15:33:46 | 000,861,696 | ---- | C] (DiBcom SA) -- H:\Windows\System32\drivers\mod7700.sys
[2013.04.24 15:33:46 | 000,353,280 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbwwan.sys
[2013.04.24 15:33:46 | 000,193,792 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbmdm.sys
[2013.04.24 15:33:46 | 000,181,760 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juwwanecm.sys
[2013.04.24 15:33:46 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwusbdev.sys
[2013.04.24 15:33:46 | 000,090,112 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcacm.sys
[2013.04.24 15:33:46 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jubusenum.sys
[2013.04.24 15:33:46 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcecm.sys
[2013.04.24 15:33:46 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juextctrl.sys
[2013.04.24 15:33:46 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- H:\Windows\System32\drivers\ewdcsc.sys
[2013.04.24 15:33:46 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwupgrade.sys
[2013.04.24 15:33:46 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_usbenumfilter.sys
[2013.04.24 15:33:19 | 000,724,608 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\bmutil.dll
[2013.04.24 15:33:19 | 000,480,384 | ---- | C] (Bytemobile, Inc.) -- H:\Windows\System32\bmnet.dll
[2013.04.24 15:33:19 | 000,308,352 | ---- | C] (Bytemobile, Inc.) -- H:\Windows\System32\bminstall.dll
[2013.04.24 15:33:19 | 000,132,224 | ---- | C] (Bytemobile, Inc.) -- H:\Windows\System32\bmdumpd.bin
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.23 18:26:00 | 000,001,120 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2013.05.23 18:11:00 | 000,001,096 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.23 18:04:00 | 000,000,884 | ---- | M] () -- H:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.23 17:53:34 | 000,000,804 | ---- | M] () -- H:\Users\Horst\Desktop\HDVidCodec.lnk
[2013.05.23 17:48:00 | 000,000,928 | ---- | M] () -- H:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2013.05.23 17:04:04 | 000,021,888 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.23 17:04:04 | 000,021,888 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.23 16:57:34 | 000,000,332 | ---- | M] () -- H:\Windows\tasks\RegistryBooster.job
[2013.05.23 16:57:13 | 000,001,092 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.23 16:56:36 | 000,067,584 | --S- | M] () -- H:\Windows\bootstat.dat
[2013.05.23 16:56:32 | 2314,657,792 | -HS- | M] () -- H:\hiberfil.sys
[2013.05.22 20:04:05 | 000,000,886 | ---- | M] () -- H:\Users\Horst\Desktop\Movie2KDownloader.lnk
[2013.05.21 15:02:13 | 000,000,264 | ---- | M] () -- H:\Windows\tasks\PC Performer_DEFAULT.job
[2013.05.21 14:48:00 | 000,000,906 | ---- | M] () -- H:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2013.05.20 21:26:01 | 000,001,068 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2013.05.19 12:19:53 | 004,852,004 | ---- | M] () -- H:\Windows\System32\perfh007.dat
[2013.05.19 12:19:53 | 001,840,076 | ---- | M] () -- H:\Windows\System32\perfh009.dat
[2013.05.19 12:19:53 | 001,430,940 | ---- | M] () -- H:\Windows\System32\perfc007.dat
[2013.05.19 12:19:53 | 001,274,968 | ---- | M] () -- H:\Windows\System32\perfc009.dat
[2013.05.18 03:27:00 | 000,269,712 | ---- | M] () -- H:\Windows\System32\FNTCACHE.DAT
[2013.05.18 03:26:46 | 000,000,272 | ---- | M] () -- H:\Windows\tasks\PC Performer_UPDATES.job
[2013.05.17 20:42:07 | 000,000,318 | ---- | M] () -- H:\Users\Horst\Desktop\Curse Client.appref-ms
[2013.05.17 20:23:15 | 000,000,000 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2013.05.17 20:20:54 | 000,000,213 | ---- | M] () -- H:\Users\Horst\Desktop\Dota 2.url
[2013.05.17 19:13:26 | 013,011,504 | ---- | M] (Blizzard Entertainment) -- H:\Users\Horst\Desktop\Wow.exe
[2013.05.17 19:10:30 | 000,000,775 | ---- | M] () -- H:\Users\Public\Desktop\World of Warcraft.lnk
[2013.05.17 17:04:24 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- H:\Windows\System32\FlashPlayerApp.exe
[2013.05.17 17:04:24 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- H:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.17 16:12:31 | 000,001,964 | ---- | M] () -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.05.17 15:43:40 | 000,000,835 | ---- | M] () -- H:\Users\Public\Desktop\Steam.lnk
[2013.05.05 11:38:38 | 000,001,725 | ---- | M] () -- H:\Users\Public\Desktop\Start BlueStacks.lnk
[2013.05.02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\MpSigStub.exe
[2013.04.24 21:27:33 | 001,441,280 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\inetcpl.cpl
[2013.04.24 21:27:33 | 001,400,416 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dat
[2013.04.24 21:27:33 | 000,745,472 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\MsSpellCheckingFacility.exe
[2013.04.24 21:27:33 | 000,719,360 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\mshtmlmedia.dll
[2013.04.24 21:27:33 | 000,629,248 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dll
[2013.04.24 21:27:33 | 000,361,984 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\html.iec
[2013.04.24 21:27:33 | 000,357,888 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\dxtmsft.dll
[2013.04.24 21:27:33 | 000,242,200 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\iedkcs32.dll
[2013.04.24 21:27:33 | 000,232,960 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\url.dll
[2013.04.24 21:27:33 | 000,226,816 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\dxtrans.dll
[2013.04.24 21:27:33 | 000,185,344 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\elshyph.dll
[2013.04.24 21:27:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msrating.dll
[2013.04.24 21:27:33 | 000,158,720 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msls31.dll
[2013.04.24 21:27:33 | 000,150,528 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\iexpress.exe
[2013.04.24 21:27:33 | 000,138,752 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\wextract.exe
[2013.04.24 21:27:33 | 000,137,216 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\ieUnatt.exe
[2013.04.24 21:27:33 | 000,117,248 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\iepeers.dll
[2013.04.24 21:27:33 | 000,110,592 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\IEAdvpack.dll
[2013.04.24 21:27:33 | 000,082,432 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\inseng.dll
[2013.04.24 21:27:33 | 000,073,728 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\SetIEInstalledDate.exe
[2013.04.24 21:27:33 | 000,057,344 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\pngfilt.dll
[2013.04.24 21:27:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\mshtmler.dll
[2013.04.24 21:27:33 | 000,041,984 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msfeedsbs.dll
[2013.04.24 21:27:33 | 000,038,400 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\imgutil.dll
[2013.04.24 21:27:33 | 000,025,185 | ---- | M] () -- H:\Windows\System32\ieuinit.inf
[2013.04.24 21:27:33 | 000,023,040 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\licmgr10.dll
[2013.04.24 21:27:33 | 000,011,776 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msfeedssync.exe
[2013.04.24 21:27:09 | 000,049,152 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\taskhost.exe
[2013.04.24 21:26:23 | 002,284,544 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msmpeg2vdec.dll
[2013.04.24 21:26:23 | 001,504,768 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d11.dll
[2013.04.24 21:26:23 | 001,247,744 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\DWrite.dll
[2013.04.24 21:26:23 | 001,158,144 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\XpsPrint.dll
[2013.04.24 21:26:23 | 001,080,832 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10.dll
[2013.04.24 21:26:23 | 000,417,792 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\WMPhoto.dll
[2013.04.24 21:26:23 | 000,364,544 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\XpsGdiConverter.dll
[2013.04.24 21:26:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10core.dll
[2013.04.24 21:26:23 | 000,207,872 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\WindowsCodecsExt.dll
[2013.04.24 21:26:23 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.24 21:26:22 | 003,419,136 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d2d1.dll
[2013.04.24 21:26:22 | 001,988,096 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10warp.dll
[2013.04.24 21:26:22 | 000,604,160 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10level9.dll
[2013.04.24 21:26:22 | 000,293,376 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\dxgi.dll
[2013.04.24 21:26:22 | 000,249,856 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1core.dll
[2013.04.24 21:26:22 | 000,187,392 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\UIAnimation.dll
[2013.04.24 21:26:22 | 000,161,792 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1.dll
[2013.04.24 15:34:36 | 000,001,163 | ---- | M] () -- H:\Users\Public\Desktop\Internet Manager.lnk
[2013.04.24 15:33:03 | 001,108,320 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\wdfcoinstaller01007.dll
[2013.04.24 15:33:03 | 001,108,320 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2013.04.24 15:33:03 | 000,861,696 | ---- | M] (DiBcom SA) -- H:\Windows\System32\drivers\mod7700.sys
[2013.04.24 15:33:03 | 000,353,280 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbwwan.sys
[2013.04.24 15:33:03 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbmdm.sys
[2013.04.24 15:33:03 | 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juwwanecm.sys
[2013.04.24 15:33:03 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwusbdev.sys
[2013.04.24 15:33:03 | 000,090,112 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcacm.sys
[2013.04.24 15:33:03 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jubusenum.sys
[2013.04.24 15:33:03 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcecm.sys
[2013.04.24 15:33:03 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juextctrl.sys
[2013.04.24 15:33:03 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- H:\Windows\System32\drivers\ewdcsc.sys
[2013.04.24 15:33:03 | 000,024,192 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\drivers\tcpipBM.sys
[2013.04.24 15:33:03 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwupgrade.sys
[2013.04.24 15:33:03 | 000,013,712 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\sporder.dll
[2013.04.24 15:33:03 | 000,013,184 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\drivers\BMLoad.sys
[2013.04.24 15:33:03 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_usbenumfilter.sys
[2013.04.24 15:33:02 | 000,724,608 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\bmutil.dll
[2013.04.24 15:33:02 | 000,480,384 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\bmnet.dll
[2013.04.24 15:33:02 | 000,308,352 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\bminstall.dll
[2013.04.24 15:32:57 | 000,132,224 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\bmdumpd.bin
 
========== Files Created - No Company Name ==========
 
[2013.05.23 17:54:03 | 000,079,360 | ---- | C] () -- H:\Windows\System32\ff_vfw.dll
[2013.05.23 17:53:34 | 000,000,804 | ---- | C] () -- H:\Users\Horst\Desktop\HDVidCodec.lnk
[2013.05.22 20:04:05 | 000,000,886 | ---- | C] () -- H:\Users\Horst\Desktop\Movie2KDownloader.lnk
[2013.05.17 20:42:07 | 000,000,318 | ---- | C] () -- H:\Users\Horst\Desktop\Curse Client.appref-ms
[2013.05.17 20:39:28 | 000,000,264 | ---- | C] () -- H:\Windows\tasks\PC Performer_DEFAULT.job
[2013.05.17 20:39:24 | 000,000,272 | ---- | C] () -- H:\Windows\tasks\PC Performer_UPDATES.job
[2013.05.17 20:23:15 | 000,000,000 | ---- | C] () -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2013.05.17 20:20:53 | 000,000,213 | ---- | C] () -- H:\Users\Horst\Desktop\Dota 2.url
[2013.05.17 19:10:25 | 000,000,775 | ---- | C] () -- H:\Users\Public\Desktop\World of Warcraft.lnk
[2013.05.17 15:43:40 | 000,000,835 | ---- | C] () -- H:\Users\Public\Desktop\Steam.lnk
[2013.05.05 11:38:38 | 000,001,725 | ---- | C] () -- H:\Users\Public\Desktop\Start BlueStacks.lnk
[2013.05.05 11:28:28 | 000,001,385 | ---- | C] () -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.04.24 21:35:34 | 000,000,003 | ---- | C] () -- H:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.04.24 21:35:01 | 000,000,003 | ---- | C] () -- H:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.04.24 21:27:33 | 000,025,185 | ---- | C] () -- H:\Windows\System32\ieuinit.inf
[2013.04.24 15:34:36 | 000,001,163 | ---- | C] () -- H:\Users\Public\Desktop\Internet Manager.lnk
[2012.07.15 11:07:27 | 000,007,597 | ---- | C] () -- H:\Users\Horst\AppData\Local\Resmon.ResmonCfg
[2011.11.15 12:22:15 | 000,640,512 | ---- | C] () -- H:\Windows\System32\wonauth.dll
[2011.09.29 14:29:27 | 000,000,806 | ---- | C] () -- H:\Windows\eReg.dat
[2011.08.28 03:00:40 | 000,166,912 | ---- | C] () -- H:\Windows\System32\APOMngr.DLL
[2011.08.28 03:00:40 | 000,073,728 | ---- | C] () -- H:\Windows\System32\CmdRtr.DLL
[2011.08.25 08:41:47 | 000,002,177 | ---- | C] () -- H:\Windows\P17EP.ini
[2011.08.25 08:41:47 | 000,001,578 | ---- | C] () -- H:\Windows\P17EPLS.ini
[2011.08.25 08:41:47 | 000,001,489 | ---- | C] () -- H:\Windows\P17EP51.ini
[2011.08.21 00:14:45 | 000,000,000 | ---- | C] () -- H:\Windows\ativpsrm.bin
 
========== ZeroAccess Check ==========
 
[2013.05.17 20:39:52 | 000,000,227 | RHS- | M] () -- H:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.05.17 14:32:20 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\3DataManager
[2013.05.22 20:05:39 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\BabSolution
[2012.07.01 12:46:40 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Babylon
[2013.05.17 22:06:39 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Curse Advertising
[2013.05.22 20:05:31 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Delta
[2013.05.17 20:39:07 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\PerformerSoft
[2013.05.17 20:39:24 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Softonic
[2012.05.09 10:27:28 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\T-Mobile
[2012.05.11 18:25:57 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\TS3Client
[2013.05.22 20:05:08 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Yontoo
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2011.10.29 22:08:46 | 000,000,000 | -HSD | M] -- H:\$Recycle.Bin
[2011.08.21 01:10:35 | 000,000,000 | -HSD | M] -- H:\Boot
[2013.05.18 03:26:01 | 000,000,000 | -H-D | M] -- H:\Config.Msi
[2012.05.23 18:38:51 | 000,000,000 | ---D | M] -- H:\Diablo III
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- H:\Documents and Settings
[2012.05.02 19:40:42 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen
[2008.11.23 12:25:21 | 000,000,000 | RH-D | M] -- H:\MSOCache
[2013.05.05 12:16:14 | 000,000,000 | ---D | M] -- H:\NVIDIA
[2013.05.23 17:54:03 | 000,000,000 | ---D | M] -- H:\Program Files
[2013.05.22 20:11:06 | 000,000,000 | -H-D | M] -- H:\ProgramData
[2011.11.15 13:45:39 | 000,000,000 | R--D | M] -- H:\Programme
[2011.08.21 00:24:31 | 000,000,000 | -HSD | M] -- H:\Recovery
[2008.09.25 18:28:30 | 000,000,000 | -HSD | M] -- H:\RECYCLER
[2013.05.23 18:35:40 | 000,000,000 | -HSD | M] -- H:\System Volume Information
[2012.05.21 03:02:45 | 000,000,000 | R--D | M] -- H:\Users
[2013.05.14 11:02:47 | 000,000,000 | ---D | M] -- H:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 06:53:46 | 000,032,640 | ---- | C] () -- H:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- H:\Windows\Tasks\SA.DAT
[2011.08.21 01:07:27 | 000,001,092 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.08.21 01:07:28 | 000,001,096 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.08.25 10:18:36 | 000,001,068 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2011.08.25 10:18:37 | 000,001,120 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2011.11.27 13:16:06 | 000,000,332 | ---- | C] () -- H:\Windows\Tasks\RegistryBooster.job
[2012.03.04 15:43:21 | 000,000,906 | ---- | C] () -- H:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2012.03.04 15:43:22 | 000,000,928 | ---- | C] () -- H:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2012.05.20 12:59:06 | 000,000,884 | ---- | C] () -- H:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.05.17 20:39:24 | 000,000,272 | ---- | C] () -- H:\Windows\Tasks\PC Performer_UPDATES.job
[2013.05.17 20:39:28 | 000,000,264 | ---- | C] () -- H:\Windows\Tasks\PC Performer_DEFAULT.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- H:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- H:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- H:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- H:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- H:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- H:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- H:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- H:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- H:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- H:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- H:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- H:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- H:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- H:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- H:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- H:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- H:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- H:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- H:\Windows\System32\netlogon.dll
[2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- H:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- H:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- H:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- H:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- H:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- H:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- H:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- H:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- H:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 23:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- H:\Windows\System32\user32.dll
[2010.11.20 23:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- H:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- H:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- H:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- H:\Windows\System32\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- H:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- H:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- H:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.05.23 18:43:34 | 004,456,448 | -HS- | M] () -- H:\Users\Horst\ntuser.dat
[2013.05.23 18:43:34 | 000,262,144 | -HS- | M] () -- H:\Users\Horst\ntuser.dat.LOG1
[2011.08.21 00:24:37 | 000,000,000 | -HS- | M] () -- H:\Users\Horst\ntuser.dat.LOG2
[2012.04.02 15:21:22 | 000,065,536 | RHS- | M] () -- H:\Users\Horst\ntuser.dat{0b94eb1e-7c9d-11e1-a97d-001d60db6421}.TM.blf
[2012.04.02 15:21:22 | 000,524,288 | RHS- | M] () -- H:\Users\Horst\ntuser.dat{0b94eb1e-7c9d-11e1-a97d-001d60db6421}.TMContainer00000000000000000001.regtrans-ms
[2012.04.02 15:21:22 | 000,524,288 | RHS- | M] () -- H:\Users\Horst\ntuser.dat{0b94eb1e-7c9d-11e1-a97d-001d60db6421}.TMContainer00000000000000000002.regtrans-ms
[2012.05.21 20:39:41 | 000,065,536 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{3c404129-a262-11e1-a2f1-001d60db6421}.TM.blf
[2012.05.21 20:39:41 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{3c404129-a262-11e1-a2f1-001d60db6421}.TMContainer00000000000000000001.regtrans-ms
[2012.05.21 20:39:41 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{3c404129-a262-11e1-a2f1-001d60db6421}.TMContainer00000000000000000002.regtrans-ms
[2012.05.02 19:39:43 | 000,065,536 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{4d6d488e-9477-11e1-88a1-001d60db6421}.TM.blf
[2012.05.02 19:39:43 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{4d6d488e-9477-11e1-88a1-001d60db6421}.TMContainer00000000000000000001.regtrans-ms
[2012.05.02 19:39:43 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{4d6d488e-9477-11e1-88a1-001d60db6421}.TMContainer00000000000000000002.regtrans-ms
[2012.05.02 20:30:45 | 000,065,536 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{519c645d-947d-11e1-8d08-001d60db6421}.TM.blf
[2012.05.02 20:30:45 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{519c645d-947d-11e1-8d08-001d60db6421}.TMContainer00000000000000000001.regtrans-ms
[2012.05.02 20:30:45 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{519c645d-947d-11e1-8d08-001d60db6421}.TMContainer00000000000000000002.regtrans-ms
[2013.04.24 21:22:21 | 000,065,536 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{56d43140-acde-11e2-9a36-001d60db6421}.TM.blf
[2013.04.24 21:22:21 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{56d43140-acde-11e2-9a36-001d60db6421}.TMContainer00000000000000000001.regtrans-ms
[2013.04.24 21:22:21 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{56d43140-acde-11e2-9a36-001d60db6421}.TMContainer00000000000000000002.regtrans-ms
[2012.04.04 17:16:45 | 000,065,536 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{724b700b-7e2d-11e1-a42a-001d60db6421}.TM.blf
[2012.04.04 17:16:45 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{724b700b-7e2d-11e1-a42a-001d60db6421}.TMContainer00000000000000000001.regtrans-ms
[2012.04.04 17:16:45 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{724b700b-7e2d-11e1-a42a-001d60db6421}.TMContainer00000000000000000002.regtrans-ms
[2012.05.20 12:00:29 | 000,065,536 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{abb53138-a260-11e1-b3a5-001d60db6421}.TM.blf
[2012.05.20 12:00:29 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{abb53138-a260-11e1-b3a5-001d60db6421}.TMContainer00000000000000000001.regtrans-ms
[2012.05.20 12:00:29 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{abb53138-a260-11e1-b3a5-001d60db6421}.TMContainer00000000000000000002.regtrans-ms
[2012.05.20 11:45:39 | 000,065,536 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{d13b78ec-a25c-11e1-bccf-001d60db6421}.TM.blf
[2012.05.20 11:45:39 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{d13b78ec-a25c-11e1-bccf-001d60db6421}.TMContainer00000000000000000001.regtrans-ms
[2012.05.20 11:45:39 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{d13b78ec-a25c-11e1-bccf-001d60db6421}.TMContainer00000000000000000002.regtrans-ms
[2012.05.02 19:03:46 | 000,065,536 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{d2c90cfe-9427-11e1-87fd-001d60db6421}.TM.blf
[2012.05.02 19:03:46 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{d2c90cfe-9427-11e1-87fd-001d60db6421}.TMContainer00000000000000000001.regtrans-ms
[2012.05.02 19:03:46 | 000,524,288 | -HS- | M] () -- H:\Users\Horst\ntuser.dat{d2c90cfe-9427-11e1-87fd-001d60db6421}.TMContainer00000000000000000002.regtrans-ms
[2012.04.04 10:09:38 | 000,000,020 | -HS- | M] () -- H:\Users\Horst\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 129 bytes -> H:\ProgramData\TEMP:05EE1EEF

< End of report >
         
--- --- ---




sorr muss es zitieren weil Antwort kann ich nicht schreiben, lässt mich nicht anmelden.


Alt 23.05.2013, 18:01   #6
markusg
/// Malware-holic
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



Hi,
wie kommt man bitte an so viele unnütze Toolbars?
Lade Software bitte nur beim Hersteller, und instaliere immer Nutzerdefiniert um Toolbars abwählen zu können
Informiere dich darüber was du instalierst, in den AGB's bzw via Google


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O20 - AppInit_DLLs: (H:\PROGRA~3\Wincert\WIN32C~1.DLL) - H:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (H:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll ()
O20 - AppInit_DLLs: (h:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - h:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
()
O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell\AutoRun\command - "" = M:\Autorun.exe
O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell - "" = AutoRun
O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell\AutoRun\command - "" = O:\AutoRun.exe
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\AutoRun.exe
O36 - AppCertDlls: x86 - (H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll
()

:files
H:\ProgramData\Wincert
H:\Program Files\Search Results Toolbar
h:\ProgramData\BrowserProtect
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
--> serach nu, bitte um hilfe

Alt 23.05.2013, 18:26   #7
Kungen686
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.05.2013 19:18:00 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = L:\
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,87 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 38,93% Memory free
5,75 Gb Paging File | 3,74 Gb Available in Paging File | 65,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = H: | %SystemRoot% = H:\Windows | %ProgramFiles% = H:\Program Files
Drive H: | 78,13 Gb Total Space | 6,68 Gb Free Space | 8,55% Space Free | Partition Type: NTFS
Drive I: | 97,65 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: NTFS
Drive J: | 94,66 Gb Total Space | 94,37 Gb Free Space | 99,70% Space Free | Partition Type: NTFS
Drive K: | 97,65 Gb Total Space | 76,40 Gb Free Space | 78,23% Space Free | Partition Type: NTFS
Drive L: | 97,65 Gb Total Space | 17,19 Gb Free Space | 17,61% Space Free | Partition Type: NTFS
 
Computer Name: HORST-PC | User Name: Horst | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - L:\OTL (2).exe (OldTimer Tools)
PRC - H:\Users\Horst\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
PRC - H:\Program Files\Yontoo Layers Runtime\Y2Desktop.Updater.exe (Microsoft)
PRC - H:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe (Adobe Systems Incorporated)
PRC - H:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - H:\Program Files\Search Results Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.)
PRC - H:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.)
PRC - H:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - H:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
PRC - H:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - H:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
PRC - H:\Program Files\BlueStacks\HD-SharedFolder.exe (BlueStack Systems)
PRC - H:\Program Files\BlueStacks\HD-BlockDevice.exe (BlueStack Systems)
PRC - H:\Program Files\BlueStacks\HD-Network.exe (BlueStack Systems)
PRC - H:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
PRC - H:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - H:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - H:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - H:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - H:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - H:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - H:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - H:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
PRC - H:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
PRC - H:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe (Razer USA Ltd)
PRC - H:\Program Files\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)
PRC - H:\Windows\explorer.exe (Microsoft Corporation)
PRC - H:\ProgramData\DatacardService\HWDeviceService.exe ()
PRC - H:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - H:\Windows\System32\atieclxx.exe (AMD)
PRC - H:\Windows\System32\atiesrxx.exe (AMD)
PRC - H:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Modules (No Company Name) ==========
 
MOD - H:\Users\Horst\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\814a45188ec5fe4b0ab709168cf4f81b\HD-Agent.ni.exe ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll ()
MOD - H:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\c94d8eba16a1c51a1cf7d7ac7f330843\JSON.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8bb2120d5a48b10e27fe82ad5d3fb982\System.Web.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - H:\ProgramData\Wincert\win32prop.dll ()
MOD - H:\ProgramData\Wincert\win32cert.dll ()
MOD - H:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
MOD - h:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - H:\Program Files\WinRAR\RarExt.dll ()
MOD - H:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - H:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - H:\Windows\System32\APOMngr.DLL ()
MOD - H:\Windows\System32\CmdRtr.DLL ()
 
 
========== Services (SafeList) ==========
 
SRV - (ZuneWlanCfgSvc) -- H:\Program Files\Zune\ZuneWlanCfgSvc.exe File not found
SRV - (ZuneNetworkSvc) -- H:\Program Files\Zune\ZuneNss.exe File not found
SRV - (Yontoo Desktop Updater) -- H:\Program Files\Yontoo Layers Runtime\Y2Desktop.Updater.exe H:\Users\Horst\AppData\Roaming\Yontoo\YontooDesktop.exe File not found
SRV - (WMZuneComm) -- H:\Program Files\Zune\WMZuneComm.exe File not found
SRV - (wlcrasvc) -- H:\Program Files\Windows Live\Mesh\wlcrasvc.exe File not found
SRV - (gusvc) -- H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe File not found
SRV - (gupdatem) -- H:\Program Files\Google\Update\GoogleUpdate.exe /medsvc File not found
SRV - (gupdate) -- H:\Program Files\Google\Update\GoogleUpdate.exe /svc File not found
SRV - (fsssvc) -- H:\Program Files\Windows Live\Family Safety\fsssvc.exe File not found
SRV - (Creative Audio Engine Licensing Service) -- H:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- H:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- H:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (DatamngrCoordinator) -- H:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.)
SRV - (Steam Client Service) -- H:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (BstHdLogRotatorSvc) -- H:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- H:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (BrowserProtect) -- H:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
SRV - (nvUpdatusService) -- H:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- H:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (McComponentHostService) -- H:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- H:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance) -- H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (WatAdminSvc) -- H:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (HWDeviceService.exe) -- H:\ProgramData\DatacardService\HWDeviceService.exe ()
SRV - (AMD External Events Utility) -- H:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SensrSvc) -- H:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- H:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CTAudSvcService) -- H:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found
DRV - (hwusbdev) -- system32\DRIVERS\ewusbdev.sys File not found
DRV - (ewusbnet) -- system32\DRIVERS\ewusbnet.sys File not found
DRV - (hwdatacard) -- H:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_wwanecm) -- H:\Windows\System32\drivers\ew_juwwanecm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- H:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_cdcacm) -- H:\Windows\System32\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_enumerator) -- H:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_ext_ctrl) -- H:\Windows\System32\drivers\ew_juextctrl.sys (Huawei Technologies Co., Ltd.)
DRV - (tcpipBM) -- H:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (BMLoad) -- H:\Windows\System32\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV - (ew_usbenumfilter) -- H:\Windows\System32\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)
DRV - (BstHdDrv) -- H:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems)
DRV - (nvlddmkm) -- H:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (FTSER2K) -- H:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- H:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (EuMusDesignVirtualAudioCableWdm) -- H:\Windows\System32\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
DRV - (RzSynapse) -- H:\Windows\System32\drivers\RzSynapse.sys (Razer USA Ltd)
DRV - (TsUsbFlt) -- H:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (winusb) -- H:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- H:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (P17) -- H:\Windows\System32\drivers\P17.sys (Creative Technology Ltd.)
DRV - (atikmdag) -- H:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (Atc002) -- H:\Windows\System32\drivers\l260x86.sys (Atheros Communications, Inc.)
DRV - (MTsensor) -- H:\Windows\System32\drivers\ASACPI.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - SOFTWARE\Classes\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=559&systemid=406&apn_uid=5476213633344063&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={17FB94E8-CC2A-4A08-A089-1D5E0C4B1E2A}
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120120083518926&tb_oid=20-01-2012&tb_mrud=20-01-2012
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Delta Search
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = L:\
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN AT: Hotmail, Outlook, Messenger, Skype, Unterhaltung, Nachrichten & Lifestyle
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 18 D4 D4 09 29 A1 CC 01  [binary data]
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - SOFTWARE\Classes\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{04C780E6-C682-4F97-B151-6932DBDE79AC}: "URL" = hxxp://search.softonic.com/MOY00006/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=00000000000000000000001d60db6421&r=397
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119781&tt=gc_&babsrc=SP_ss&mntrId=E4E6001D60DB6421
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{4CC30D01-69C8-4993-8BE2-EEDD8904D876}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deAT445
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://www.bigseekpro.com/search/browser/hypercam/{8008C83A-FEF9-43BE-85A8-6FFE0A4425DB}?q={searchTerms}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=559&systemid=406&apn_uid=5476213633344063&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={17FB94E8-CC2A-4A08-A089-1D5E0C4B1E2A}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120120083518926&tb_oid=20-01-2012&tb_mrud=20-01-2012
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = L:\
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/hypercam/{8008C83A-FEF9-43BE-85A8-6FFE0A4425DB}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN AT: Hotmail, Outlook, Messenger, Skype, Unterhaltung, Nachrichten & Lifestyle
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 BB 9D 23 8C 5F CC 01  [binary data]
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - SOFTWARE\Classes\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100489&mntrId=00000000000000000000582c80139263
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{4CC30D01-69C8-4993-8BE2-EEDD8904D876}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_de
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://www.bigseekpro.com/search/browser/hypercam/{8008C83A-FEF9-43BE-85A8-6FFE0A4425DB}?q={searchTerms}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{C65F971D-0D1A-4667-BDA9-6AE58C9C805F}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={17FB94E8-CC2A-4A08-A089-1D5E0C4B1E2A}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120120083518926&tb_oid=20-01-2012&tb_mrud=20-01-2012
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406?appid=559"
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.9.0.0
FF - prefs.js..extensions.enabledAddons: {C4A4F5A0-4B89-4392-AFAC-D58010E349AF}:5.0.0.7254
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=559&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5476213633344063&o=APN10645&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://search.bearshare.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: H:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: H:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: H:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: H:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: H:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: H:\Users\Horst\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Users\Horst\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Users\Horst\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2012.06.30 21:50:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2012.06.30 21:50:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins
 
[2012.05.09 18:39:48 | 000,000,000 | ---D | M] (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Extensions
[2013.05.23 17:53:47 | 000,000,000 | ---D | M] (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions
[2013.05.22 20:10:57 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}
[2013.05.22 20:10:52 | 000,000,000 | ---D | M] (New Tab) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}
[2013.05.22 20:05:32 | 000,000,000 | ---D | M] (Delta Toolbar) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\ffxtlbr@delta.com
[2013.05.22 20:04:56 | 000,000,000 | ---D | M] (Yontoo) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\plugin@yontoo.com
[2012.07.31 13:59:18 | 000,221,380 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\gophoto@gophoto.it.xpi
[2013.04.17 15:50:46 | 000,201,930 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\hdvc@hdvc.com.xpi
[2013.04.08 19:11:52 | 000,199,379 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\m2k@m2kdownloader.com.xpi
[2013.04.24 15:55:52 | 000,190,000 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2013.05.22 20:05:19 | 000,006,505 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\babylon.xml
[2013.05.22 20:05:34 | 000,001,294 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\delta.xml
[2013.05.22 20:10:52 | 000,002,646 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\Search_Results.xml
[2013.05.17 20:40:31 | 000,001,434 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\softonic.xml
[2012.07.01 13:47:14 | 000,004,117 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\sweetim.xml
[2012.05.09 18:39:30 | 000,000,000 | ---D | M] (No name found) -- H:\Program Files\Mozilla Firefox\extensions
[2012.06.30 21:50:26 | 000,085,472 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.30 21:50:24 | 000,001,392 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.01 12:46:51 | 000,002,352 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.06.30 21:50:24 | 000,002,252 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.30 21:50:24 | 000,001,153 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.30 21:50:24 | 000,006,805 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.05.22 20:10:52 | 000,002,646 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012.06.30 21:50:24 | 000,001,178 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.30 21:50:24 | 000,001,105 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Search Results ()
CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=559&systemid=406&apn_uid=5476213633344063&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
CHR - default_search_provider: suggest_url = 
CHR - homepage: Search
CHR - Extension: Softonic Chrome Toolbar = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\
CHR - Extension: Delta Toolbar = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: iLivid New Tabs = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\jbajpeofkjjeiamcglnmldoboonfkiol\5.0.0.7254_0\
CHR - Extension: HDvid Codec = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\kpkbnefaikfaeadgidhpoanckoiaheli\2.0_0\
CHR - Extension: M2k Downloader = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\lbbbdmbjkgojacipgefbifkiebpcdjhn\1.0_0\
CHR - Extension: Yontoo = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\
CHR - Extension: GoPhoto.it = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.4_0\
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - H:\Windows\System32\drivers\etc\hosts
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - H:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - H:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - H:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - H:\Program Files\Winload\prxtbWin0.dll File not found
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - H:\Program Files\BittorrentBar_DE\prxtbBitt.dll File not found
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - H:\Program Files\Windows Live\Companion\companioncore.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll File not found
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - H:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
O2 - BHO: (Wincore Mediabar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - H:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - H:\Program Files\Softonic\Softonic\1.8.19.3\bh\Softonic.dll (Softonic.com)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - H:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - H:\Program Files\Hyperionics DB Toolbar\tbcore3.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - H:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKLM\..\Toolbar: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - H:\Program Files\Hyperionics DB Toolbar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - H:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - H:\Program Files\Winload\prxtbWin0.dll File not found
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - H:\Program Files\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - H:\Program Files\BittorrentBar_DE\prxtbBitt.dll File not found
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - H:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - H:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll File not found
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - H:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - H:\Program Files\Winload\prxtbWin0.dll File not found
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - H:\Program Files\Winload\prxtbWin0.dll File not found
O4 - HKLM..\Run: [APSDaemon] H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BlueStacks Agent] H:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [DATAMNGR] H:\Program Files\Search Results Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.)
O4 - HKLM..\Run: [P17RunE] H:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [QuickTime Plugin Install] H:\Program Files\QuickTime\Plugins\DeleteMe1.exe ()
O4 - HKLM..\Run: [Razer Anansi Driver] H:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [Razer Naga Driver] H:\Program Files\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [SweetIM] H:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] H:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Zune Launcher] H:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [EADM] "H:\Program Files\Origin\Origin.exe" -AutoStart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Facebook Update] "H:\Users\Horst\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [RegistryBooster] "H:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000  File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Spotify] "H:\Users\Horst\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Steam] H:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Yontoo Desktop] H:\Users\Horst\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [EADM] "H:\Program Files\Origin\Origin.exe" -AutoStart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [Facebook Update] "H:\Users\Horst\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [RegistryBooster] "H:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000  File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [Spotify] "H:\Users\Horst\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [CTAutoUpdate] "H:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe" /RunFromInstaller File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [FlashPlayerUpdate] H:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe -update plugin File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [InetReg] "H:\Program Files\Creative\Produktregistrierung\German\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6 File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Google Sidewiki... - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Web-Suche - H:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra Button: @H:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - H:\Program Files\Windows Live\Companion\companioncore.dll File not found
O9 - Extra Button: @H:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll File not found
O9 - Extra 'Tools' menuitem : @H:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C0279CB-C7EC-4E56-812A-16CD781ABAB8}: NameServer = 213.162.69.170 213.162.69.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D966CB7E-CEDB-4CB0-AF5E-E011ABA4BB8F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - H:\Program Files\Windows Live\Mail\mailcomm.dll File not found
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - H:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll File not found
O20 - AppInit_DLLs: (H:\PROGRA~3\Wincert\WIN32C~1.DLL) - H:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (H:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll ()
O20 - AppInit_DLLs: (h:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - h:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - H:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\Windows\system32\userinit.exe) - H:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - H:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - H:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012.03.26 21:26:05 | 000,000,000 | ---D | M] - J:\Automatisch zu iTunes hinzufügen -- [ NTFS ]
O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell\AutoRun\command - "" = M:\Autorun.exe
O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell - "" = AutoRun
O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell\AutoRun\command - "" = O:\AutoRun.exe
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x86 - (H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.23 17:54:03 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013.05.23 17:54:03 | 000,000,000 | ---D | C] -- H:\Program Files\ffdshow
[2013.05.23 17:53:47 | 000,000,000 | ---D | C] -- H:\Program Files\Gophoto.it
[2013.05.23 17:53:34 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com
[2013.05.23 17:53:34 | 000,000,000 | ---D | C] -- H:\Program Files\hdvidcodec.com
[2013.05.22 20:11:06 | 000,000,000 | ---D | C] -- H:\ProgramData\Wincert
[2013.05.22 20:10:49 | 000,000,000 | ---D | C] -- H:\Program Files\Search Results Toolbar
[2013.05.22 20:10:49 | 000,000,000 | ---D | C] -- H:\ProgramData\Datamngr
[2013.05.22 20:09:51 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\iLivid
[2013.05.22 20:05:50 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013.05.22 20:05:46 | 000,000,000 | ---D | C] -- H:\ProgramData\BrowserProtect
[2013.05.22 20:05:38 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\BabSolution
[2013.05.22 20:05:32 | 000,000,000 | ---D | C] -- H:\Program Files\Delta
[2013.05.22 20:05:31 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Delta
[2013.05.22 20:04:55 | 000,000,000 | ---D | C] -- H:\Program Files\Yontoo Layers Runtime
[2013.05.22 20:04:55 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Yontoo
[2013.05.22 20:04:13 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\PutLockerDownloader
[2013.05.22 20:04:05 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
[2013.05.22 20:04:05 | 000,000,000 | ---D | C] -- H:\Program Files\Movie2KDownloader.com
[2013.05.21 15:36:33 | 000,000,000 | ---D | C] -- H:\Users\Horst\Desktop\addons
[2013.05.21 14:58:46 | 000,000,000 | ---D | C] -- H:\Users\Horst\Desktop\gramsch2
[2013.05.19 16:28:55 | 013,011,504 | ---- | C] (Blizzard Entertainment) -- H:\Users\Horst\Desktop\Wow.exe
[2013.05.18 12:35:26 | 000,074,072 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_5.dll
[2013.05.18 12:35:25 | 002,106,216 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_43.dll
[2013.05.18 12:35:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_43.dll
[2013.05.18 12:35:25 | 001,868,128 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dcsx_43.dll
[2013.05.18 12:35:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_6.dll
[2013.05.18 12:35:25 | 000,527,192 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_7.dll
[2013.05.18 12:35:25 | 000,470,880 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_43.dll
[2013.05.18 12:35:25 | 000,248,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx11_43.dll
[2013.05.18 12:35:25 | 000,239,960 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_7.dll
[2013.05.18 12:35:25 | 000,238,936 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_6.dll
[2013.05.18 12:35:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_4.dll
[2013.05.18 12:35:25 | 000,022,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_7.dll
[2013.05.18 12:35:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_5.dll
[2013.05.18 12:35:21 | 004,178,264 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_41.dll
[2013.05.18 12:35:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_4.dll
[2013.05.18 12:35:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_40.dll
[2013.05.18 12:35:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_40.dll
[2013.05.18 12:35:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_40.dll
[2013.05.18 12:35:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_4.dll
[2013.05.18 12:35:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_6.dll
[2013.05.18 12:35:19 | 001,493,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_39.dll
[2013.05.18 12:35:19 | 000,514,384 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_3.dll
[2013.05.18 12:35:19 | 000,509,448 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_2.dll
[2013.05.18 12:35:19 | 000,467,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_39.dll
[2013.05.18 12:35:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_2.dll
[2013.05.18 12:35:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_3.dll
[2013.05.18 12:35:19 | 000,070,992 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_2.dll
[2013.05.18 12:35:19 | 000,068,616 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_1.dll
[2013.05.18 12:35:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_5.dll
[2013.05.18 12:35:18 | 003,851,784 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_39.dll
[2013.05.18 12:35:18 | 000,507,400 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_1.dll
[2013.05.18 12:35:18 | 000,065,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_0.dll
[2013.05.18 12:35:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_38.dll
[2013.05.18 12:35:17 | 001,491,992 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_38.dll
[2013.05.18 12:35:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_0.dll
[2013.05.18 12:35:17 | 000,467,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_38.dll
[2013.05.18 12:35:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_1.dll
[2013.05.18 12:35:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_0.dll
[2013.05.18 12:35:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_4.dll
[2013.05.18 12:35:16 | 003,786,760 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_37.dll
[2013.05.18 12:35:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_37.dll
[2013.05.18 12:35:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_37.dll
[2013.05.18 12:35:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_36.dll
[2013.05.18 12:35:16 | 000,267,272 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_10.dll
[2013.05.18 12:35:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_3.dll
[2013.05.18 12:35:15 | 003,734,536 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_36.dll
[2013.05.18 12:35:15 | 003,727,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_35.dll
[2013.05.18 12:35:15 | 001,374,232 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_36.dll
[2013.05.18 12:35:15 | 001,358,192 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_35.dll
[2013.05.18 12:35:15 | 000,444,776 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_35.dll
[2013.05.18 12:35:15 | 000,267,112 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_9.dll
[2013.05.18 12:35:14 | 003,497,832 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_34.dll
[2013.05.18 12:35:14 | 001,124,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_34.dll
[2013.05.18 12:35:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_33.dll
[2013.05.18 12:35:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_34.dll
[2013.05.18 12:35:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_33.dll
[2013.05.18 12:35:14 | 000,266,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_8.dll
[2013.05.18 12:35:14 | 000,261,480 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_7.dll
[2013.05.18 12:35:14 | 000,017,928 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_2.dll
[2013.05.18 12:35:13 | 003,495,784 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_33.dll
[2013.05.18 12:35:13 | 000,440,080 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10.dll
[2013.05.18 12:35:13 | 000,255,848 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_6.dll
[2013.05.18 12:35:13 | 000,251,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_5.dll
[2013.05.18 12:35:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_4.dll
[2013.05.18 12:35:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\x3daudio1_1.dll
[2013.05.18 12:35:11 | 000,236,824 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_3.dll
[2013.05.18 12:35:11 | 000,230,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_2.dll
[2013.05.18 12:35:11 | 000,229,584 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_1.dll
[2013.05.18 12:35:11 | 000,062,744 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xinput1_2.dll
[2013.05.18 12:35:11 | 000,062,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xinput1_1.dll
[2013.05.18 12:35:06 | 002,388,176 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_30.dll
[2013.05.18 12:35:06 | 002,332,368 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_29.dll
[2013.05.18 12:35:06 | 002,323,664 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_28.dll
[2013.05.18 12:35:06 | 002,319,568 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_27.dll
[2013.05.18 12:35:06 | 000,230,096 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_0.dll
[2013.05.18 12:35:06 | 000,014,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\x3daudio1_0.dll
[2013.05.18 12:35:05 | 002,337,488 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_25.dll
[2013.05.18 12:35:05 | 002,297,552 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_26.dll
[2013.05.18 12:35:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_24.dll
[2013.05.18 03:08:02 | 002,706,432 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\mshtml.tlb
[2013.05.18 03:08:01 | 002,877,440 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\jscript9.dll
[2013.05.18 03:08:00 | 000,391,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieui.dll
[2013.05.18 03:08:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iesetup.dll
[2013.05.18 03:08:00 | 000,039,424 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\jsproxy.dll
[2013.05.18 03:07:59 | 000,493,056 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msfeeds.dll
[2013.05.18 03:07:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iesysprep.dll
[2013.05.18 03:07:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\RegisterIEPKEYs.exe
[2013.05.18 03:07:59 | 000,042,496 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ie4uinit.exe
[2013.05.18 03:07:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iernonce.dll
[2013.05.17 20:42:34 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Curse Advertising
[2013.05.17 20:42:07 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2013.05.17 20:40:02 | 000,000,000 | ---D | C] -- H:\Program Files\Softonic
[2013.05.17 20:39:24 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Softonic
[2013.05.17 20:39:07 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\PerformerSoft
[2013.05.17 20:39:07 | 000,000,000 | ---D | C] -- H:\ProgramData\IBUpdaterService
[2013.05.17 20:39:05 | 000,018,096 | ---- | C] (PerformerSoft LLC) -- H:\Windows\System32\roboot.exe
[2013.05.17 20:39:03 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
[2013.05.17 20:39:02 | 000,000,000 | ---D | C] -- H:\Program Files\PC Performer
[2013.05.17 20:29:58 | 000,000,000 | ---D | C] -- H:\Users\Horst\Documents\My Curse
[2013.05.17 20:20:54 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013.05.17 20:20:19 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\Deployment
[2013.05.17 19:23:37 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\ElevatedDiagnostics
[2013.05.17 19:10:25 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2013.05.17 16:12:31 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013.05.17 15:46:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wwanprotdim.dll
[2013.05.17 15:46:32 | 002,347,520 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\win32k.sys
[2013.05.17 15:46:22 | 000,218,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\dxgmms1.sys
[2013.05.17 15:46:15 | 001,796,096 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\authui.dll
[2013.05.17 15:46:15 | 000,101,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\consent.exe
[2013.05.17 15:43:45 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\PopCap Games
[2013.05.17 15:43:30 | 000,000,000 | ---D | C] -- H:\Program Files\Common Files\Steam
[2013.05.17 15:43:28 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.05.17 15:43:26 | 000,000,000 | ---D | C] -- H:\Program Files\Steam
[2013.05.05 12:20:00 | 000,000,000 | ---D | C] -- H:\Program Files\AGEIA Technologies
[2013.05.05 12:19:33 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
[2013.05.05 12:19:29 | 000,000,000 | ---D | C] -- H:\ProgramData\PopCap Games
[2013.05.05 12:19:29 | 000,000,000 | ---D | C] -- H:\Program Files\PopCap Games
[2013.05.05 12:16:59 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvoglv32.dll
[2013.05.05 12:16:59 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcompiler.dll
[2013.05.05 12:16:59 | 008,952,608 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\drivers\nvlddmkm.sys
[2013.05.05 12:16:59 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcuda.dll
[2013.05.05 12:16:59 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvopencl.dll
[2013.05.05 12:16:59 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcuvid.dll
[2013.05.05 12:16:59 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcuvenc.dll
[2013.05.05 12:16:59 | 001,012,512 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvdispco3231422.dll
[2013.05.05 12:16:59 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvdispgenco3231422.dll
[2013.05.05 12:16:14 | 000,000,000 | ---D | C] -- H:\NVIDIA
[2013.05.05 11:43:13 | 003,913,560 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ntoskrnl.exe
[2013.05.05 11:43:12 | 003,968,856 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ntkrnlpa.exe
[2013.05.05 11:43:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\csrsrv.dll
[2013.05.05 11:42:59 | 000,131,584 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\aaclient.dll
[2013.05.05 11:42:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\tsgqec.dll
[2013.05.05 11:38:19 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2013.05.05 11:38:19 | 000,000,000 | ---D | C] -- H:\Program Files\BlueStacks
[2013.05.05 11:38:12 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\NVIDIA
[2013.05.05 11:37:58 | 000,000,000 | ---D | C] -- H:\ProgramData\BlueStacksSetup
[2013.05.05 11:37:58 | 000,000,000 | ---D | C] -- H:\ProgramData\BlueStacks
[2013.05.05 11:28:28 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.04.24 21:54:00 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- H:\Windows\System32\atmfd.dll
[2013.04.24 21:54:00 | 000,034,304 | ---- | C] (Adobe Systems) -- H:\Windows\System32\atmlib.dll
[2013.04.24 21:35:33 | 000,047,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\WdfLdr.sys
[2013.04.24 21:35:33 | 000,009,728 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Wdfres.dll
[2013.04.24 21:35:01 | 000,613,888 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WUDFx.dll
[2013.04.24 21:35:01 | 000,172,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WUDFPlatform.dll
[2013.04.24 21:35:01 | 000,038,912 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WUDFCoinstaller.dll
[2013.04.24 21:27:33 | 001,441,280 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\inetcpl.cpl
[2013.04.24 21:27:33 | 001,400,416 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dat
[2013.04.24 21:27:33 | 000,745,472 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\MsSpellCheckingFacility.exe
[2013.04.24 21:27:33 | 000,719,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\mshtmlmedia.dll
[2013.04.24 21:27:33 | 000,629,248 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dll
[2013.04.24 21:27:33 | 000,361,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\html.iec
[2013.04.24 21:27:33 | 000,357,888 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dxtmsft.dll
[2013.04.24 21:27:33 | 000,242,200 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iedkcs32.dll
[2013.04.24 21:27:33 | 000,232,960 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\url.dll
[2013.04.24 21:27:33 | 000,226,816 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dxtrans.dll
[2013.04.24 21:27:33 | 000,185,344 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\elshyph.dll
[2013.04.24 21:27:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msrating.dll
[2013.04.24 21:27:33 | 000,158,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msls31.dll
[2013.04.24 21:27:33 | 000,150,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iexpress.exe
[2013.04.24 21:27:33 | 000,138,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wextract.exe
[2013.04.24 21:27:33 | 000,137,216 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieUnatt.exe
[2013.04.24 21:27:33 | 000,117,248 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iepeers.dll
[2013.04.24 21:27:33 | 000,110,592 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\IEAdvpack.dll
[2013.04.24 21:27:33 | 000,082,432 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\inseng.dll
[2013.04.24 21:27:33 | 000,073,728 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\SetIEInstalledDate.exe
[2013.04.24 21:27:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\pngfilt.dll
[2013.04.24 21:27:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\mshtmler.dll
[2013.04.24 21:27:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msfeedsbs.dll
[2013.04.24 21:27:33 | 000,038,400 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\imgutil.dll
[2013.04.24 21:27:33 | 000,023,040 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\licmgr10.dll
[2013.04.24 21:27:33 | 000,011,776 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msfeedssync.exe
[2013.04.24 21:27:09 | 000,049,152 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\taskhost.exe
[2013.04.24 21:26:23 | 002,284,544 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msmpeg2vdec.dll
[2013.04.24 21:26:23 | 001,504,768 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d11.dll
[2013.04.24 21:26:23 | 001,247,744 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\DWrite.dll
[2013.04.24 21:26:23 | 001,158,144 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XpsPrint.dll
[2013.04.24 21:26:23 | 001,080,832 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10.dll
[2013.04.24 21:26:23 | 000,417,792 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WMPhoto.dll
[2013.04.24 21:26:23 | 000,364,544 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XpsGdiConverter.dll
[2013.04.24 21:26:23 | 000,220,160 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10core.dll
[2013.04.24 21:26:23 | 000,207,872 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WindowsCodecsExt.dll
[2013.04.24 21:26:23 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.24 21:26:22 | 003,419,136 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d2d1.dll
[2013.04.24 21:26:22 | 001,988,096 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10warp.dll
[2013.04.24 21:26:22 | 000,604,160 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10level9.dll
[2013.04.24 21:26:22 | 000,293,376 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dxgi.dll
[2013.04.24 21:26:22 | 000,249,856 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1core.dll
[2013.04.24 21:26:22 | 000,187,392 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\UIAnimation.dll
[2013.04.24 21:26:22 | 000,161,792 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1.dll
[2013.04.24 16:03:42 | 000,033,280 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\RNDISMP.sys
[2013.04.24 16:03:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\usb8023.sys
[2013.04.24 16:02:53 | 000,376,832 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dpnet.dll
[2013.04.24 16:02:09 | 000,245,760 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\OxpsConverter.exe
[2013.04.24 16:01:55 | 000,187,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\FWPKCLNT.SYS
[2013.04.24 16:01:50 | 000,240,496 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\netio.sys
[2013.04.24 16:01:50 | 000,175,104 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\netcorehc.dll
[2013.04.24 16:01:50 | 000,156,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ncsi.dll
[2013.04.24 16:01:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\netevent.dll
[2013.04.24 16:01:36 | 000,271,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\conhost.exe
[2013.04.24 16:01:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.04.24 16:01:35 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.04.24 16:01:35 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.04.24 16:01:22 | 000,400,896 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\srcore.dll
[2013.04.24 16:01:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\browcli.dll
[2013.04.24 16:00:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\gameux.dll
[2013.04.24 16:00:52 | 000,308,736 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Wpc.dll
[2013.04.24 16:00:52 | 000,046,592 | ---- | C] (Microsoft) -- H:\Windows\System32\fpb.rs
[2013.04.24 16:00:52 | 000,045,568 | ---- | C] (Microsoft) -- H:\Windows\System32\oflc-nz.rs
[2013.04.24 16:00:52 | 000,044,544 | ---- | C] (Microsoft) -- H:\Windows\System32\pegibbfc.rs
[2013.04.24 16:00:52 | 000,043,520 | ---- | C] (Microsoft) -- H:\Windows\System32\csrr.rs
[2013.04.24 16:00:52 | 000,040,960 | ---- | C] (Microsoft) -- H:\Windows\System32\cob-au.rs
[2013.04.24 16:00:52 | 000,030,720 | ---- | C] (Microsoft) -- H:\Windows\System32\usk.rs
[2013.04.24 16:00:52 | 000,021,504 | ---- | C] (Microsoft) -- H:\Windows\System32\grb.rs
[2013.04.24 16:00:52 | 000,020,480 | ---- | C] (Microsoft) -- H:\Windows\System32\pegi-pt.rs
[2013.04.24 16:00:52 | 000,020,480 | ---- | C] (Microsoft) -- H:\Windows\System32\pegi.rs
[2013.04.24 16:00:52 | 000,015,360 | ---- | C] (Microsoft) -- H:\Windows\System32\djctq.rs
[2013.04.24 16:00:51 | 000,055,296 | ---- | C] (Microsoft) -- H:\Windows\System32\cero.rs
[2013.04.24 16:00:51 | 000,051,712 | ---- | C] (Microsoft) -- H:\Windows\System32\esrb.rs
[2013.04.24 16:00:51 | 000,023,552 | ---- | C] (Microsoft) -- H:\Windows\System32\oflc.rs
[2013.04.24 16:00:51 | 000,020,480 | ---- | C] (Microsoft) -- H:\Windows\System32\pegi-fi.rs
[2013.04.24 16:00:37 | 000,078,336 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\synceng.dll
[2013.04.24 16:00:35 | 000,220,160 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ncrypt.dll
[2013.04.24 16:00:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\tzres.dll
[2013.04.24 15:59:14 | 000,193,536 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dhcpcore6.dll
[2013.04.24 15:59:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dhcpcsvc6.dll
[2013.04.24 15:58:54 | 000,169,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\winsrv.dll
[2013.04.24 15:33:46 | 000,861,696 | ---- | C] (DiBcom SA) -- H:\Windows\System32\drivers\mod7700.sys
[2013.04.24 15:33:46 | 000,353,280 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbwwan.sys
[2013.04.24 15:33:46 | 000,193,792 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbmdm.sys
[2013.04.24 15:33:46 | 000,181,760 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juwwanecm.sys
[2013.04.24 15:33:46 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwusbdev.sys
[2013.04.24 15:33:46 | 000,090,112 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcacm.sys
[2013.04.24 15:33:46 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jubusenum.sys
[2013.04.24 15:33:46 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcecm.sys
[2013.04.24 15:33:46 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juextctrl.sys
[2013.04.24 15:33:46 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- H:\Windows\System32\drivers\ewdcsc.sys
[2013.04.24 15:33:46 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwupgrade.sys
[2013.04.24 15:33:46 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_usbenumfilter.sys
[2013.04.24 15:33:19 | 000,724,608 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\bmutil.dll
[2013.04.24 15:33:19 | 000,480,384 | ---- | C] (Bytemobile, Inc.) -- H:\Windows\System32\bmnet.dll
[2013.04.24 15:33:19 | 000,308,352 | ---- | C] (Bytemobile, Inc.) -- H:\Windows\System32\bminstall.dll
[2013.04.24 15:33:19 | 000,132,224 | ---- | C] (Bytemobile, Inc.) -- H:\Windows\System32\bmdumpd.bin
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.23 19:11:00 | 000,001,096 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.23 19:04:04 | 000,000,884 | ---- | M] () -- H:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.23 18:26:00 | 000,001,120 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2013.05.23 17:53:34 | 000,000,804 | ---- | M] () -- H:\Users\Horst\Desktop\HDVidCodec.lnk
[2013.05.23 17:48:00 | 000,000,928 | ---- | M] () -- H:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2013.05.23 17:04:04 | 000,021,888 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.23 17:04:04 | 000,021,888 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.23 16:57:34 | 000,000,332 | ---- | M] () -- H:\Windows\tasks\RegistryBooster.job
[2013.05.23 16:57:13 | 000,001,092 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.23 16:56:36 | 000,067,584 | --S- | M] () -- H:\Windows\bootstat.dat
[2013.05.23 16:56:32 | 2314,657,792 | -HS- | M] () -- H:\hiberfil.sys
[2013.05.22 20:04:05 | 000,000,886 | ---- | M] () -- H:\Users\Horst\Desktop\Movie2KDownloader.lnk
[2013.05.21 15:02:13 | 000,000,264 | ---- | M] () -- H:\Windows\tasks\PC Performer_DEFAULT.job
[2013.05.21 14:48:00 | 000,000,906 | ---- | M] () -- H:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2013.05.20 21:26:01 | 000,001,068 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2013.05.19 12:19:53 | 004,852,004 | ---- | M] () -- H:\Windows\System32\perfh007.dat
[2013.05.19 12:19:53 | 001,840,076 | ---- | M] () -- H:\Windows\System32\perfh009.dat
[2013.05.19 12:19:53 | 001,430,940 | ---- | M] () -- H:\Windows\System32\perfc007.dat
[2013.05.19 12:19:53 | 001,274,968 | ---- | M] () -- H:\Windows\System32\perfc009.dat
[2013.05.18 03:27:00 | 000,269,712 | ---- | M] () -- H:\Windows\System32\FNTCACHE.DAT
[2013.05.18 03:26:46 | 000,000,272 | ---- | M] () -- H:\Windows\tasks\PC Performer_UPDATES.job
[2013.05.17 20:42:07 | 000,000,318 | ---- | M] () -- H:\Users\Horst\Desktop\Curse Client.appref-ms
[2013.05.17 20:23:15 | 000,000,000 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2013.05.17 20:20:54 | 000,000,213 | ---- | M] () -- H:\Users\Horst\Desktop\Dota 2.url
[2013.05.17 19:13:26 | 013,011,504 | ---- | M] (Blizzard Entertainment) -- H:\Users\Horst\Desktop\Wow.exe
[2013.05.17 19:10:30 | 000,000,775 | ---- | M] () -- H:\Users\Public\Desktop\World of Warcraft.lnk
[2013.05.17 17:04:24 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- H:\Windows\System32\FlashPlayerApp.exe
[2013.05.17 17:04:24 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- H:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.17 16:12:31 | 000,001,964 | ---- | M] () -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.05.17 15:43:40 | 000,000,835 | ---- | M] () -- H:\Users\Public\Desktop\Steam.lnk
[2013.05.05 11:38:38 | 000,001,725 | ---- | M] () -- H:\Users\Public\Desktop\Start BlueStacks.lnk
[2013.05.02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\MpSigStub.exe
[2013.04.24 21:27:33 | 001,441,280 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\inetcpl.cpl
[2013.04.24 21:27:33 | 001,400,416 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dat
[2013.04.24 21:27:33 | 000,745,472 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\MsSpellCheckingFacility.exe
[2013.04.24 21:27:33 | 000,719,360 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\mshtmlmedia.dll
[2013.04.24 21:27:33 | 000,629,248 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dll
[2013.04.24 21:27:33 | 000,361,984 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\html.iec
[2013.04.24 21:27:33 | 000,357,888 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\dxtmsft.dll
[2013.04.24 21:27:33 | 000,242,200 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\iedkcs32.dll
[2013.04.24 21:27:33 | 000,232,960 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\url.dll
[2013.04.24 21:27:33 | 000,226,816 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\dxtrans.dll
[2013.04.24 21:27:33 | 000,185,344 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\elshyph.dll
[2013.04.24 21:27:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msrating.dll
[2013.04.24 21:27:33 | 000,158,720 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msls31.dll
[2013.04.24 21:27:33 | 000,150,528 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\iexpress.exe
[2013.04.24 21:27:33 | 000,138,752 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\wextract.exe
[2013.04.24 21:27:33 | 000,137,216 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\ieUnatt.exe
[2013.04.24 21:27:33 | 000,117,248 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\iepeers.dll
[2013.04.24 21:27:33 | 000,110,592 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\IEAdvpack.dll
[2013.04.24 21:27:33 | 000,082,432 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\inseng.dll
[2013.04.24 21:27:33 | 000,073,728 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\SetIEInstalledDate.exe
[2013.04.24 21:27:33 | 000,057,344 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\pngfilt.dll
[2013.04.24 21:27:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\mshtmler.dll
[2013.04.24 21:27:33 | 000,041,984 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msfeedsbs.dll
[2013.04.24 21:27:33 | 000,038,400 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\imgutil.dll
[2013.04.24 21:27:33 | 000,025,185 | ---- | M] () -- H:\Windows\System32\ieuinit.inf
[2013.04.24 21:27:33 | 000,023,040 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\licmgr10.dll
[2013.04.24 21:27:33 | 000,011,776 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msfeedssync.exe
[2013.04.24 21:27:09 | 000,049,152 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\taskhost.exe
[2013.04.24 21:26:23 | 002,284,544 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msmpeg2vdec.dll
[2013.04.24 21:26:23 | 001,504,768 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d11.dll
[2013.04.24 21:26:23 | 001,247,744 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\DWrite.dll
[2013.04.24 21:26:23 | 001,158,144 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\XpsPrint.dll
[2013.04.24 21:26:23 | 001,080,832 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10.dll
[2013.04.24 21:26:23 | 000,417,792 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\WMPhoto.dll
[2013.04.24 21:26:23 | 000,364,544 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\XpsGdiConverter.dll
[2013.04.24 21:26:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10core.dll
[2013.04.24 21:26:23 | 000,207,872 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\WindowsCodecsExt.dll
[2013.04.24 21:26:23 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.24 21:26:22 | 003,419,136 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d2d1.dll
[2013.04.24 21:26:22 | 001,988,096 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10warp.dll
[2013.04.24 21:26:22 | 000,604,160 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10level9.dll
[2013.04.24 21:26:22 | 000,293,376 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\dxgi.dll
[2013.04.24 21:26:22 | 000,249,856 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1core.dll
[2013.04.24 21:26:22 | 000,187,392 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\UIAnimation.dll
[2013.04.24 21:26:22 | 000,161,792 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1.dll
[2013.04.24 15:34:36 | 000,001,163 | ---- | M] () -- H:\Users\Public\Desktop\Internet Manager.lnk
[2013.04.24 15:33:03 | 001,108,320 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\wdfcoinstaller01007.dll
[2013.04.24 15:33:03 | 001,108,320 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2013.04.24 15:33:03 | 000,861,696 | ---- | M] (DiBcom SA) -- H:\Windows\System32\drivers\mod7700.sys
[2013.04.24 15:33:03 | 000,353,280 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbwwan.sys
[2013.04.24 15:33:03 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbmdm.sys
[2013.04.24 15:33:03 | 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juwwanecm.sys
[2013.04.24 15:33:03 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwusbdev.sys
[2013.04.24 15:33:03 | 000,090,112 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcacm.sys
[2013.04.24 15:33:03 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jubusenum.sys
[2013.04.24 15:33:03 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcecm.sys
[2013.04.24 15:33:03 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juextctrl.sys
[2013.04.24 15:33:03 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- H:\Windows\System32\drivers\ewdcsc.sys
[2013.04.24 15:33:03 | 000,024,192 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\drivers\tcpipBM.sys
[2013.04.24 15:33:03 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwupgrade.sys
[2013.04.24 15:33:03 | 000,013,712 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\sporder.dll
[2013.04.24 15:33:03 | 000,013,184 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\drivers\BMLoad.sys
[2013.04.24 15:33:03 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_usbenumfilter.sys
[2013.04.24 15:33:02 | 000,724,608 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\bmutil.dll
[2013.04.24 15:33:02 | 000,480,384 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\bmnet.dll
[2013.04.24 15:33:02 | 000,308,352 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\bminstall.dll
[2013.04.24 15:32:57 | 000,132,224 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\bmdumpd.bin
 
========== Files Created - No Company Name ==========
 
[2013.05.23 17:54:03 | 000,079,360 | ---- | C] () -- H:\Windows\System32\ff_vfw.dll
[2013.05.23 17:53:34 | 000,000,804 | ---- | C] () -- H:\Users\Horst\Desktop\HDVidCodec.lnk
[2013.05.22 20:04:05 | 000,000,886 | ---- | C] () -- H:\Users\Horst\Desktop\Movie2KDownloader.lnk
[2013.05.17 20:42:07 | 000,000,318 | ---- | C] () -- H:\Users\Horst\Desktop\Curse Client.appref-ms
[2013.05.17 20:39:28 | 000,000,264 | ---- | C] () -- H:\Windows\tasks\PC Performer_DEFAULT.job
[2013.05.17 20:39:24 | 000,000,272 | ---- | C] () -- H:\Windows\tasks\PC Performer_UPDATES.job
[2013.05.17 20:23:15 | 000,000,000 | ---- | C] () -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2013.05.17 20:20:53 | 000,000,213 | ---- | C] () -- H:\Users\Horst\Desktop\Dota 2.url
[2013.05.17 19:10:25 | 000,000,775 | ---- | C] () -- H:\Users\Public\Desktop\World of Warcraft.lnk
[2013.05.17 15:43:40 | 000,000,835 | ---- | C] () -- H:\Users\Public\Desktop\Steam.lnk
[2013.05.05 11:38:38 | 000,001,725 | ---- | C] () -- H:\Users\Public\Desktop\Start BlueStacks.lnk
[2013.05.05 11:28:28 | 000,001,385 | ---- | C] () -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.04.24 21:35:34 | 000,000,003 | ---- | C] () -- H:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.04.24 21:35:01 | 000,000,003 | ---- | C] () -- H:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.04.24 21:27:33 | 000,025,185 | ---- | C] () -- H:\Windows\System32\ieuinit.inf
[2013.04.24 15:34:36 | 000,001,163 | ---- | C] () -- H:\Users\Public\Desktop\Internet Manager.lnk
[2012.07.15 11:07:27 | 000,007,597 | ---- | C] () -- H:\Users\Horst\AppData\Local\Resmon.ResmonCfg
[2011.11.15 12:22:15 | 000,640,512 | ---- | C] () -- H:\Windows\System32\wonauth.dll
[2011.09.29 14:29:27 | 000,000,806 | ---- | C] () -- H:\Windows\eReg.dat
[2011.08.28 03:00:40 | 000,166,912 | ---- | C] () -- H:\Windows\System32\APOMngr.DLL
[2011.08.28 03:00:40 | 000,073,728 | ---- | C] () -- H:\Windows\System32\CmdRtr.DLL
[2011.08.25 08:41:47 | 000,002,177 | ---- | C] () -- H:\Windows\P17EP.ini
[2011.08.25 08:41:47 | 000,001,578 | ---- | C] () -- H:\Windows\P17EPLS.ini
[2011.08.25 08:41:47 | 000,001,489 | ---- | C] () -- H:\Windows\P17EP51.ini
[2011.08.21 00:14:45 | 000,000,000 | ---- | C] () -- H:\Windows\ativpsrm.bin
 
========== ZeroAccess Check ==========
 
[2013.05.17 20:39:52 | 000,000,227 | RHS- | M] () -- H:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.05.17 14:32:20 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\3DataManager
[2013.05.22 20:05:39 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\BabSolution
[2012.07.01 12:46:40 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Babylon
[2013.05.17 22:06:39 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Curse Advertising
[2013.05.22 20:05:31 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Delta
[2013.05.17 20:39:07 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\PerformerSoft
[2013.05.17 20:39:24 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Softonic
[2012.05.09 10:27:28 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\T-Mobile
[2012.05.11 18:25:57 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\TS3Client
[2013.05.22 20:05:08 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Yontoo
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< :OTL >
[2009.07.14 06:53:46 | 000,032,640 | ---- | C] () -- H:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- H:\Windows\Tasks\SA.DAT
[2011.08.21 01:07:27 | 000,001,092 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.08.21 01:07:28 | 000,001,096 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.08.25 10:18:36 | 000,001,068 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2011.08.25 10:18:37 | 000,001,120 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2011.11.27 13:16:06 | 000,000,332 | ---- | C] () -- H:\Windows\Tasks\RegistryBooster.job
[2012.03.04 15:43:21 | 000,000,906 | ---- | C] () -- H:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2012.03.04 15:43:22 | 000,000,928 | ---- | C] () -- H:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2012.05.20 12:59:06 | 000,000,884 | ---- | C] () -- H:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.05.17 20:39:24 | 000,000,272 | ---- | C] () -- H:\Windows\Tasks\PC Performer_UPDATES.job
[2013.05.17 20:39:28 | 000,000,264 | ---- | C] () -- H:\Windows\Tasks\PC Performer_DEFAULT.job
 
< O20 - AppInit_DLLs: (H:\PROGRA~3\Wincert\WIN32C~1.DLL) - H:\ProgramData\Wincert\win32cert.dll () >
 
< O20 - AppInit_DLLs: (H:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll () >
 
< O20 - AppInit_DLLs: (h:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - h:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll >
 
< () >
 
< O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell\AutoRun\command - "" = M:\Autorun.exe >
 
< O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1 >
 
< O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1 >
 
< O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1 >
 
< O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1 >
 
< O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1 >
 
< O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell\AutoRun\command - "" = O:\AutoRun.exe >
 
< O33 - MountPoints2\M\Shell - "" = AutoRun >
 
< O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\N\Shell - "" = AutoRun >
 
< O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\AutoRun.exe >
 
< O36 - AppCertDlls: x86 - (H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll >
 
< () >
 
<  >
 
< :files >
 
< H:\ProgramData\Wincert >
 
< H:\Program Files\Search Results Toolbar >
 
< h:\ProgramData\BrowserProtect >
 
< :Commands >
 
< [emptytemp] >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 129 bytes -> H:\ProgramData\TEMP:05EE1EEF

< End of report >
         
--- --- ---

Alt 23.05.2013, 18:28   #8
Kungen686
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



ja wird nun in Zukunft e besonders acht drauf geben was ich downloade.
danke für deine hilfeOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.05.2013 19:18:00 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = L:\
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,87 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 38,93% Memory free
5,75 Gb Paging File | 3,74 Gb Available in Paging File | 65,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = H: | %SystemRoot% = H:\Windows | %ProgramFiles% = H:\Program Files
Drive H: | 78,13 Gb Total Space | 6,68 Gb Free Space | 8,55% Space Free | Partition Type: NTFS
Drive I: | 97,65 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: NTFS
Drive J: | 94,66 Gb Total Space | 94,37 Gb Free Space | 99,70% Space Free | Partition Type: NTFS
Drive K: | 97,65 Gb Total Space | 76,40 Gb Free Space | 78,23% Space Free | Partition Type: NTFS
Drive L: | 97,65 Gb Total Space | 17,19 Gb Free Space | 17,61% Space Free | Partition Type: NTFS
 
Computer Name: HORST-PC | User Name: Horst | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - L:\OTL (2).exe (OldTimer Tools)
PRC - H:\Users\Horst\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
PRC - H:\Program Files\Yontoo Layers Runtime\Y2Desktop.Updater.exe (Microsoft)
PRC - H:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe (Adobe Systems Incorporated)
PRC - H:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - H:\Program Files\Search Results Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.)
PRC - H:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.)
PRC - H:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - H:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
PRC - H:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - H:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
PRC - H:\Program Files\BlueStacks\HD-SharedFolder.exe (BlueStack Systems)
PRC - H:\Program Files\BlueStacks\HD-BlockDevice.exe (BlueStack Systems)
PRC - H:\Program Files\BlueStacks\HD-Network.exe (BlueStack Systems)
PRC - H:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
PRC - H:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - H:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - H:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - H:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - H:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - H:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - H:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - H:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
PRC - H:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
PRC - H:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe (Razer USA Ltd)
PRC - H:\Program Files\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)
PRC - H:\Windows\explorer.exe (Microsoft Corporation)
PRC - H:\ProgramData\DatacardService\HWDeviceService.exe ()
PRC - H:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - H:\Windows\System32\atieclxx.exe (AMD)
PRC - H:\Windows\System32\atiesrxx.exe (AMD)
PRC - H:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Modules (No Company Name) ==========
 
MOD - H:\Users\Horst\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\814a45188ec5fe4b0ab709168cf4f81b\HD-Agent.ni.exe ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll ()
MOD - H:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\c94d8eba16a1c51a1cf7d7ac7f330843\JSON.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8bb2120d5a48b10e27fe82ad5d3fb982\System.Web.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - H:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - H:\ProgramData\Wincert\win32prop.dll ()
MOD - H:\ProgramData\Wincert\win32cert.dll ()
MOD - H:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
MOD - h:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - H:\Program Files\WinRAR\RarExt.dll ()
MOD - H:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - H:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - H:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - H:\Windows\System32\APOMngr.DLL ()
MOD - H:\Windows\System32\CmdRtr.DLL ()
 
 
========== Services (SafeList) ==========
 
SRV - (ZuneWlanCfgSvc) -- H:\Program Files\Zune\ZuneWlanCfgSvc.exe File not found
SRV - (ZuneNetworkSvc) -- H:\Program Files\Zune\ZuneNss.exe File not found
SRV - (Yontoo Desktop Updater) -- H:\Program Files\Yontoo Layers Runtime\Y2Desktop.Updater.exe H:\Users\Horst\AppData\Roaming\Yontoo\YontooDesktop.exe File not found
SRV - (WMZuneComm) -- H:\Program Files\Zune\WMZuneComm.exe File not found
SRV - (wlcrasvc) -- H:\Program Files\Windows Live\Mesh\wlcrasvc.exe File not found
SRV - (gusvc) -- H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe File not found
SRV - (gupdatem) -- H:\Program Files\Google\Update\GoogleUpdate.exe /medsvc File not found
SRV - (gupdate) -- H:\Program Files\Google\Update\GoogleUpdate.exe /svc File not found
SRV - (fsssvc) -- H:\Program Files\Windows Live\Family Safety\fsssvc.exe File not found
SRV - (Creative Audio Engine Licensing Service) -- H:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- H:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- H:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (DatamngrCoordinator) -- H:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.)
SRV - (Steam Client Service) -- H:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (BstHdLogRotatorSvc) -- H:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- H:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (BrowserProtect) -- H:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
SRV - (nvUpdatusService) -- H:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- H:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (McComponentHostService) -- H:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- H:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance) -- H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (WatAdminSvc) -- H:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (HWDeviceService.exe) -- H:\ProgramData\DatacardService\HWDeviceService.exe ()
SRV - (AMD External Events Utility) -- H:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SensrSvc) -- H:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- H:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CTAudSvcService) -- H:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found
DRV - (hwusbdev) -- system32\DRIVERS\ewusbdev.sys File not found
DRV - (ewusbnet) -- system32\DRIVERS\ewusbnet.sys File not found
DRV - (hwdatacard) -- H:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_wwanecm) -- H:\Windows\System32\drivers\ew_juwwanecm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- H:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_cdcacm) -- H:\Windows\System32\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_enumerator) -- H:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_ext_ctrl) -- H:\Windows\System32\drivers\ew_juextctrl.sys (Huawei Technologies Co., Ltd.)
DRV - (tcpipBM) -- H:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (BMLoad) -- H:\Windows\System32\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV - (ew_usbenumfilter) -- H:\Windows\System32\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)
DRV - (BstHdDrv) -- H:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems)
DRV - (nvlddmkm) -- H:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (FTSER2K) -- H:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- H:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (EuMusDesignVirtualAudioCableWdm) -- H:\Windows\System32\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
DRV - (RzSynapse) -- H:\Windows\System32\drivers\RzSynapse.sys (Razer USA Ltd)
DRV - (TsUsbFlt) -- H:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (winusb) -- H:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- H:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (P17) -- H:\Windows\System32\drivers\P17.sys (Creative Technology Ltd.)
DRV - (atikmdag) -- H:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (Atc002) -- H:\Windows\System32\drivers\l260x86.sys (Atheros Communications, Inc.)
DRV - (MTsensor) -- H:\Windows\System32\drivers\ASACPI.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - SOFTWARE\Classes\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=559&systemid=406&apn_uid=5476213633344063&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={17FB94E8-CC2A-4A08-A089-1D5E0C4B1E2A}
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120120083518926&tb_oid=20-01-2012&tb_mrud=20-01-2012
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?affID=119781&tt=gc_&babsrc=HP_ss&mntrId=E4E6001D60DB6421
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = L:\
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchnu.com/406?appid=559
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 18 D4 D4 09 29 A1 CC 01  [binary data]
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - SOFTWARE\Classes\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{04C780E6-C682-4F97-B151-6932DBDE79AC}: "URL" = hxxp://search.softonic.com/MOY00006/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=00000000000000000000001d60db6421&r=397
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119781&tt=gc_&babsrc=SP_ss&mntrId=E4E6001D60DB6421
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{4CC30D01-69C8-4993-8BE2-EEDD8904D876}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deAT445
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://www.bigseekpro.com/search/browser/hypercam/{8008C83A-FEF9-43BE-85A8-6FFE0A4425DB}?q={searchTerms}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=559&systemid=406&apn_uid=5476213633344063&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={17FB94E8-CC2A-4A08-A089-1D5E0C4B1E2A}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120120083518926&tb_oid=20-01-2012&tb_mrud=20-01-2012
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = L:\
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/hypercam/{8008C83A-FEF9-43BE-85A8-6FFE0A4425DB}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 BB 9D 23 8C 5F CC 01  [binary data]
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - SOFTWARE\Classes\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32 File not found
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100489&mntrId=00000000000000000000582c80139263
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{4CC30D01-69C8-4993-8BE2-EEDD8904D876}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_de
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://www.bigseekpro.com/search/browser/hypercam/{8008C83A-FEF9-43BE-85A8-6FFE0A4425DB}?q={searchTerms}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{C65F971D-0D1A-4667-BDA9-6AE58C9C805F}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}&barid={17FB94E8-CC2A-4A08-A089-1D5E0C4B1E2A}
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120120083518926&tb_oid=20-01-2012&tb_mrud=20-01-2012
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406?appid=559"
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.9.0.0
FF - prefs.js..extensions.enabledAddons: {C4A4F5A0-4B89-4392-AFAC-D58010E349AF}:5.0.0.7254
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=559&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=5476213633344063&o=APN10645&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://search.bearshare.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: H:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: H:\Program Files\Java\jre7\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: H:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: H:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: H:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: H:\Users\Horst\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Users\Horst\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Users\Horst\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2012.06.30 21:50:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2012.06.30 21:50:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins
 
[2012.05.09 18:39:48 | 000,000,000 | ---D | M] (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Extensions
[2013.05.23 17:53:47 | 000,000,000 | ---D | M] (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions
[2013.05.22 20:10:57 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}
[2013.05.22 20:10:52 | 000,000,000 | ---D | M] (New Tab) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}
[2013.05.22 20:05:32 | 000,000,000 | ---D | M] (Delta Toolbar) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\ffxtlbr@delta.com
[2013.05.22 20:04:56 | 000,000,000 | ---D | M] (Yontoo) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\plugin@yontoo.com
[2012.07.31 13:59:18 | 000,221,380 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\gophoto@gophoto.it.xpi
[2013.04.17 15:50:46 | 000,201,930 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\hdvc@hdvc.com.xpi
[2013.04.08 19:11:52 | 000,199,379 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\m2k@m2kdownloader.com.xpi
[2013.04.24 15:55:52 | 000,190,000 | ---- | M] () (No name found) -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2013.05.22 20:05:19 | 000,006,505 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\babylon.xml
[2013.05.22 20:05:34 | 000,001,294 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\delta.xml
[2013.05.22 20:10:52 | 000,002,646 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\Search_Results.xml
[2013.05.17 20:40:31 | 000,001,434 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\softonic.xml
[2012.07.01 13:47:14 | 000,004,117 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Mozilla\Firefox\Profiles\xykkrd78.default\searchplugins\sweetim.xml
[2012.05.09 18:39:30 | 000,000,000 | ---D | M] (No name found) -- H:\Program Files\Mozilla Firefox\extensions
[2012.06.30 21:50:26 | 000,085,472 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.30 21:50:24 | 000,001,392 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.01 12:46:51 | 000,002,352 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.06.30 21:50:24 | 000,002,252 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.30 21:50:24 | 000,001,153 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.30 21:50:24 | 000,006,805 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.05.22 20:10:52 | 000,002,646 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012.06.30 21:50:24 | 000,001,178 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.30 21:50:24 | 000,001,105 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Search Results ()
CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=559&systemid=406&apn_uid=5476213633344063&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.searchnu.com/406?appid=559
CHR - Extension: Softonic Chrome Toolbar = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\
CHR - Extension: Delta Toolbar = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: iLivid New Tabs = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\jbajpeofkjjeiamcglnmldoboonfkiol\5.0.0.7254_0\
CHR - Extension: HDvid Codec = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\kpkbnefaikfaeadgidhpoanckoiaheli\2.0_0\
CHR - Extension: M2k Downloader = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\lbbbdmbjkgojacipgefbifkiebpcdjhn\1.0_0\
CHR - Extension: Yontoo = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\
CHR - Extension: GoPhoto.it = H:\Users\Horst\AppData\Local\Google\Chrome\User Data\Default\extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.4_0\
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - H:\Windows\System32\drivers\etc\hosts
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - H:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - H:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - H:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - H:\Program Files\Winload\prxtbWin0.dll File not found
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - H:\Program Files\BittorrentBar_DE\prxtbBitt.dll File not found
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - H:\Program Files\Windows Live\Companion\companioncore.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll File not found
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - H:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
O2 - BHO: (Wincore Mediabar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - H:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - H:\Program Files\Softonic\Softonic\1.8.19.3\bh\Softonic.dll (Softonic.com)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - H:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - H:\Program Files\Hyperionics DB Toolbar\tbcore3.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - H:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKLM\..\Toolbar: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - H:\Program Files\Hyperionics DB Toolbar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - H:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - H:\Program Files\Winload\prxtbWin0.dll File not found
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - H:\Program Files\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - H:\Program Files\BittorrentBar_DE\prxtbBitt.dll File not found
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - H:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - H:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll File not found
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - H:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - H:\Program Files\Winload\prxtbWin0.dll File not found
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - H:\Program Files\Winload\prxtbWin0.dll File not found
O4 - HKLM..\Run: [APSDaemon] H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BlueStacks Agent] H:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [DATAMNGR] H:\Program Files\Search Results Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.)
O4 - HKLM..\Run: [P17RunE] H:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [QuickTime Plugin Install] H:\Program Files\QuickTime\Plugins\DeleteMe1.exe ()
O4 - HKLM..\Run: [Razer Anansi Driver] H:\Program Files\Razer\Anansi\RazerAnansiSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [Razer Naga Driver] H:\Program Files\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [SweetIM] H:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] H:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Zune Launcher] H:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [EADM] "H:\Program Files\Origin\Origin.exe" -AutoStart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Facebook Update] "H:\Users\Horst\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [RegistryBooster] "H:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000  File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Spotify] "H:\Users\Horst\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Steam] H:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1000..\Run: [Yontoo Desktop] H:\Users\Horst\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [EADM] "H:\Program Files\Origin\Origin.exe" -AutoStart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [Facebook Update] "H:\Users\Horst\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [RegistryBooster] "H:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000  File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [Spotify] "H:\Users\Horst\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [CTAutoUpdate] "H:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe" /RunFromInstaller File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [FlashPlayerUpdate] H:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe -update plugin File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [InetReg] "H:\Program Files\Creative\Produktregistrierung\German\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6 File not found
O4 - HKU\S-1-5-21-4228084635-3980246230-1984058717-1001..\RunOnce: [mctadmin] H:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Google Sidewiki... - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Web-Suche - H:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra Button: @H:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - H:\Program Files\Windows Live\Companion\companioncore.dll File not found
O9 - Extra Button: @H:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll File not found
O9 - Extra 'Tools' menuitem : @H:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C0279CB-C7EC-4E56-812A-16CD781ABAB8}: NameServer = 213.162.69.170 213.162.69.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D966CB7E-CEDB-4CB0-AF5E-E011ABA4BB8F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - H:\Program Files\Windows Live\Mail\mailcomm.dll File not found
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - H:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll File not found
O20 - AppInit_DLLs: (H:\PROGRA~3\Wincert\WIN32C~1.DLL) - H:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (H:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll ()
O20 - AppInit_DLLs: (h:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - h:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - H:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\Windows\system32\userinit.exe) - H:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - H:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - H:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012.03.26 21:26:05 | 000,000,000 | ---D | M] - J:\Automatisch zu iTunes hinzufügen -- [ NTFS ]
O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell\AutoRun\command - "" = M:\Autorun.exe
O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun
O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell - "" = AutoRun
O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell\AutoRun\command - "" = O:\AutoRun.exe
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x86 - (H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.23 17:54:03 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013.05.23 17:54:03 | 000,000,000 | ---D | C] -- H:\Program Files\ffdshow
[2013.05.23 17:53:47 | 000,000,000 | ---D | C] -- H:\Program Files\Gophoto.it
[2013.05.23 17:53:34 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com
[2013.05.23 17:53:34 | 000,000,000 | ---D | C] -- H:\Program Files\hdvidcodec.com
[2013.05.22 20:11:06 | 000,000,000 | ---D | C] -- H:\ProgramData\Wincert
[2013.05.22 20:10:49 | 000,000,000 | ---D | C] -- H:\Program Files\Search Results Toolbar
[2013.05.22 20:10:49 | 000,000,000 | ---D | C] -- H:\ProgramData\Datamngr
[2013.05.22 20:09:51 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\iLivid
[2013.05.22 20:05:50 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013.05.22 20:05:46 | 000,000,000 | ---D | C] -- H:\ProgramData\BrowserProtect
[2013.05.22 20:05:38 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\BabSolution
[2013.05.22 20:05:32 | 000,000,000 | ---D | C] -- H:\Program Files\Delta
[2013.05.22 20:05:31 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Delta
[2013.05.22 20:04:55 | 000,000,000 | ---D | C] -- H:\Program Files\Yontoo Layers Runtime
[2013.05.22 20:04:55 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Yontoo
[2013.05.22 20:04:13 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\PutLockerDownloader
[2013.05.22 20:04:05 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
[2013.05.22 20:04:05 | 000,000,000 | ---D | C] -- H:\Program Files\Movie2KDownloader.com
[2013.05.21 15:36:33 | 000,000,000 | ---D | C] -- H:\Users\Horst\Desktop\addons
[2013.05.21 14:58:46 | 000,000,000 | ---D | C] -- H:\Users\Horst\Desktop\gramsch2
[2013.05.19 16:28:55 | 013,011,504 | ---- | C] (Blizzard Entertainment) -- H:\Users\Horst\Desktop\Wow.exe
[2013.05.18 12:35:26 | 000,074,072 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_5.dll
[2013.05.18 12:35:25 | 002,106,216 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_43.dll
[2013.05.18 12:35:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_43.dll
[2013.05.18 12:35:25 | 001,868,128 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dcsx_43.dll
[2013.05.18 12:35:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_6.dll
[2013.05.18 12:35:25 | 000,527,192 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_7.dll
[2013.05.18 12:35:25 | 000,470,880 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_43.dll
[2013.05.18 12:35:25 | 000,248,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx11_43.dll
[2013.05.18 12:35:25 | 000,239,960 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_7.dll
[2013.05.18 12:35:25 | 000,238,936 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_6.dll
[2013.05.18 12:35:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_4.dll
[2013.05.18 12:35:25 | 000,022,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_7.dll
[2013.05.18 12:35:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_5.dll
[2013.05.18 12:35:21 | 004,178,264 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_41.dll
[2013.05.18 12:35:21 | 000,517,448 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_4.dll
[2013.05.18 12:35:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_40.dll
[2013.05.18 12:35:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_40.dll
[2013.05.18 12:35:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_40.dll
[2013.05.18 12:35:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_4.dll
[2013.05.18 12:35:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_6.dll
[2013.05.18 12:35:19 | 001,493,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_39.dll
[2013.05.18 12:35:19 | 000,514,384 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_3.dll
[2013.05.18 12:35:19 | 000,509,448 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_2.dll
[2013.05.18 12:35:19 | 000,467,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_39.dll
[2013.05.18 12:35:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_2.dll
[2013.05.18 12:35:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_3.dll
[2013.05.18 12:35:19 | 000,070,992 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_2.dll
[2013.05.18 12:35:19 | 000,068,616 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_1.dll
[2013.05.18 12:35:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_5.dll
[2013.05.18 12:35:18 | 003,851,784 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_39.dll
[2013.05.18 12:35:18 | 000,507,400 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_1.dll
[2013.05.18 12:35:18 | 000,065,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAPOFX1_0.dll
[2013.05.18 12:35:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_38.dll
[2013.05.18 12:35:17 | 001,491,992 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_38.dll
[2013.05.18 12:35:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XAudio2_0.dll
[2013.05.18 12:35:17 | 000,467,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_38.dll
[2013.05.18 12:35:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_1.dll
[2013.05.18 12:35:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine3_0.dll
[2013.05.18 12:35:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_4.dll
[2013.05.18 12:35:16 | 003,786,760 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DX9_37.dll
[2013.05.18 12:35:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_37.dll
[2013.05.18 12:35:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_37.dll
[2013.05.18 12:35:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_36.dll
[2013.05.18 12:35:16 | 000,267,272 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_10.dll
[2013.05.18 12:35:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_3.dll
[2013.05.18 12:35:15 | 003,734,536 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_36.dll
[2013.05.18 12:35:15 | 003,727,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_35.dll
[2013.05.18 12:35:15 | 001,374,232 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_36.dll
[2013.05.18 12:35:15 | 001,358,192 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_35.dll
[2013.05.18 12:35:15 | 000,444,776 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_35.dll
[2013.05.18 12:35:15 | 000,267,112 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_9.dll
[2013.05.18 12:35:14 | 003,497,832 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_34.dll
[2013.05.18 12:35:14 | 001,124,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_34.dll
[2013.05.18 12:35:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\D3DCompiler_33.dll
[2013.05.18 12:35:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_34.dll
[2013.05.18 12:35:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10_33.dll
[2013.05.18 12:35:14 | 000,266,088 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_8.dll
[2013.05.18 12:35:14 | 000,261,480 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_7.dll
[2013.05.18 12:35:14 | 000,017,928 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\X3DAudio1_2.dll
[2013.05.18 12:35:13 | 003,495,784 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_33.dll
[2013.05.18 12:35:13 | 000,440,080 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx10.dll
[2013.05.18 12:35:13 | 000,255,848 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_6.dll
[2013.05.18 12:35:13 | 000,251,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_5.dll
[2013.05.18 12:35:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_4.dll
[2013.05.18 12:35:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\x3daudio1_1.dll
[2013.05.18 12:35:11 | 000,236,824 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_3.dll
[2013.05.18 12:35:11 | 000,230,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_2.dll
[2013.05.18 12:35:11 | 000,229,584 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_1.dll
[2013.05.18 12:35:11 | 000,062,744 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xinput1_2.dll
[2013.05.18 12:35:11 | 000,062,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xinput1_1.dll
[2013.05.18 12:35:06 | 002,388,176 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_30.dll
[2013.05.18 12:35:06 | 002,332,368 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_29.dll
[2013.05.18 12:35:06 | 002,323,664 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_28.dll
[2013.05.18 12:35:06 | 002,319,568 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_27.dll
[2013.05.18 12:35:06 | 000,230,096 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\xactengine2_0.dll
[2013.05.18 12:35:06 | 000,014,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\x3daudio1_0.dll
[2013.05.18 12:35:05 | 002,337,488 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_25.dll
[2013.05.18 12:35:05 | 002,297,552 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_26.dll
[2013.05.18 12:35:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3dx9_24.dll
[2013.05.18 03:08:02 | 002,706,432 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\mshtml.tlb
[2013.05.18 03:08:01 | 002,877,440 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\jscript9.dll
[2013.05.18 03:08:00 | 000,391,168 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieui.dll
[2013.05.18 03:08:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iesetup.dll
[2013.05.18 03:08:00 | 000,039,424 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\jsproxy.dll
[2013.05.18 03:07:59 | 000,493,056 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msfeeds.dll
[2013.05.18 03:07:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iesysprep.dll
[2013.05.18 03:07:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\RegisterIEPKEYs.exe
[2013.05.18 03:07:59 | 000,042,496 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ie4uinit.exe
[2013.05.18 03:07:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iernonce.dll
[2013.05.17 20:42:34 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Curse Advertising
[2013.05.17 20:42:07 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2013.05.17 20:40:02 | 000,000,000 | ---D | C] -- H:\Program Files\Softonic
[2013.05.17 20:39:24 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Softonic
[2013.05.17 20:39:07 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\PerformerSoft
[2013.05.17 20:39:07 | 000,000,000 | ---D | C] -- H:\ProgramData\IBUpdaterService
[2013.05.17 20:39:05 | 000,018,096 | ---- | C] (PerformerSoft LLC) -- H:\Windows\System32\roboot.exe
[2013.05.17 20:39:03 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
[2013.05.17 20:39:02 | 000,000,000 | ---D | C] -- H:\Program Files\PC Performer
[2013.05.17 20:29:58 | 000,000,000 | ---D | C] -- H:\Users\Horst\Documents\My Curse
[2013.05.17 20:20:54 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013.05.17 20:20:19 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\Deployment
[2013.05.17 19:23:37 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\ElevatedDiagnostics
[2013.05.17 19:10:25 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2013.05.17 16:12:31 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013.05.17 15:46:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wwanprotdim.dll
[2013.05.17 15:46:32 | 002,347,520 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\win32k.sys
[2013.05.17 15:46:22 | 000,218,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\dxgmms1.sys
[2013.05.17 15:46:15 | 001,796,096 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\authui.dll
[2013.05.17 15:46:15 | 000,101,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\consent.exe
[2013.05.17 15:43:45 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Local\PopCap Games
[2013.05.17 15:43:30 | 000,000,000 | ---D | C] -- H:\Program Files\Common Files\Steam
[2013.05.17 15:43:28 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.05.17 15:43:26 | 000,000,000 | ---D | C] -- H:\Program Files\Steam
[2013.05.05 12:20:00 | 000,000,000 | ---D | C] -- H:\Program Files\AGEIA Technologies
[2013.05.05 12:19:33 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
[2013.05.05 12:19:29 | 000,000,000 | ---D | C] -- H:\ProgramData\PopCap Games
[2013.05.05 12:19:29 | 000,000,000 | ---D | C] -- H:\Program Files\PopCap Games
[2013.05.05 12:16:59 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvoglv32.dll
[2013.05.05 12:16:59 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcompiler.dll
[2013.05.05 12:16:59 | 008,952,608 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\drivers\nvlddmkm.sys
[2013.05.05 12:16:59 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcuda.dll
[2013.05.05 12:16:59 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvopencl.dll
[2013.05.05 12:16:59 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcuvid.dll
[2013.05.05 12:16:59 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvcuvenc.dll
[2013.05.05 12:16:59 | 001,012,512 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvdispco3231422.dll
[2013.05.05 12:16:59 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- H:\Windows\System32\nvdispgenco3231422.dll
[2013.05.05 12:16:14 | 000,000,000 | ---D | C] -- H:\NVIDIA
[2013.05.05 11:43:13 | 003,913,560 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ntoskrnl.exe
[2013.05.05 11:43:12 | 003,968,856 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ntkrnlpa.exe
[2013.05.05 11:43:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\csrsrv.dll
[2013.05.05 11:42:59 | 000,131,584 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\aaclient.dll
[2013.05.05 11:42:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\tsgqec.dll
[2013.05.05 11:38:19 | 000,000,000 | ---D | C] -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2013.05.05 11:38:19 | 000,000,000 | ---D | C] -- H:\Program Files\BlueStacks
[2013.05.05 11:38:12 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\NVIDIA
[2013.05.05 11:37:58 | 000,000,000 | ---D | C] -- H:\ProgramData\BlueStacksSetup
[2013.05.05 11:37:58 | 000,000,000 | ---D | C] -- H:\ProgramData\BlueStacks
[2013.05.05 11:28:28 | 000,000,000 | ---D | C] -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.04.24 21:54:00 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- H:\Windows\System32\atmfd.dll
[2013.04.24 21:54:00 | 000,034,304 | ---- | C] (Adobe Systems) -- H:\Windows\System32\atmlib.dll
[2013.04.24 21:35:33 | 000,047,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\WdfLdr.sys
[2013.04.24 21:35:33 | 000,009,728 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Wdfres.dll
[2013.04.24 21:35:01 | 000,613,888 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WUDFx.dll
[2013.04.24 21:35:01 | 000,172,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WUDFPlatform.dll
[2013.04.24 21:35:01 | 000,038,912 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WUDFCoinstaller.dll
[2013.04.24 21:27:33 | 001,441,280 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\inetcpl.cpl
[2013.04.24 21:27:33 | 001,400,416 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dat
[2013.04.24 21:27:33 | 000,745,472 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\MsSpellCheckingFacility.exe
[2013.04.24 21:27:33 | 000,719,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\mshtmlmedia.dll
[2013.04.24 21:27:33 | 000,629,248 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dll
[2013.04.24 21:27:33 | 000,361,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\html.iec
[2013.04.24 21:27:33 | 000,357,888 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dxtmsft.dll
[2013.04.24 21:27:33 | 000,242,200 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iedkcs32.dll
[2013.04.24 21:27:33 | 000,232,960 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\url.dll
[2013.04.24 21:27:33 | 000,226,816 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dxtrans.dll
[2013.04.24 21:27:33 | 000,185,344 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\elshyph.dll
[2013.04.24 21:27:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msrating.dll
[2013.04.24 21:27:33 | 000,158,720 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msls31.dll
[2013.04.24 21:27:33 | 000,150,528 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iexpress.exe
[2013.04.24 21:27:33 | 000,138,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\wextract.exe
[2013.04.24 21:27:33 | 000,137,216 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ieUnatt.exe
[2013.04.24 21:27:33 | 000,117,248 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\iepeers.dll
[2013.04.24 21:27:33 | 000,110,592 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\IEAdvpack.dll
[2013.04.24 21:27:33 | 000,082,432 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\inseng.dll
[2013.04.24 21:27:33 | 000,073,728 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\SetIEInstalledDate.exe
[2013.04.24 21:27:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\pngfilt.dll
[2013.04.24 21:27:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\mshtmler.dll
[2013.04.24 21:27:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msfeedsbs.dll
[2013.04.24 21:27:33 | 000,038,400 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\imgutil.dll
[2013.04.24 21:27:33 | 000,023,040 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\licmgr10.dll
[2013.04.24 21:27:33 | 000,011,776 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msfeedssync.exe
[2013.04.24 21:27:09 | 000,049,152 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\taskhost.exe
[2013.04.24 21:26:23 | 002,284,544 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\msmpeg2vdec.dll
[2013.04.24 21:26:23 | 001,504,768 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d11.dll
[2013.04.24 21:26:23 | 001,247,744 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\DWrite.dll
[2013.04.24 21:26:23 | 001,158,144 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XpsPrint.dll
[2013.04.24 21:26:23 | 001,080,832 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10.dll
[2013.04.24 21:26:23 | 000,417,792 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WMPhoto.dll
[2013.04.24 21:26:23 | 000,364,544 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\XpsGdiConverter.dll
[2013.04.24 21:26:23 | 000,220,160 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10core.dll
[2013.04.24 21:26:23 | 000,207,872 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\WindowsCodecsExt.dll
[2013.04.24 21:26:23 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.24 21:26:22 | 003,419,136 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d2d1.dll
[2013.04.24 21:26:22 | 001,988,096 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10warp.dll
[2013.04.24 21:26:22 | 000,604,160 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10level9.dll
[2013.04.24 21:26:22 | 000,293,376 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dxgi.dll
[2013.04.24 21:26:22 | 000,249,856 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1core.dll
[2013.04.24 21:26:22 | 000,187,392 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\UIAnimation.dll
[2013.04.24 21:26:22 | 000,161,792 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1.dll
[2013.04.24 16:03:42 | 000,033,280 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\RNDISMP.sys
[2013.04.24 16:03:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\usb8023.sys
[2013.04.24 16:02:53 | 000,376,832 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dpnet.dll
[2013.04.24 16:02:09 | 000,245,760 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\OxpsConverter.exe
[2013.04.24 16:01:55 | 000,187,752 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\FWPKCLNT.SYS
[2013.04.24 16:01:50 | 000,240,496 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\drivers\netio.sys
[2013.04.24 16:01:50 | 000,175,104 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\netcorehc.dll
[2013.04.24 16:01:50 | 000,156,672 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ncsi.dll
[2013.04.24 16:01:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\netevent.dll
[2013.04.24 16:01:36 | 000,271,360 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\conhost.exe
[2013.04.24 16:01:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.04.24 16:01:35 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.04.24 16:01:35 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.04.24 16:01:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.04.24 16:01:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.04.24 16:01:22 | 000,400,896 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\srcore.dll
[2013.04.24 16:01:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\browcli.dll
[2013.04.24 16:00:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\gameux.dll
[2013.04.24 16:00:52 | 000,308,736 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\Wpc.dll
[2013.04.24 16:00:52 | 000,046,592 | ---- | C] (Microsoft) -- H:\Windows\System32\fpb.rs
[2013.04.24 16:00:52 | 000,045,568 | ---- | C] (Microsoft) -- H:\Windows\System32\oflc-nz.rs
[2013.04.24 16:00:52 | 000,044,544 | ---- | C] (Microsoft) -- H:\Windows\System32\pegibbfc.rs
[2013.04.24 16:00:52 | 000,043,520 | ---- | C] (Microsoft) -- H:\Windows\System32\csrr.rs
[2013.04.24 16:00:52 | 000,040,960 | ---- | C] (Microsoft) -- H:\Windows\System32\cob-au.rs
[2013.04.24 16:00:52 | 000,030,720 | ---- | C] (Microsoft) -- H:\Windows\System32\usk.rs
[2013.04.24 16:00:52 | 000,021,504 | ---- | C] (Microsoft) -- H:\Windows\System32\grb.rs
[2013.04.24 16:00:52 | 000,020,480 | ---- | C] (Microsoft) -- H:\Windows\System32\pegi-pt.rs
[2013.04.24 16:00:52 | 000,020,480 | ---- | C] (Microsoft) -- H:\Windows\System32\pegi.rs
[2013.04.24 16:00:52 | 000,015,360 | ---- | C] (Microsoft) -- H:\Windows\System32\djctq.rs
[2013.04.24 16:00:51 | 000,055,296 | ---- | C] (Microsoft) -- H:\Windows\System32\cero.rs
[2013.04.24 16:00:51 | 000,051,712 | ---- | C] (Microsoft) -- H:\Windows\System32\esrb.rs
[2013.04.24 16:00:51 | 000,023,552 | ---- | C] (Microsoft) -- H:\Windows\System32\oflc.rs
[2013.04.24 16:00:51 | 000,020,480 | ---- | C] (Microsoft) -- H:\Windows\System32\pegi-fi.rs
[2013.04.24 16:00:37 | 000,078,336 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\synceng.dll
[2013.04.24 16:00:35 | 000,220,160 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\ncrypt.dll
[2013.04.24 16:00:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\tzres.dll
[2013.04.24 15:59:14 | 000,193,536 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dhcpcore6.dll
[2013.04.24 15:59:14 | 000,044,032 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\dhcpcsvc6.dll
[2013.04.24 15:58:54 | 000,169,984 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\winsrv.dll
[2013.04.24 15:33:46 | 000,861,696 | ---- | C] (DiBcom SA) -- H:\Windows\System32\drivers\mod7700.sys
[2013.04.24 15:33:46 | 000,353,280 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbwwan.sys
[2013.04.24 15:33:46 | 000,193,792 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbmdm.sys
[2013.04.24 15:33:46 | 000,181,760 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juwwanecm.sys
[2013.04.24 15:33:46 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwusbdev.sys
[2013.04.24 15:33:46 | 000,090,112 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcacm.sys
[2013.04.24 15:33:46 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jubusenum.sys
[2013.04.24 15:33:46 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcecm.sys
[2013.04.24 15:33:46 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juextctrl.sys
[2013.04.24 15:33:46 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- H:\Windows\System32\drivers\ewdcsc.sys
[2013.04.24 15:33:46 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwupgrade.sys
[2013.04.24 15:33:46 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_usbenumfilter.sys
[2013.04.24 15:33:19 | 000,724,608 | ---- | C] (Microsoft Corporation) -- H:\Windows\System32\bmutil.dll
[2013.04.24 15:33:19 | 000,480,384 | ---- | C] (Bytemobile, Inc.) -- H:\Windows\System32\bmnet.dll
[2013.04.24 15:33:19 | 000,308,352 | ---- | C] (Bytemobile, Inc.) -- H:\Windows\System32\bminstall.dll
[2013.04.24 15:33:19 | 000,132,224 | ---- | C] (Bytemobile, Inc.) -- H:\Windows\System32\bmdumpd.bin
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.23 19:11:00 | 000,001,096 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.23 19:04:04 | 000,000,884 | ---- | M] () -- H:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.23 18:26:00 | 000,001,120 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2013.05.23 17:53:34 | 000,000,804 | ---- | M] () -- H:\Users\Horst\Desktop\HDVidCodec.lnk
[2013.05.23 17:48:00 | 000,000,928 | ---- | M] () -- H:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2013.05.23 17:04:04 | 000,021,888 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.23 17:04:04 | 000,021,888 | -H-- | M] () -- H:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.23 16:57:34 | 000,000,332 | ---- | M] () -- H:\Windows\tasks\RegistryBooster.job
[2013.05.23 16:57:13 | 000,001,092 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.23 16:56:36 | 000,067,584 | --S- | M] () -- H:\Windows\bootstat.dat
[2013.05.23 16:56:32 | 2314,657,792 | -HS- | M] () -- H:\hiberfil.sys
[2013.05.22 20:04:05 | 000,000,886 | ---- | M] () -- H:\Users\Horst\Desktop\Movie2KDownloader.lnk
[2013.05.21 15:02:13 | 000,000,264 | ---- | M] () -- H:\Windows\tasks\PC Performer_DEFAULT.job
[2013.05.21 14:48:00 | 000,000,906 | ---- | M] () -- H:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2013.05.20 21:26:01 | 000,001,068 | ---- | M] () -- H:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2013.05.19 12:19:53 | 004,852,004 | ---- | M] () -- H:\Windows\System32\perfh007.dat
[2013.05.19 12:19:53 | 001,840,076 | ---- | M] () -- H:\Windows\System32\perfh009.dat
[2013.05.19 12:19:53 | 001,430,940 | ---- | M] () -- H:\Windows\System32\perfc007.dat
[2013.05.19 12:19:53 | 001,274,968 | ---- | M] () -- H:\Windows\System32\perfc009.dat
[2013.05.18 03:27:00 | 000,269,712 | ---- | M] () -- H:\Windows\System32\FNTCACHE.DAT
[2013.05.18 03:26:46 | 000,000,272 | ---- | M] () -- H:\Windows\tasks\PC Performer_UPDATES.job
[2013.05.17 20:42:07 | 000,000,318 | ---- | M] () -- H:\Users\Horst\Desktop\Curse Client.appref-ms
[2013.05.17 20:23:15 | 000,000,000 | ---- | M] () -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2013.05.17 20:20:54 | 000,000,213 | ---- | M] () -- H:\Users\Horst\Desktop\Dota 2.url
[2013.05.17 19:13:26 | 013,011,504 | ---- | M] (Blizzard Entertainment) -- H:\Users\Horst\Desktop\Wow.exe
[2013.05.17 19:10:30 | 000,000,775 | ---- | M] () -- H:\Users\Public\Desktop\World of Warcraft.lnk
[2013.05.17 17:04:24 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- H:\Windows\System32\FlashPlayerApp.exe
[2013.05.17 17:04:24 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- H:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.17 16:12:31 | 000,001,964 | ---- | M] () -- H:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.05.17 15:43:40 | 000,000,835 | ---- | M] () -- H:\Users\Public\Desktop\Steam.lnk
[2013.05.05 11:38:38 | 000,001,725 | ---- | M] () -- H:\Users\Public\Desktop\Start BlueStacks.lnk
[2013.05.02 02:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\MpSigStub.exe
[2013.04.24 21:27:33 | 001,441,280 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\inetcpl.cpl
[2013.04.24 21:27:33 | 001,400,416 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dat
[2013.04.24 21:27:33 | 000,745,472 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\MsSpellCheckingFacility.exe
[2013.04.24 21:27:33 | 000,719,360 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\mshtmlmedia.dll
[2013.04.24 21:27:33 | 000,629,248 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\ieapfltr.dll
[2013.04.24 21:27:33 | 000,361,984 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\html.iec
[2013.04.24 21:27:33 | 000,357,888 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\dxtmsft.dll
[2013.04.24 21:27:33 | 000,242,200 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\iedkcs32.dll
[2013.04.24 21:27:33 | 000,232,960 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\url.dll
[2013.04.24 21:27:33 | 000,226,816 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\dxtrans.dll
[2013.04.24 21:27:33 | 000,185,344 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\elshyph.dll
[2013.04.24 21:27:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msrating.dll
[2013.04.24 21:27:33 | 000,158,720 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msls31.dll
[2013.04.24 21:27:33 | 000,150,528 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\iexpress.exe
[2013.04.24 21:27:33 | 000,138,752 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\wextract.exe
[2013.04.24 21:27:33 | 000,137,216 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\ieUnatt.exe
[2013.04.24 21:27:33 | 000,117,248 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\iepeers.dll
[2013.04.24 21:27:33 | 000,110,592 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\IEAdvpack.dll
[2013.04.24 21:27:33 | 000,082,432 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\inseng.dll
[2013.04.24 21:27:33 | 000,073,728 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\SetIEInstalledDate.exe
[2013.04.24 21:27:33 | 000,057,344 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\pngfilt.dll
[2013.04.24 21:27:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\mshtmler.dll
[2013.04.24 21:27:33 | 000,041,984 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msfeedsbs.dll
[2013.04.24 21:27:33 | 000,038,400 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\imgutil.dll
[2013.04.24 21:27:33 | 000,025,185 | ---- | M] () -- H:\Windows\System32\ieuinit.inf
[2013.04.24 21:27:33 | 000,023,040 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\licmgr10.dll
[2013.04.24 21:27:33 | 000,011,776 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msfeedssync.exe
[2013.04.24 21:27:09 | 000,049,152 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\taskhost.exe
[2013.04.24 21:26:23 | 002,284,544 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\msmpeg2vdec.dll
[2013.04.24 21:26:23 | 001,504,768 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d11.dll
[2013.04.24 21:26:23 | 001,247,744 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\DWrite.dll
[2013.04.24 21:26:23 | 001,158,144 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\XpsPrint.dll
[2013.04.24 21:26:23 | 001,080,832 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10.dll
[2013.04.24 21:26:23 | 000,417,792 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\WMPhoto.dll
[2013.04.24 21:26:23 | 000,364,544 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\XpsGdiConverter.dll
[2013.04.24 21:26:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10core.dll
[2013.04.24 21:26:23 | 000,207,872 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\WindowsCodecsExt.dll
[2013.04.24 21:26:23 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.04.24 21:26:23 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013.04.24 21:26:23 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.04.24 21:26:23 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- H:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.04.24 21:26:22 | 003,419,136 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d2d1.dll
[2013.04.24 21:26:22 | 001,988,096 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10warp.dll
[2013.04.24 21:26:22 | 000,604,160 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10level9.dll
[2013.04.24 21:26:22 | 000,293,376 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\dxgi.dll
[2013.04.24 21:26:22 | 000,249,856 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1core.dll
[2013.04.24 21:26:22 | 000,187,392 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\UIAnimation.dll
[2013.04.24 21:26:22 | 000,161,792 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\d3d10_1.dll
[2013.04.24 15:34:36 | 000,001,163 | ---- | M] () -- H:\Users\Public\Desktop\Internet Manager.lnk
[2013.04.24 15:33:03 | 001,108,320 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\wdfcoinstaller01007.dll
[2013.04.24 15:33:03 | 001,108,320 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2013.04.24 15:33:03 | 000,861,696 | ---- | M] (DiBcom SA) -- H:\Windows\System32\drivers\mod7700.sys
[2013.04.24 15:33:03 | 000,353,280 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbwwan.sys
[2013.04.24 15:33:03 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ewusbmdm.sys
[2013.04.24 15:33:03 | 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juwwanecm.sys
[2013.04.24 15:33:03 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwusbdev.sys
[2013.04.24 15:33:03 | 000,090,112 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcacm.sys
[2013.04.24 15:33:03 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jubusenum.sys
[2013.04.24 15:33:03 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_jucdcecm.sys
[2013.04.24 15:33:03 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_juextctrl.sys
[2013.04.24 15:33:03 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- H:\Windows\System32\drivers\ewdcsc.sys
[2013.04.24 15:33:03 | 000,024,192 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\drivers\tcpipBM.sys
[2013.04.24 15:33:03 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_hwupgrade.sys
[2013.04.24 15:33:03 | 000,013,712 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\sporder.dll
[2013.04.24 15:33:03 | 000,013,184 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\drivers\BMLoad.sys
[2013.04.24 15:33:03 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- H:\Windows\System32\drivers\ew_usbenumfilter.sys
[2013.04.24 15:33:02 | 000,724,608 | ---- | M] (Microsoft Corporation) -- H:\Windows\System32\bmutil.dll
[2013.04.24 15:33:02 | 000,480,384 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\bmnet.dll
[2013.04.24 15:33:02 | 000,308,352 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\bminstall.dll
[2013.04.24 15:32:57 | 000,132,224 | ---- | M] (Bytemobile, Inc.) -- H:\Windows\System32\bmdumpd.bin
 
========== Files Created - No Company Name ==========
 
[2013.05.23 17:54:03 | 000,079,360 | ---- | C] () -- H:\Windows\System32\ff_vfw.dll
[2013.05.23 17:53:34 | 000,000,804 | ---- | C] () -- H:\Users\Horst\Desktop\HDVidCodec.lnk
[2013.05.22 20:04:05 | 000,000,886 | ---- | C] () -- H:\Users\Horst\Desktop\Movie2KDownloader.lnk
[2013.05.17 20:42:07 | 000,000,318 | ---- | C] () -- H:\Users\Horst\Desktop\Curse Client.appref-ms
[2013.05.17 20:39:28 | 000,000,264 | ---- | C] () -- H:\Windows\tasks\PC Performer_DEFAULT.job
[2013.05.17 20:39:24 | 000,000,272 | ---- | C] () -- H:\Windows\tasks\PC Performer_UPDATES.job
[2013.05.17 20:23:15 | 000,000,000 | ---- | C] () -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2013.05.17 20:20:53 | 000,000,213 | ---- | C] () -- H:\Users\Horst\Desktop\Dota 2.url
[2013.05.17 19:10:25 | 000,000,775 | ---- | C] () -- H:\Users\Public\Desktop\World of Warcraft.lnk
[2013.05.17 15:43:40 | 000,000,835 | ---- | C] () -- H:\Users\Public\Desktop\Steam.lnk
[2013.05.05 11:38:38 | 000,001,725 | ---- | C] () -- H:\Users\Public\Desktop\Start BlueStacks.lnk
[2013.05.05 11:28:28 | 000,001,385 | ---- | C] () -- H:\Users\Horst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.04.24 21:35:34 | 000,000,003 | ---- | C] () -- H:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.04.24 21:35:01 | 000,000,003 | ---- | C] () -- H:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.04.24 21:27:33 | 000,025,185 | ---- | C] () -- H:\Windows\System32\ieuinit.inf
[2013.04.24 15:34:36 | 000,001,163 | ---- | C] () -- H:\Users\Public\Desktop\Internet Manager.lnk
[2012.07.15 11:07:27 | 000,007,597 | ---- | C] () -- H:\Users\Horst\AppData\Local\Resmon.ResmonCfg
[2011.11.15 12:22:15 | 000,640,512 | ---- | C] () -- H:\Windows\System32\wonauth.dll
[2011.09.29 14:29:27 | 000,000,806 | ---- | C] () -- H:\Windows\eReg.dat
[2011.08.28 03:00:40 | 000,166,912 | ---- | C] () -- H:\Windows\System32\APOMngr.DLL
[2011.08.28 03:00:40 | 000,073,728 | ---- | C] () -- H:\Windows\System32\CmdRtr.DLL
[2011.08.25 08:41:47 | 000,002,177 | ---- | C] () -- H:\Windows\P17EP.ini
[2011.08.25 08:41:47 | 000,001,578 | ---- | C] () -- H:\Windows\P17EPLS.ini
[2011.08.25 08:41:47 | 000,001,489 | ---- | C] () -- H:\Windows\P17EP51.ini
[2011.08.21 00:14:45 | 000,000,000 | ---- | C] () -- H:\Windows\ativpsrm.bin
 
========== ZeroAccess Check ==========
 
[2013.05.17 20:39:52 | 000,000,227 | RHS- | M] () -- H:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.05.17 14:32:20 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\3DataManager
[2013.05.22 20:05:39 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\BabSolution
[2012.07.01 12:46:40 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Babylon
[2013.05.17 22:06:39 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Curse Advertising
[2013.05.22 20:05:31 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Delta
[2013.05.17 20:39:07 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\PerformerSoft
[2013.05.17 20:39:24 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Softonic
[2012.05.09 10:27:28 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\T-Mobile
[2012.05.11 18:25:57 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\TS3Client
[2013.05.22 20:05:08 | 000,000,000 | ---D | M] -- H:\Users\Horst\AppData\Roaming\Yontoo
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< :OTL >
[2009.07.14 06:53:46 | 000,032,640 | ---- | C] () -- H:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- H:\Windows\Tasks\SA.DAT
[2011.08.21 01:07:27 | 000,001,092 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.08.21 01:07:28 | 000,001,096 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.08.25 10:18:36 | 000,001,068 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2011.08.25 10:18:37 | 000,001,120 | ---- | C] () -- H:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2011.11.27 13:16:06 | 000,000,332 | ---- | C] () -- H:\Windows\Tasks\RegistryBooster.job
[2012.03.04 15:43:21 | 000,000,906 | ---- | C] () -- H:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000Core.job
[2012.03.04 15:43:22 | 000,000,928 | ---- | C] () -- H:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4228084635-3980246230-1984058717-1000UA.job
[2012.05.20 12:59:06 | 000,000,884 | ---- | C] () -- H:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.05.17 20:39:24 | 000,000,272 | ---- | C] () -- H:\Windows\Tasks\PC Performer_UPDATES.job
[2013.05.17 20:39:28 | 000,000,264 | ---- | C] () -- H:\Windows\Tasks\PC Performer_DEFAULT.job
 
< O20 - AppInit_DLLs: (H:\PROGRA~3\Wincert\WIN32C~1.DLL) - H:\ProgramData\Wincert\win32cert.dll () >
 
< O20 - AppInit_DLLs: (H:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll () >
 
< O20 - AppInit_DLLs: (h:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - h:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll >
 
< () >
 
< O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{0fd8f482-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{0fd8f668-a263-11e1-af79-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{10b49b01-0256-11e1-8d2e-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{1e741b35-026a-11e1-ac8b-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{1e741b87-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{1e741c03-026a-11e1-ac8b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{2ee3ce16-acdc-11e2-9e25-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{335db628-acdf-11e2-8d6b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{38ddda1b-d863-11e0-91b4-001d60db6421}\Shell\AutoRun\command - "" = M:\Autorun.exe >
 
< O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{4a39d60b-0257-11e1-b255-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{6691a3ef-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1 >
 
< O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{6691a3fd-cb7a-11e0-b1ba-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1 >
 
< O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{81287055-cd66-11e0-b514-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1 >
 
< O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{9cf2855c-b565-11e2-8cb4-806e6f6e6963}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{a4d3cbe9-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{a4d3cbf4-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1 >
 
< O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{a4d3cc0a-8947-11e1-8839-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{b89a39b1-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{b89a3a49-9b63-11e1-931b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{c0ce58e7-cee5-11e0-9200-001d60db6421}\Shell\AutoRun\command - "" = M:\.\Autorun.exe AUTORUN=1 >
 
< O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{c1d3f2ed-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{c1d3f314-9601-11e1-b02b-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{d148c5ae-baf3-11e1-95ec-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{d3c43a9f-1053-11e1-a876-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{da039341-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{da039394-99ae-11e1-a605-001d60db6421}\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell - "" = AutoRun >
 
< O33 - MountPoints2\{e2d50edc-ea7d-11e0-9e80-001e101f8ed0}\Shell\AutoRun\command - "" = O:\AutoRun.exe >
 
< O33 - MountPoints2\M\Shell - "" = AutoRun >
 
< O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\AutoRun.exe >
 
< O33 - MountPoints2\N\Shell - "" = AutoRun >
 
< O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\AutoRun.exe >
 
< O36 - AppCertDlls: x86 - (H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - H:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll >
 
< () >
 
<  >
 
< :files >
 
< H:\ProgramData\Wincert >
 
< H:\Program Files\Search Results Toolbar >
 
< h:\ProgramData\BrowserProtect >
 
< :Commands >
 
< [emptytemp] >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 129 bytes -> H:\ProgramData\TEMP:05EE1EEF

< End of report >
         
--- --- ---

Alt 23.05.2013, 18:30   #9
markusg
/// Malware-holic
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



du hast auf scan, nicht auf fix geklickt, bitte noch mal
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.05.2013, 18:51   #10
Kungen686
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



Mein pc startet sich danach neu und ivh find kein Textdokument aufm Desktop, umf das Programm muss ich für jeden durchlaug Neu starten, ist das richtig?

Alt 23.05.2013, 20:44   #11
markusg
/// Malware-holic
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



ja muss man jedesmal neu öffnen...
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 24.05.2013, 13:35   #12
Kungen686
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



Zitat:
Zitat von markusg Beitrag anzeigen
ja muss man jedesmal neu öffnen...
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

14:29:23.0403 5816 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:29:23.0684 5816 ============================================================
14:29:23.0684 5816 Current date / time: 2013/05/24 14:29:23.0684
14:29:23.0684 5816 SystemInfo:
14:29:23.0684 5816
14:29:23.0684 5816 OS Version: 6.1.7601 ServicePack: 1.0
14:29:23.0684 5816 Product type: Workstation
14:29:23.0684 5816 ComputerName: HORST-PC
14:29:23.0684 5816 UserName: Horst
14:29:23.0684 5816 Windows directory: H:\Windows
14:29:23.0684 5816 System windows directory: H:\Windows
14:29:23.0684 5816 Processor architecture: Intel x86
14:29:23.0684 5816 Number of processors: 2
14:29:23.0684 5816 Page size: 0x1000
14:29:23.0684 5816 Boot type: Normal boot
14:29:23.0684 5816 ============================================================
14:29:27.0852 5816 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:29:27.0907 5816 ============================================================
14:29:27.0907 5816 \Device\Harddisk0\DR0:
14:29:27.0910 5816 MBR partitions:
14:29:27.0910 5816 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C41AD8
14:29:27.0927 5816 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C41B56, BlocksNum 0xC34F28D
14:29:27.0942 5816 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x15F91000, BlocksNum 0xC34E000
14:29:28.0000 5816 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x222E00EE, BlocksNum 0xC34F28D
14:29:28.0050 5816 \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x2E62F800, BlocksNum 0xBD51000
14:29:28.0050 5816 ============================================================
14:29:28.0192 5816 H: <-> \Device\Harddisk0\DR0\Partition1
14:29:28.0270 5816 I: <-> \Device\Harddisk0\DR0\Partition2
14:29:28.0457 5816 K: <-> \Device\Harddisk0\DR0\Partition4
14:29:28.0645 5816 J: <-> \Device\Harddisk0\DR0\Partition5
14:29:28.0863 5816 L: <-> \Device\Harddisk0\DR0\Partition3
14:29:28.0863 5816 ============================================================
14:29:28.0863 5816 Initialize success
14:29:28.0863 5816 ============================================================
14:31:14.0623 2672 ============================================================
14:31:14.0639 2672 Scan started
14:31:14.0639 2672 Mode: Manual; SigCheck; TDLFS;
14:31:14.0639 2672 ============================================================
14:31:15.0575 2672 ================ Scan system memory ========================
14:31:15.0575 2672 System memory - ok
14:31:15.0575 2672 ================ Scan services =============================
14:31:15.0731 2672 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci H:\Windows\system32\drivers\1394ohci.sys
14:31:15.0840 2672 1394ohci - ok
14:31:15.0871 2672 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI H:\Windows\system32\drivers\ACPI.sys
14:31:15.0887 2672 ACPI - ok
14:31:15.0902 2672 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi H:\Windows\system32\drivers\acpipmi.sys
14:31:15.0934 2672 AcpiPmi - ok
14:31:16.0027 2672 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice H:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:31:16.0043 2672 AdobeARMservice - ok
14:31:16.0121 2672 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc H:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:31:16.0152 2672 AdobeFlashPlayerUpdateSvc - ok
14:31:16.0183 2672 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx H:\Windows\system32\drivers\adp94xx.sys
14:31:16.0214 2672 adp94xx - ok
14:31:16.0246 2672 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci H:\Windows\system32\drivers\adpahci.sys
14:31:16.0277 2672 adpahci - ok
14:31:16.0277 2672 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 H:\Windows\system32\drivers\adpu320.sys
14:31:16.0292 2672 adpu320 - ok
14:31:16.0339 2672 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc H:\Windows\System32\aelupsvc.dll
14:31:16.0433 2672 AeLookupSvc - ok
14:31:16.0480 2672 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD H:\Windows\system32\drivers\afd.sys
14:31:16.0542 2672 AFD - ok
14:31:16.0573 2672 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 H:\Windows\system32\drivers\agp440.sys
14:31:16.0604 2672 agp440 - ok
14:31:16.0620 2672 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx H:\Windows\system32\drivers\djsvs.sys
14:31:16.0636 2672 aic78xx - ok
14:31:16.0682 2672 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG H:\Windows\System32\alg.exe
14:31:16.0745 2672 ALG - ok
14:31:16.0760 2672 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide H:\Windows\system32\drivers\aliide.sys
14:31:16.0792 2672 aliide - ok
14:31:16.0823 2672 [ B19505648F033393E907E2E419FDE8B3 ] AMD External Events Utility H:\Windows\system32\atiesrxx.exe
14:31:16.0885 2672 AMD External Events Utility - ok
14:31:16.0932 2672 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp H:\Windows\system32\drivers\amdagp.sys
14:31:16.0948 2672 amdagp - ok
14:31:16.0963 2672 [ CD5914170297126B6266860198D1D4F0 ] amdide H:\Windows\system32\drivers\amdide.sys
14:31:16.0994 2672 amdide - ok
14:31:17.0010 2672 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 H:\Windows\system32\drivers\amdk8.sys
14:31:17.0041 2672 AmdK8 - ok
14:31:17.0072 2672 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM H:\Windows\system32\drivers\amdppm.sys
14:31:17.0104 2672 AmdPPM - ok
14:31:17.0150 2672 [ D320BF87125326F996D4904FE24300FC ] amdsata H:\Windows\system32\drivers\amdsata.sys
14:31:17.0166 2672 amdsata - ok
14:31:17.0182 2672 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs H:\Windows\system32\drivers\amdsbs.sys
14:31:17.0213 2672 amdsbs - ok
14:31:17.0228 2672 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata H:\Windows\system32\drivers\amdxata.sys
14:31:17.0244 2672 amdxata - ok
14:31:17.0275 2672 [ AEA177F783E20150ACE5383EE368DA19 ] AppID H:\Windows\system32\drivers\appid.sys
14:31:17.0322 2672 AppID - ok
14:31:17.0353 2672 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc H:\Windows\System32\appidsvc.dll
14:31:17.0400 2672 AppIDSvc - ok
14:31:17.0431 2672 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo H:\Windows\System32\appinfo.dll
14:31:17.0494 2672 Appinfo - ok
14:31:17.0540 2672 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:31:17.0572 2672 Apple Mobile Device - ok
14:31:17.0603 2672 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc H:\Windows\system32\drivers\arc.sys
14:31:17.0618 2672 arc - ok
14:31:17.0634 2672 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas H:\Windows\system32\drivers\arcsas.sys
14:31:17.0650 2672 arcsas - ok
14:31:17.0665 2672 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac H:\Windows\system32\DRIVERS\asyncmac.sys
14:31:17.0759 2672 AsyncMac - ok
14:31:17.0759 2672 [ 338C86357871C167A96AB976519BF59E ] atapi H:\Windows\system32\drivers\atapi.sys
14:31:17.0790 2672 atapi - ok
14:31:17.0806 2672 [ EE67F3634096D49DF6ED2D43DDABF290 ] Atc002 H:\Windows\system32\DRIVERS\l260x86.sys
14:31:17.0852 2672 Atc002 - ok
14:31:17.0993 2672 [ 04F09923A393E4E0E8453A8F78361E73 ] atikmdag H:\Windows\system32\DRIVERS\atikmdag.sys
14:31:18.0102 2672 atikmdag - ok
14:31:18.0133 2672 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder H:\Windows\System32\Audiosrv.dll
14:31:18.0211 2672 AudioEndpointBuilder - ok
14:31:18.0211 2672 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv H:\Windows\System32\Audiosrv.dll
14:31:18.0242 2672 Audiosrv - ok
14:31:18.0274 2672 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV H:\Windows\System32\AxInstSV.dll
14:31:18.0305 2672 AxInstSV - ok
14:31:18.0352 2672 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv H:\Windows\system32\drivers\bxvbdx.sys
14:31:18.0414 2672 b06bdrv - ok
14:31:18.0445 2672 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x H:\Windows\system32\DRIVERS\b57nd60x.sys
14:31:18.0476 2672 b57nd60x - ok
14:31:18.0539 2672 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC H:\Windows\System32\bdesvc.dll
14:31:18.0601 2672 BDESVC - ok
14:31:18.0617 2672 [ 505506526A9D467307B3C393DEDAF858 ] Beep H:\Windows\system32\drivers\Beep.sys
14:31:18.0679 2672 Beep - ok
14:31:18.0710 2672 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE H:\Windows\System32\bfe.dll
14:31:18.0773 2672 BFE - ok
14:31:18.0804 2672 [ E585445D5021971FAE10393F0F1C3961 ] BITS H:\Windows\System32\qmgr.dll
14:31:18.0835 2672 BITS - ok
14:31:18.0851 2672 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive H:\Windows\system32\DRIVERS\blbdrive.sys
14:31:18.0882 2672 blbdrive - ok
14:31:18.0929 2672 [ 70CD6D71FC48BBBD1385D7B35AEADECC ] BMLoad H:\Windows\system32\drivers\BMLoad.sys
14:31:18.0960 2672 BMLoad ( UnsignedFile.Multi.Generic ) - warning
14:31:18.0960 2672 BMLoad - detected UnsignedFile.Multi.Generic (1)
14:31:19.0054 2672 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service H:\Program Files\Bonjour\mDNSResponder.exe
14:31:19.0085 2672 Bonjour Service - ok
14:31:19.0100 2672 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser H:\Windows\system32\DRIVERS\bowser.sys
14:31:19.0163 2672 bowser - ok
14:31:19.0178 2672 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo H:\Windows\system32\drivers\BrFiltLo.sys
14:31:19.0225 2672 BrFiltLo - ok
14:31:19.0241 2672 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp H:\Windows\system32\drivers\BrFiltUp.sys
14:31:19.0272 2672 BrFiltUp - ok
14:31:19.0303 2672 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser H:\Windows\System32\browser.dll
14:31:19.0366 2672 Browser - ok
14:31:19.0490 2672 [ D9C8DC2D7EC28E3FF25C99EF17C8631A ] BrowserProtect H:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
14:31:19.0553 2672 BrowserProtect - ok
14:31:19.0584 2672 [ 845B8CE732E67F3B4133164868C666EA ] Brserid H:\Windows\System32\Drivers\Brserid.sys
14:31:19.0631 2672 Brserid - ok
14:31:19.0646 2672 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm H:\Windows\System32\Drivers\BrSerWdm.sys
14:31:19.0678 2672 BrSerWdm - ok
14:31:19.0709 2672 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm H:\Windows\System32\Drivers\BrUsbMdm.sys
14:31:19.0740 2672 BrUsbMdm - ok
14:31:19.0756 2672 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer H:\Windows\System32\Drivers\BrUsbSer.sys
14:31:19.0787 2672 BrUsbSer - ok
14:31:19.0849 2672 [ 1A268813E062903C9FCA3783F6D88AD4 ] BstHdAndroidSvc H:\Program Files\BlueStacks\HD-Service.exe
14:31:19.0880 2672 BstHdAndroidSvc - ok
14:31:19.0912 2672 [ 9C95094D52B6722E19F8F5CAF127581D ] BstHdDrv H:\Program Files\BlueStacks\HD-Hypervisor-x86.sys
14:31:19.0927 2672 BstHdDrv - ok
14:31:19.0958 2672 [ 97C6013E48F0F2319540175C173662E4 ] BstHdLogRotatorSvc H:\Program Files\BlueStacks\HD-LogRotatorService.exe
14:31:19.0974 2672 BstHdLogRotatorSvc - ok
14:31:19.0990 2672 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM H:\Windows\system32\drivers\bthmodem.sys
14:31:20.0005 2672 BTHMODEM - ok
14:31:20.0052 2672 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv H:\Windows\system32\bthserv.dll
14:31:20.0130 2672 bthserv - ok
14:31:20.0146 2672 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs H:\Windows\system32\DRIVERS\cdfs.sys
14:31:20.0192 2672 cdfs - ok
14:31:20.0239 2672 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom H:\Windows\system32\DRIVERS\cdrom.sys
14:31:20.0270 2672 cdrom - ok
14:31:20.0286 2672 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc H:\Windows\System32\certprop.dll
14:31:20.0333 2672 CertPropSvc - ok
14:31:20.0364 2672 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass H:\Windows\system32\drivers\circlass.sys
14:31:20.0395 2672 circlass - ok
14:31:20.0426 2672 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS H:\Windows\system32\CLFS.sys
14:31:20.0442 2672 CLFS - ok
14:31:20.0504 2672 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 H:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:31:20.0520 2672 clr_optimization_v2.0.50727_32 - ok
14:31:20.0598 2672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 H:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:31:20.0676 2672 clr_optimization_v4.0.30319_32 - ok
14:31:20.0692 2672 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt H:\Windows\system32\drivers\CmBatt.sys
14:31:20.0723 2672 CmBatt - ok
14:31:20.0738 2672 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide H:\Windows\system32\drivers\cmdide.sys
14:31:20.0754 2672 cmdide - ok
14:31:20.0785 2672 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG H:\Windows\system32\Drivers\cng.sys
14:31:20.0801 2672 CNG - ok
14:31:20.0816 2672 [ A6023D3823C37043986713F118A89BEE ] Compbatt H:\Windows\system32\drivers\compbatt.sys
14:31:20.0832 2672 Compbatt - ok
14:31:20.0863 2672 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus H:\Windows\system32\DRIVERS\CompositeBus.sys
14:31:20.0879 2672 CompositeBus - ok
14:31:20.0910 2672 COMSysApp - ok
14:31:20.0926 2672 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk H:\Windows\system32\drivers\crcdisk.sys
14:31:20.0941 2672 crcdisk - ok
14:31:20.0957 2672 Creative Audio Engine Licensing Service - ok
14:31:21.0004 2672 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc H:\Windows\system32\cryptsvc.dll
14:31:21.0050 2672 CryptSvc - ok
14:31:21.0113 2672 [ 69CDBA2B9C397E349A04FA70DD9170A2 ] CTAudSvcService H:\Program Files\Creative\Shared Files\CTAudSvc.exe
14:31:21.0144 2672 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
14:31:21.0144 2672 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
14:31:21.0316 2672 [ C851B2FE7D15B42745355FD9E4141CC6 ] DatamngrCoordinator H:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe
14:31:21.0409 2672 DatamngrCoordinator - ok
14:31:21.0440 2672 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch H:\Windows\system32\rpcss.dll
14:31:21.0503 2672 DcomLaunch - ok
14:31:21.0534 2672 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc H:\Windows\System32\defragsvc.dll
14:31:21.0581 2672 defragsvc - ok
14:31:21.0612 2672 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC H:\Windows\system32\Drivers\dfsc.sys
14:31:21.0628 2672 DfsC - ok
14:31:21.0659 2672 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp H:\Windows\system32\dhcpcore.dll
14:31:21.0706 2672 Dhcp - ok
14:31:21.0737 2672 [ 1A050B0274BFB3890703D490F330C0DA ] discache H:\Windows\system32\drivers\discache.sys
14:31:21.0799 2672 discache - ok
14:31:21.0846 2672 [ 565003F326F99802E68CA78F2A68E9FF ] Disk H:\Windows\system32\drivers\disk.sys
14:31:21.0862 2672 Disk - ok
14:31:21.0893 2672 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache H:\Windows\System32\dnsrslvr.dll
14:31:21.0940 2672 Dnscache - ok
14:31:21.0986 2672 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc H:\Windows\System32\dot3svc.dll
14:31:22.0033 2672 dot3svc - ok
14:31:22.0033 2672 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS H:\Windows\system32\dps.dll
14:31:22.0080 2672 DPS - ok
14:31:22.0111 2672 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud H:\Windows\system32\drivers\drmkaud.sys
14:31:22.0158 2672 drmkaud - ok
14:31:22.0205 2672 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl H:\Windows\System32\drivers\dxgkrnl.sys
14:31:22.0236 2672 DXGKrnl - ok
14:31:22.0267 2672 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost H:\Windows\System32\eapsvc.dll
14:31:22.0314 2672 EapHost - ok
14:31:22.0392 2672 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv H:\Windows\system32\drivers\evbdx.sys
14:31:22.0470 2672 ebdrv - ok
14:31:22.0501 2672 [ 81951F51E318AECC2D68559E47485CC4 ] EFS H:\Windows\System32\lsass.exe
14:31:22.0548 2672 EFS - ok
14:31:22.0626 2672 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr H:\Windows\ehome\ehRecvr.exe
14:31:22.0657 2672 ehRecvr - ok
14:31:22.0673 2672 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched H:\Windows\ehome\ehsched.exe
14:31:22.0704 2672 ehSched - ok
14:31:22.0766 2672 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor H:\Windows\system32\drivers\elxstor.sys
14:31:22.0798 2672 elxstor - ok
14:31:22.0813 2672 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev H:\Windows\system32\drivers\errdev.sys
14:31:22.0844 2672 ErrDev - ok
14:31:22.0891 2672 [ 6B93B103242C3C30F850F53DBE39ED88 ] EuMusDesignVirtualAudioCableWdm H:\Windows\system32\DRIVERS\vrtaucbl.sys
14:31:22.0907 2672 EuMusDesignVirtualAudioCableWdm - ok
14:31:22.0938 2672 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem H:\Windows\system32\es.dll
14:31:23.0000 2672 EventSystem - ok
14:31:23.0032 2672 ewusbnet - ok
14:31:23.0047 2672 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev H:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:31:23.0110 2672 ew_hwusbdev - ok
14:31:23.0125 2672 [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter H:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
14:31:23.0172 2672 ew_usbenumfilter - ok
14:31:23.0188 2672 [ 2DC9108D74081149CC8B651D3A26207F ] exfat H:\Windows\system32\drivers\exfat.sys
14:31:23.0219 2672 exfat - ok
14:31:23.0250 2672 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat H:\Windows\system32\drivers\fastfat.sys
14:31:23.0312 2672 fastfat - ok
14:31:23.0359 2672 [ 967EA5B213E9984CBE270205DF37755B ] Fax H:\Windows\system32\fxssvc.exe
14:31:23.0422 2672 Fax - ok
14:31:23.0437 2672 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc H:\Windows\system32\drivers\fdc.sys
14:31:23.0453 2672 fdc - ok
14:31:23.0484 2672 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost H:\Windows\system32\fdPHost.dll
14:31:23.0531 2672 fdPHost - ok
14:31:23.0546 2672 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub H:\Windows\system32\fdrespub.dll
14:31:23.0578 2672 FDResPub - ok
14:31:23.0624 2672 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo H:\Windows\system32\drivers\fileinfo.sys
14:31:23.0624 2672 FileInfo - ok
14:31:23.0640 2672 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace H:\Windows\system32\drivers\filetrace.sys
14:31:23.0671 2672 Filetrace - ok
14:31:23.0687 2672 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk H:\Windows\system32\drivers\flpydisk.sys
14:31:23.0718 2672 flpydisk - ok
14:31:23.0749 2672 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr H:\Windows\system32\drivers\fltmgr.sys
14:31:23.0765 2672 FltMgr - ok
14:31:23.0812 2672 [ E12C4928B32ACE04610259647F072635 ] FontCache H:\Windows\system32\FntCache.dll
14:31:23.0890 2672 FontCache - ok
14:31:23.0936 2672 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 H:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:31:23.0968 2672 FontCache3.0.0.0 - ok
14:31:23.0983 2672 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends H:\Windows\system32\drivers\FsDepends.sys
14:31:23.0999 2672 FsDepends - ok
14:31:24.0030 2672 [ BFAAA92861526BB0ADCD01E964AB6609 ] fssfltr H:\Windows\system32\DRIVERS\fssfltr.sys
14:31:24.0046 2672 fssfltr - ok
14:31:24.0077 2672 fsssvc - ok
14:31:24.0092 2672 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec H:\Windows\system32\drivers\Fs_Rec.sys
14:31:24.0092 2672 Fs_Rec - ok
14:31:24.0155 2672 [ 8C89DAB1061E3D04E902404754D3FA29 ] FTDIBUS H:\Windows\system32\drivers\ftdibus.sys
14:31:24.0186 2672 FTDIBUS - ok
14:31:24.0202 2672 [ B14C967A0ADF2348258DD8312B6C0C58 ] FTSER2K H:\Windows\system32\drivers\ftser2k.sys
14:31:24.0217 2672 FTSER2K - ok
14:31:24.0264 2672 [ E306A24D9694C724FA2491278BF50FDB ] fvevol H:\Windows\system32\DRIVERS\fvevol.sys
14:31:24.0295 2672 fvevol - ok
14:31:24.0326 2672 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx H:\Windows\system32\drivers\gagp30kx.sys
14:31:24.0342 2672 gagp30kx - ok
14:31:24.0389 2672 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM H:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:31:24.0404 2672 GEARAspiWDM - ok
14:31:24.0451 2672 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc H:\Windows\System32\gpsvc.dll
14:31:24.0514 2672 gpsvc - ok
14:31:24.0529 2672 gupdate - ok
14:31:24.0529 2672 gupdatem - ok
14:31:24.0545 2672 gusvc - ok
14:31:24.0560 2672 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir H:\Windows\system32\drivers\hcw85cir.sys
14:31:24.0607 2672 hcw85cir - ok
14:31:24.0654 2672 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService H:\Windows\system32\drivers\HdAudio.sys
14:31:24.0670 2672 HdAudAddService - ok
14:31:24.0716 2672 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus H:\Windows\system32\DRIVERS\HDAudBus.sys
14:31:24.0732 2672 HDAudBus - ok
14:31:24.0748 2672 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt H:\Windows\system32\drivers\HidBatt.sys
14:31:24.0794 2672 HidBatt - ok
14:31:24.0810 2672 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth H:\Windows\system32\drivers\hidbth.sys
14:31:24.0857 2672 HidBth - ok
14:31:24.0888 2672 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr H:\Windows\system32\drivers\hidir.sys
14:31:24.0919 2672 HidIr - ok
14:31:24.0950 2672 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv H:\Windows\system32\hidserv.dll
14:31:25.0013 2672 hidserv - ok
14:31:25.0060 2672 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb H:\Windows\system32\DRIVERS\hidusb.sys
14:31:25.0091 2672 HidUsb - ok
14:31:25.0122 2672 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc H:\Windows\system32\kmsvc.dll
14:31:25.0153 2672 hkmsvc - ok
14:31:25.0169 2672 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener H:\Windows\system32\ListSvc.dll
14:31:25.0216 2672 HomeGroupListener - ok
14:31:25.0247 2672 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider H:\Windows\system32\provsvc.dll
14:31:25.0309 2672 HomeGroupProvider - ok
14:31:25.0340 2672 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD H:\Windows\system32\drivers\HpSAMD.sys
14:31:25.0372 2672 HpSAMD - ok
14:31:25.0403 2672 [ 871917B07A141BFF43D76D8844D48106 ] HTTP H:\Windows\system32\drivers\HTTP.sys
14:31:25.0434 2672 HTTP - ok
14:31:25.0465 2672 [ 42A64382A0607B80C99C37170911B346 ] huawei_cdcacm H:\Windows\system32\DRIVERS\ew_jucdcacm.sys
14:31:25.0481 2672 huawei_cdcacm - ok
14:31:25.0496 2672 [ F44461E66F1B7DD267957FE9BAA63ED0 ] huawei_enumerator H:\Windows\system32\DRIVERS\ew_jubusenum.sys
14:31:25.0543 2672 huawei_enumerator - ok
14:31:25.0590 2672 [ 69A103138B77AC0950EC3846E2E6F655 ] huawei_ext_ctrl H:\Windows\system32\DRIVERS\ew_juextctrl.sys
14:31:25.0637 2672 huawei_ext_ctrl - ok
14:31:25.0668 2672 [ 7DE001BAB4056257E1792AF1FCFA489F ] huawei_wwanecm H:\Windows\system32\DRIVERS\ew_juwwanecm.sys
14:31:25.0684 2672 huawei_wwanecm - ok
14:31:25.0746 2672 [ F547F862B8907F1BCBD9B72A72A6449E ] hwdatacard H:\Windows\system32\DRIVERS\ewusbmdm.sys
14:31:25.0808 2672 hwdatacard - ok
14:31:25.0840 2672 HWDeviceService.exe - ok
14:31:25.0855 2672 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy H:\Windows\system32\drivers\hwpolicy.sys
14:31:25.0871 2672 hwpolicy - ok
14:31:25.0886 2672 hwusbdev - ok
14:31:25.0949 2672 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt H:\Windows\system32\DRIVERS\i8042prt.sys
14:31:25.0980 2672 i8042prt - ok
14:31:26.0027 2672 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV H:\Windows\system32\drivers\iaStorV.sys
14:31:26.0058 2672 iaStorV - ok
14:31:26.0105 2672 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc H:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:31:26.0152 2672 idsvc - ok
14:31:26.0261 2672 [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx H:\Windows\system32\DRIVERS\igdkmd32.sys
14:31:26.0386 2672 igfx - ok
14:31:26.0417 2672 [ 4173FF5708F3236CF25195FECD742915 ] iirsp H:\Windows\system32\drivers\iirsp.sys
14:31:26.0448 2672 iirsp - ok
14:31:26.0495 2672 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT H:\Windows\System32\ikeext.dll
14:31:26.0557 2672 IKEEXT - ok
14:31:26.0588 2672 IntcAzAudAddService - ok
14:31:26.0604 2672 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide H:\Windows\system32\drivers\intelide.sys
14:31:26.0620 2672 intelide - ok
14:31:26.0635 2672 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm H:\Windows\system32\DRIVERS\intelppm.sys
14:31:26.0651 2672 intelppm - ok
14:31:26.0666 2672 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum H:\Windows\system32\ipbusenum.dll
14:31:26.0698 2672 IPBusEnum - ok
14:31:26.0729 2672 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver H:\Windows\system32\DRIVERS\ipfltdrv.sys
14:31:26.0744 2672 IpFilterDriver - ok
14:31:26.0791 2672 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc H:\Windows\System32\iphlpsvc.dll
14:31:26.0869 2672 iphlpsvc - ok
14:31:26.0885 2672 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV H:\Windows\system32\drivers\IPMIDrv.sys
14:31:26.0900 2672 IPMIDRV - ok
14:31:26.0932 2672 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT H:\Windows\system32\drivers\ipnat.sys
14:31:26.0978 2672 IPNAT - ok
14:31:27.0025 2672 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service H:\Program Files\iPod\bin\iPodService.exe
14:31:27.0056 2672 iPod Service - ok
14:31:27.0072 2672 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM H:\Windows\system32\drivers\irenum.sys
14:31:27.0103 2672 IRENUM - ok
14:31:27.0134 2672 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp H:\Windows\system32\drivers\isapnp.sys
14:31:27.0150 2672 isapnp - ok
14:31:27.0181 2672 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt H:\Windows\system32\drivers\msiscsi.sys
14:31:27.0197 2672 iScsiPrt - ok
14:31:27.0228 2672 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass H:\Windows\system32\DRIVERS\kbdclass.sys
14:31:27.0259 2672 kbdclass - ok
14:31:27.0290 2672 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid H:\Windows\system32\DRIVERS\kbdhid.sys
14:31:27.0322 2672 kbdhid - ok
14:31:27.0322 2672 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso H:\Windows\system32\lsass.exe
14:31:27.0368 2672 KeyIso - ok
14:31:27.0400 2672 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD H:\Windows\system32\Drivers\ksecdd.sys
14:31:27.0415 2672 KSecDD - ok
14:31:27.0431 2672 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg H:\Windows\system32\Drivers\ksecpkg.sys
14:31:27.0446 2672 KSecPkg - ok
14:31:27.0493 2672 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm H:\Windows\system32\msdtckrm.dll
14:31:27.0524 2672 KtmRm - ok
14:31:27.0571 2672 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer H:\Windows\system32\srvsvc.dll
14:31:27.0618 2672 LanmanServer - ok
14:31:27.0665 2672 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation H:\Windows\System32\wkssvc.dll
14:31:27.0696 2672 LanmanWorkstation - ok
14:31:27.0727 2672 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio H:\Windows\system32\DRIVERS\lltdio.sys
14:31:27.0774 2672 lltdio - ok
14:31:27.0805 2672 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc H:\Windows\System32\lltdsvc.dll
14:31:27.0836 2672 lltdsvc - ok
14:31:27.0852 2672 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts H:\Windows\System32\lmhsvc.dll
14:31:27.0899 2672 lmhosts - ok
14:31:27.0930 2672 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC H:\Windows\system32\drivers\lsi_fc.sys
14:31:27.0946 2672 LSI_FC - ok
14:31:27.0946 2672 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS H:\Windows\system32\drivers\lsi_sas.sys
14:31:27.0961 2672 LSI_SAS - ok
14:31:27.0977 2672 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 H:\Windows\system32\drivers\lsi_sas2.sys
14:31:27.0992 2672 LSI_SAS2 - ok
14:31:28.0008 2672 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI H:\Windows\system32\drivers\lsi_scsi.sys
14:31:28.0024 2672 LSI_SCSI - ok
14:31:28.0039 2672 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv H:\Windows\system32\drivers\luafv.sys
14:31:28.0070 2672 luafv - ok
14:31:28.0117 2672 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService H:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
14:31:28.0148 2672 McComponentHostService - ok
14:31:28.0180 2672 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc H:\Windows\system32\Mcx2Svc.dll
14:31:28.0195 2672 Mcx2Svc - ok
14:31:28.0242 2672 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas H:\Windows\system32\drivers\megasas.sys
14:31:28.0258 2672 megasas - ok
14:31:28.0289 2672 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR H:\Windows\system32\drivers\MegaSR.sys
14:31:28.0304 2672 MegaSR - ok
14:31:28.0336 2672 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS H:\Windows\system32\mmcss.dll
14:31:28.0414 2672 MMCSS - ok
14:31:28.0429 2672 [ F001861E5700EE84E2D4E52C712F4964 ] Modem H:\Windows\system32\drivers\modem.sys
14:31:28.0476 2672 Modem - ok
14:31:28.0523 2672 [ 79D10964DE86B292320E9DFE02282A23 ] monitor H:\Windows\system32\DRIVERS\monitor.sys
14:31:28.0554 2672 monitor - ok
14:31:28.0585 2672 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass H:\Windows\system32\DRIVERS\mouclass.sys
14:31:28.0601 2672 mouclass - ok
14:31:28.0616 2672 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid H:\Windows\system32\DRIVERS\mouhid.sys
14:31:28.0648 2672 mouhid - ok
14:31:28.0679 2672 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr H:\Windows\system32\drivers\mountmgr.sys
14:31:28.0694 2672 mountmgr - ok
14:31:28.0741 2672 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:31:28.0772 2672 MozillaMaintenance - ok
14:31:28.0788 2672 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio H:\Windows\system32\drivers\mpio.sys
14:31:28.0804 2672 mpio - ok
14:31:28.0819 2672 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv H:\Windows\system32\drivers\mpsdrv.sys
14:31:28.0850 2672 mpsdrv - ok
14:31:28.0897 2672 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc H:\Windows\system32\mpssvc.dll
14:31:28.0928 2672 MpsSvc - ok
14:31:28.0960 2672 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV H:\Windows\system32\drivers\mrxdav.sys
14:31:28.0991 2672 MRxDAV - ok
14:31:29.0038 2672 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb H:\Windows\system32\DRIVERS\mrxsmb.sys
14:31:29.0069 2672 mrxsmb - ok
14:31:29.0084 2672 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 H:\Windows\system32\DRIVERS\mrxsmb10.sys
14:31:29.0116 2672 mrxsmb10 - ok
14:31:29.0131 2672 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 H:\Windows\system32\DRIVERS\mrxsmb20.sys
14:31:29.0178 2672 mrxsmb20 - ok
14:31:29.0209 2672 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci H:\Windows\system32\drivers\msahci.sys
14:31:29.0225 2672 msahci - ok
14:31:29.0256 2672 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm H:\Windows\system32\drivers\msdsm.sys
14:31:29.0287 2672 msdsm - ok
14:31:29.0334 2672 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC H:\Windows\System32\msdtc.exe
14:31:29.0381 2672 MSDTC - ok
14:31:29.0396 2672 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs H:\Windows\system32\drivers\Msfs.sys
14:31:29.0428 2672 Msfs - ok
14:31:29.0443 2672 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf H:\Windows\System32\drivers\mshidkmdf.sys
14:31:29.0474 2672 mshidkmdf - ok
14:31:29.0474 2672 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv H:\Windows\system32\drivers\msisadrv.sys
14:31:29.0490 2672 msisadrv - ok
14:31:29.0537 2672 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI H:\Windows\system32\iscsiexe.dll
14:31:29.0584 2672 MSiSCSI - ok
14:31:29.0584 2672 msiserver - ok
14:31:29.0615 2672 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV H:\Windows\system32\drivers\MSKSSRV.sys
14:31:29.0630 2672 MSKSSRV - ok
14:31:29.0677 2672 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK H:\Windows\system32\drivers\MSPCLOCK.sys
14:31:29.0724 2672 MSPCLOCK - ok
14:31:29.0755 2672 [ F456E973590D663B1073E9C463B40932 ] MSPQM H:\Windows\system32\drivers\MSPQM.sys
14:31:29.0786 2672 MSPQM - ok
14:31:29.0818 2672 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC H:\Windows\system32\drivers\MsRPC.sys
14:31:29.0833 2672 MsRPC - ok
14:31:29.0864 2672 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios H:\Windows\system32\DRIVERS\mssmbios.sys
14:31:29.0880 2672 mssmbios - ok
14:31:29.0896 2672 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE H:\Windows\system32\drivers\MSTEE.sys
14:31:29.0911 2672 MSTEE - ok
14:31:29.0927 2672 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig H:\Windows\system32\drivers\MTConfig.sys
14:31:29.0958 2672 MTConfig - ok
14:31:29.0989 2672 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor H:\Windows\system32\DRIVERS\ASACPI.sys
14:31:30.0005 2672 MTsensor - ok
14:31:30.0020 2672 [ 159FAD02F64E6381758C990F753BCC80 ] Mup H:\Windows\system32\Drivers\mup.sys
14:31:30.0036 2672 Mup - ok
14:31:30.0067 2672 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent H:\Windows\system32\qagentRT.dll
14:31:30.0114 2672 napagent - ok
14:31:30.0161 2672 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP H:\Windows\system32\DRIVERS\nwifi.sys
14:31:30.0208 2672 NativeWifiP - ok
14:31:30.0254 2672 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS H:\Windows\system32\drivers\ndis.sys
14:31:30.0286 2672 NDIS - ok
14:31:30.0286 2672 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap H:\Windows\system32\DRIVERS\ndiscap.sys
14:31:30.0317 2672 NdisCap - ok
14:31:30.0379 2672 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi H:\Windows\system32\DRIVERS\ndistapi.sys
14:31:30.0442 2672 NdisTapi - ok
14:31:30.0473 2672 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio H:\Windows\system32\DRIVERS\ndisuio.sys
14:31:30.0504 2672 Ndisuio - ok
14:31:30.0520 2672 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan H:\Windows\system32\DRIVERS\ndiswan.sys
14:31:30.0566 2672 NdisWan - ok
14:31:30.0598 2672 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy H:\Windows\system32\drivers\NDProxy.sys
14:31:30.0629 2672 NDProxy - ok
14:31:30.0660 2672 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS H:\Windows\system32\DRIVERS\netbios.sys
14:31:30.0722 2672 NetBIOS - ok
14:31:30.0738 2672 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT H:\Windows\system32\DRIVERS\netbt.sys
14:31:30.0816 2672 NetBT - ok
14:31:30.0832 2672 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon H:\Windows\system32\lsass.exe
14:31:30.0847 2672 Netlogon - ok
14:31:30.0894 2672 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman H:\Windows\System32\netman.dll
14:31:30.0925 2672 Netman - ok
14:31:30.0956 2672 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm H:\Windows\System32\netprofm.dll
14:31:31.0003 2672 netprofm - ok
14:31:31.0034 2672 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing H:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:31:31.0034 2672 NetTcpPortSharing - ok
14:31:31.0081 2672 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 H:\Windows\system32\drivers\nfrd960.sys
14:31:31.0081 2672 nfrd960 - ok
14:31:31.0144 2672 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc H:\Windows\System32\nlasvc.dll
14:31:31.0190 2672 NlaSvc - ok
14:31:31.0206 2672 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs H:\Windows\system32\drivers\Npfs.sys
14:31:31.0237 2672 Npfs - ok
14:31:31.0268 2672 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi H:\Windows\system32\nsisvc.dll
14:31:31.0315 2672 nsi - ok
14:31:31.0331 2672 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy H:\Windows\system32\drivers\nsiproxy.sys
14:31:31.0362 2672 nsiproxy - ok
14:31:31.0471 2672 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs H:\Windows\system32\drivers\Ntfs.sys
14:31:31.0534 2672 Ntfs - ok
14:31:31.0580 2672 [ F9756A98D69098DCA8945D62858A812C ] Null H:\Windows\system32\drivers\Null.sys
14:31:31.0612 2672 Null - ok
14:31:31.0908 2672 [ 0B2E7B39411FAA44EBDA76FB38673964 ] nvlddmkm H:\Windows\system32\DRIVERS\nvlddmkm.sys
14:31:32.0048 2672 nvlddmkm - ok
14:31:32.0095 2672 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid H:\Windows\system32\drivers\nvraid.sys
14:31:32.0111 2672 nvraid - ok
14:31:32.0126 2672 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor H:\Windows\system32\drivers\nvstor.sys
14:31:32.0142 2672 nvstor - ok
14:31:32.0189 2672 [ 439FD6A5A34113388C51C48D0E5092AA ] nvsvc H:\Windows\system32\nvvsvc.exe
14:31:32.0220 2672 nvsvc - ok
14:31:32.0298 2672 [ E3C7676582502C5E4BB9288C3617AB59 ] nvUpdatusService H:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:31:32.0329 2672 nvUpdatusService - ok
14:31:32.0345 2672 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp H:\Windows\system32\drivers\nv_agp.sys
14:31:32.0360 2672 nv_agp - ok
14:31:32.0392 2672 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 H:\Windows\system32\drivers\ohci1394.sys
14:31:32.0423 2672 ohci1394 - ok
14:31:32.0470 2672 [ F2519D547A6AC2AFE0DF0DC826A085A7 ] P17 H:\Windows\system32\drivers\P17.sys
14:31:32.0501 2672 P17 - ok
14:31:32.0532 2672 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc H:\Windows\system32\pnrpsvc.dll
14:31:32.0579 2672 p2pimsvc - ok
14:31:32.0594 2672 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc H:\Windows\system32\p2psvc.dll
14:31:32.0626 2672 p2psvc - ok
14:31:32.0657 2672 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport H:\Windows\system32\drivers\parport.sys
14:31:32.0672 2672 Parport - ok
14:31:32.0688 2672 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr H:\Windows\system32\drivers\partmgr.sys
14:31:32.0704 2672 partmgr - ok
14:31:32.0735 2672 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm H:\Windows\system32\drivers\parvdm.sys
14:31:32.0750 2672 Parvdm - ok
14:31:32.0766 2672 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc H:\Windows\System32\pcasvc.dll
14:31:32.0797 2672 PcaSvc - ok
14:31:32.0813 2672 [ 673E55C3498EB970088E812EA820AA8F ] pci H:\Windows\system32\drivers\pci.sys
14:31:32.0828 2672 pci - ok
14:31:32.0844 2672 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide H:\Windows\system32\drivers\pciide.sys
14:31:32.0860 2672 pciide - ok
14:31:32.0875 2672 [ F396431B31693E71E8A80687EF523506 ] pcmcia H:\Windows\system32\drivers\pcmcia.sys
14:31:32.0891 2672 pcmcia - ok
14:31:32.0906 2672 [ 250F6B43D2B613172035C6747AEEB19F ] pcw H:\Windows\system32\drivers\pcw.sys
14:31:32.0922 2672 pcw - ok
14:31:32.0953 2672 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH H:\Windows\system32\drivers\peauth.sys
14:31:33.0016 2672 PEAUTH - ok
14:31:33.0062 2672 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla H:\Windows\system32\pla.dll
14:31:33.0140 2672 pla - ok
14:31:33.0187 2672 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay H:\Windows\system32\umpnpmgr.dll
14:31:33.0250 2672 PlugPlay - ok
14:31:33.0265 2672 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg H:\Windows\system32\pnrpauto.dll
14:31:33.0296 2672 PNRPAutoReg - ok
14:31:33.0328 2672 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc H:\Windows\system32\pnrpsvc.dll
14:31:33.0343 2672 PNRPsvc - ok
14:31:33.0374 2672 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent H:\Windows\System32\ipsecsvc.dll
14:31:33.0421 2672 PolicyAgent - ok
14:31:33.0452 2672 [ F87D30E72E03D579A5199CCB3831D6EA ] Power H:\Windows\system32\umpo.dll
14:31:33.0499 2672 Power - ok
14:31:33.0546 2672 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport H:\Windows\system32\DRIVERS\raspptp.sys
14:31:33.0608 2672 PptpMiniport - ok
14:31:33.0624 2672 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor H:\Windows\system32\drivers\processr.sys
14:31:33.0671 2672 Processor - ok
14:31:33.0718 2672 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc H:\Windows\system32\profsvc.dll
14:31:33.0764 2672 ProfSvc - ok
14:31:33.0780 2672 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage H:\Windows\system32\lsass.exe
14:31:33.0811 2672 ProtectedStorage - ok
14:31:33.0827 2672 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched H:\Windows\system32\DRIVERS\pacer.sys
14:31:33.0874 2672 Psched - ok
14:31:33.0920 2672 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 H:\Windows\system32\drivers\ql2300.sys
14:31:33.0967 2672 ql2300 - ok
14:31:33.0967 2672 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx H:\Windows\system32\drivers\ql40xx.sys
14:31:33.0983 2672 ql40xx - ok
14:31:34.0014 2672 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE H:\Windows\system32\qwave.dll
14:31:34.0045 2672 QWAVE - ok
14:31:34.0076 2672 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv H:\Windows\system32\drivers\qwavedrv.sys
14:31:34.0092 2672 QWAVEdrv - ok
14:31:34.0108 2672 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd H:\Windows\system32\DRIVERS\rasacd.sys
14:31:34.0154 2672 RasAcd - ok
14:31:34.0186 2672 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn H:\Windows\system32\DRIVERS\AgileVpn.sys
14:31:34.0232 2672 RasAgileVpn - ok
14:31:34.0248 2672 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto H:\Windows\System32\rasauto.dll
14:31:34.0295 2672 RasAuto - ok
14:31:34.0326 2672 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp H:\Windows\system32\DRIVERS\rasl2tp.sys
14:31:34.0373 2672 Rasl2tp - ok
14:31:34.0420 2672 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan H:\Windows\System32\rasmans.dll
14:31:34.0466 2672 RasMan - ok
14:31:34.0498 2672 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe H:\Windows\system32\DRIVERS\raspppoe.sys
14:31:34.0529 2672 RasPppoe - ok
14:31:34.0560 2672 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp H:\Windows\system32\DRIVERS\rassstp.sys
14:31:34.0591 2672 RasSstp - ok
14:31:34.0622 2672 [ D528BC58A489409BA40334EBF96A311B ] rdbss H:\Windows\system32\DRIVERS\rdbss.sys
14:31:34.0654 2672 rdbss - ok
14:31:34.0669 2672 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus H:\Windows\system32\drivers\rdpbus.sys
14:31:34.0685 2672 rdpbus - ok
14:31:34.0700 2672 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD H:\Windows\system32\DRIVERS\RDPCDD.sys
14:31:34.0732 2672 RDPCDD - ok
14:31:34.0763 2672 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD H:\Windows\system32\drivers\rdpencdd.sys
14:31:34.0794 2672 RDPENCDD - ok
14:31:34.0825 2672 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP H:\Windows\system32\drivers\rdprefmp.sys
14:31:34.0888 2672 RDPREFMP - ok
14:31:34.0919 2672 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD H:\Windows\system32\drivers\RDPWD.sys
14:31:34.0966 2672 RDPWD - ok
14:31:35.0012 2672 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost H:\Windows\system32\drivers\rdyboost.sys
14:31:35.0044 2672 rdyboost - ok
14:31:35.0075 2672 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess H:\Windows\System32\mprdim.dll
14:31:35.0106 2672 RemoteAccess - ok
14:31:35.0137 2672 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry H:\Windows\system32\regsvc.dll
14:31:35.0168 2672 RemoteRegistry - ok
14:31:35.0184 2672 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper H:\Windows\System32\RpcEpMap.dll
14:31:35.0231 2672 RpcEptMapper - ok
14:31:35.0246 2672 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator H:\Windows\system32\locator.exe
14:31:35.0293 2672 RpcLocator - ok
14:31:35.0309 2672 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs H:\Windows\system32\rpcss.dll
14:31:35.0340 2672 RpcSs - ok
14:31:35.0356 2672 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr H:\Windows\system32\DRIVERS\rspndr.sys
14:31:35.0418 2672 rspndr - ok
14:31:35.0434 2672 [ F68BDFAB9DC5E516AE38BB64116E6C52 ] RzSynapse H:\Windows\system32\DRIVERS\RzSynapse.sys
14:31:35.0480 2672 RzSynapse - ok
14:31:35.0496 2672 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs H:\Windows\system32\lsass.exe
14:31:35.0512 2672 SamSs - ok
14:31:35.0558 2672 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port H:\Windows\system32\drivers\sbp2port.sys
14:31:35.0574 2672 sbp2port - ok
14:31:35.0605 2672 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr H:\Windows\System32\SCardSvr.dll
14:31:35.0652 2672 SCardSvr - ok
14:31:35.0668 2672 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter H:\Windows\system32\DRIVERS\scfilter.sys
14:31:35.0714 2672 scfilter - ok
14:31:35.0746 2672 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule H:\Windows\system32\schedsvc.dll
14:31:35.0808 2672 Schedule - ok
14:31:35.0824 2672 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc H:\Windows\System32\certprop.dll
14:31:35.0855 2672 SCPolicySvc - ok
14:31:35.0855 2672 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC H:\Windows\System32\SDRSVC.dll
14:31:35.0917 2672 SDRSVC - ok
14:31:35.0948 2672 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv H:\Windows\system32\drivers\secdrv.sys
14:31:35.0980 2672 secdrv - ok
14:31:35.0995 2672 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon H:\Windows\system32\seclogon.dll
14:31:36.0042 2672 seclogon - ok
14:31:36.0073 2672 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS H:\Windows\System32\sens.dll
14:31:36.0120 2672 SENS - ok
14:31:36.0151 2672 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc H:\Windows\system32\sensrsvc.dll
14:31:36.0198 2672 SensrSvc - ok
14:31:36.0229 2672 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum H:\Windows\system32\DRIVERS\serenum.sys
14:31:36.0245 2672 Serenum - ok
14:31:36.0276 2672 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial H:\Windows\system32\DRIVERS\serial.sys
14:31:36.0307 2672 Serial - ok
14:31:36.0338 2672 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse H:\Windows\system32\drivers\sermouse.sys
14:31:36.0354 2672 sermouse - ok
14:31:36.0385 2672 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv H:\Windows\system32\sessenv.dll
14:31:36.0432 2672 SessionEnv - ok
14:31:36.0448 2672 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk H:\Windows\system32\drivers\sffdisk.sys
14:31:36.0479 2672 sffdisk - ok
14:31:36.0494 2672 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc H:\Windows\system32\drivers\sffp_mmc.sys
14:31:36.0526 2672 sffp_mmc - ok
14:31:36.0541 2672 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd H:\Windows\system32\drivers\sffp_sd.sys
14:31:36.0572 2672 sffp_sd - ok
14:31:36.0588 2672 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy H:\Windows\system32\DRIVERS\sfloppy.sys
14:31:36.0604 2672 sfloppy - ok
14:31:36.0635 2672 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess H:\Windows\System32\ipnathlp.dll
14:31:36.0697 2672 SharedAccess - ok
14:31:36.0744 2672 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection H:\Windows\System32\shsvcs.dll
14:31:36.0806 2672 ShellHWDetection - ok
14:31:36.0822 2672 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp H:\Windows\system32\drivers\sisagp.sys
14:31:36.0838 2672 sisagp - ok
14:31:36.0853 2672 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 H:\Windows\system32\drivers\SiSRaid2.sys
14:31:36.0869 2672 SiSRaid2 - ok
14:31:36.0884 2672 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 H:\Windows\system32\drivers\sisraid4.sys
14:31:36.0900 2672 SiSRaid4 - ok
14:31:36.0947 2672 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate H:\Program Files\Skype\Updater\Updater.exe
14:31:36.0978 2672 SkypeUpdate - ok
14:31:37.0009 2672 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb H:\Windows\system32\DRIVERS\smb.sys
14:31:37.0056 2672 Smb - ok
14:31:37.0087 2672 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP H:\Windows\System32\snmptrap.exe
14:31:37.0118 2672 SNMPTRAP - ok
14:31:37.0134 2672 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr H:\Windows\system32\drivers\spldr.sys
14:31:37.0150 2672 spldr - ok
14:31:37.0181 2672 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler H:\Windows\System32\spoolsv.exe
14:31:37.0243 2672 Spooler - ok
14:31:37.0306 2672 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc H:\Windows\system32\sppsvc.exe
14:31:37.0384 2672 sppsvc - ok
14:31:37.0415 2672 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify H:\Windows\system32\sppuinotify.dll
14:31:37.0430 2672 sppuinotify - ok
14:31:37.0462 2672 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv H:\Windows\system32\DRIVERS\srv.sys
14:31:37.0508 2672 srv - ok
14:31:37.0540 2672 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 H:\Windows\system32\DRIVERS\srv2.sys
14:31:37.0571 2672 srv2 - ok
14:31:37.0586 2672 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet H:\Windows\system32\DRIVERS\srvnet.sys
14:31:37.0633 2672 srvnet - ok
14:31:37.0664 2672 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV H:\Windows\System32\ssdpsrv.dll
14:31:37.0696 2672 SSDPSRV - ok
14:31:37.0711 2672 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc H:\Windows\system32\sstpsvc.dll
14:31:37.0758 2672 SstpSvc - ok
14:31:37.0774 2672 Steam Client Service - ok
14:31:37.0836 2672 [ 81F177C1954453AF407604160BD149CB ] Stereo Service H:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:31:37.0852 2672 Stereo Service - ok
14:31:37.0883 2672 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor H:\Windows\system32\drivers\stexstor.sys
14:31:37.0898 2672 stexstor - ok
14:31:37.0945 2672 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc H:\Windows\System32\wiaservc.dll
14:31:38.0008 2672 StiSvc - ok
14:31:38.0023 2672 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum H:\Windows\system32\DRIVERS\swenum.sys
14:31:38.0039 2672 swenum - ok
14:31:38.0086 2672 [ A28BD92DF340E57B024BA433165D34D7 ] swprv H:\Windows\System32\swprv.dll
14:31:38.0132 2672 swprv - ok
14:31:38.0164 2672 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain H:\Windows\system32\sysmain.dll
14:31:38.0210 2672 SysMain - ok
14:31:38.0226 2672 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService H:\Windows\System32\TabSvc.dll
14:31:38.0257 2672 TabletInputService - ok
14:31:38.0273 2672 [ 613BF4820361543956909043A265C6AC ] TapiSrv H:\Windows\System32\tapisrv.dll
14:31:38.0320 2672 TapiSrv - ok
14:31:38.0351 2672 [ B799D9FDB26111737F58288D8DC172D9 ] TBS H:\Windows\System32\tbssvc.dll
14:31:38.0398 2672 TBS - ok
14:31:38.0444 2672 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip H:\Windows\system32\drivers\tcpip.sys
14:31:38.0491 2672 Tcpip - ok
14:31:38.0507 2672 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 H:\Windows\system32\DRIVERS\tcpip.sys
14:31:38.0554 2672 TCPIP6 - ok
14:31:38.0569 2672 [ 74905EBCBB8CBDB1F3C0B1778BBCB4BC ] tcpipBM H:\Windows\system32\drivers\tcpipBM.sys
14:31:38.0585 2672 tcpipBM ( UnsignedFile.Multi.Generic ) - warning
14:31:38.0585 2672 tcpipBM - detected UnsignedFile.Multi.Generic (1)
14:31:38.0616 2672 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg H:\Windows\system32\drivers\tcpipreg.sys
14:31:38.0647 2672 tcpipreg - ok
14:31:38.0678 2672 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE H:\Windows\system32\drivers\tdpipe.sys
14:31:38.0694 2672 TDPIPE - ok
14:31:38.0710 2672 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP H:\Windows\system32\drivers\tdtcp.sys
14:31:38.0725 2672 TDTCP - ok
14:31:38.0756 2672 [ B459575348C20E8121D6039DA063C704 ] tdx H:\Windows\system32\DRIVERS\tdx.sys
14:31:38.0788 2672 tdx - ok
14:31:38.0803 2672 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD H:\Windows\system32\DRIVERS\termdd.sys
14:31:38.0819 2672 TermDD - ok
14:31:38.0850 2672 [ 382C804C92811BE57829D8E550A900E2 ] TermService H:\Windows\System32\termsrv.dll
14:31:38.0881 2672 TermService - ok
14:31:38.0912 2672 [ 59CFDA4EACB3788F8B17F87B49B0AC0E ] Themes H:\Windows\system32\themeservice.dll
14:31:38.0912 2672 Themes ( UnsignedFile.Multi.Generic ) - warning
14:31:38.0912 2672 Themes - detected UnsignedFile.Multi.Generic (1)
14:31:38.0928 2672 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER H:\Windows\system32\mmcss.dll
14:31:38.0959 2672 THREADORDER - ok
14:31:38.0959 2672 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks H:\Windows\System32\trkwks.dll
14:31:39.0006 2672 TrkWks - ok
14:31:39.0068 2672 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller H:\Windows\servicing\TrustedInstaller.exe
14:31:39.0131 2672 TrustedInstaller - ok
14:31:39.0162 2672 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv H:\Windows\system32\DRIVERS\tssecsrv.sys
14:31:39.0209 2672 tssecsrv - ok
14:31:39.0224 2672 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt H:\Windows\system32\drivers\tsusbflt.sys
14:31:39.0240 2672 TsUsbFlt - ok
14:31:39.0271 2672 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD H:\Windows\system32\drivers\TsUsbGD.sys
14:31:39.0287 2672 TsUsbGD - ok
14:31:39.0318 2672 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel H:\Windows\system32\DRIVERS\tunnel.sys
14:31:39.0365 2672 tunnel - ok
14:31:39.0380 2672 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 H:\Windows\system32\drivers\uagp35.sys
14:31:39.0396 2672 uagp35 - ok
14:31:39.0412 2672 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs H:\Windows\system32\DRIVERS\udfs.sys
14:31:39.0458 2672 udfs - ok
14:31:39.0505 2672 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect H:\Windows\system32\UI0Detect.exe
14:31:39.0536 2672 UI0Detect - ok
14:31:39.0552 2672 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx H:\Windows\system32\drivers\uliagpkx.sys
14:31:39.0568 2672 uliagpkx - ok
14:31:39.0583 2672 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus H:\Windows\system32\DRIVERS\umbus.sys
14:31:39.0599 2672 umbus - ok
14:31:39.0630 2672 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass H:\Windows\system32\drivers\umpass.sys
14:31:39.0677 2672 UmPass - ok
14:31:39.0692 2672 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost H:\Windows\System32\upnphost.dll
14:31:39.0755 2672 upnphost - ok
14:31:39.0786 2672 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL H:\Windows\system32\Drivers\usbaapl.sys
14:31:39.0833 2672 USBAAPL - ok
14:31:39.0864 2672 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp H:\Windows\system32\DRIVERS\usbccgp.sys
14:31:39.0880 2672 usbccgp - ok
14:31:39.0911 2672 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir H:\Windows\system32\drivers\usbcir.sys
14:31:39.0942 2672 usbcir - ok
14:31:39.0973 2672 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci H:\Windows\system32\DRIVERS\usbehci.sys
14:31:40.0020 2672 usbehci - ok
14:31:40.0051 2672 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub H:\Windows\system32\DRIVERS\usbhub.sys
14:31:40.0082 2672 usbhub - ok
14:31:40.0098 2672 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci H:\Windows\system32\drivers\usbohci.sys
14:31:40.0129 2672 usbohci - ok
14:31:40.0145 2672 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint H:\Windows\system32\drivers\usbprint.sys
14:31:40.0176 2672 usbprint - ok
14:31:40.0192 2672 [ F991AB9CC6B908DB552166768176896A ] USBSTOR H:\Windows\system32\DRIVERS\USBSTOR.SYS
14:31:40.0207 2672 USBSTOR - ok
14:31:40.0223 2672 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci H:\Windows\system32\DRIVERS\usbuhci.sys
14:31:40.0254 2672 usbuhci - ok
14:31:40.0270 2672 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms H:\Windows\System32\uxsms.dll
14:31:40.0301 2672 UxSms - ok
14:31:40.0332 2672 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc H:\Windows\system32\lsass.exe
14:31:40.0348 2672 VaultSvc - ok
14:31:40.0379 2672 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot H:\Windows\system32\drivers\vdrvroot.sys
14:31:40.0394 2672 vdrvroot - ok
14:31:40.0410 2672 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds H:\Windows\System32\vds.exe
14:31:40.0472 2672 vds - ok
14:31:40.0488 2672 [ 17C408214EA61696CEC9C66E388B14F3 ] vga H:\Windows\system32\DRIVERS\vgapnp.sys
14:31:40.0519 2672 vga - ok
14:31:40.0550 2672 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave H:\Windows\System32\drivers\vga.sys
14:31:40.0566 2672 VgaSave - ok
14:31:40.0597 2672 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp H:\Windows\system32\drivers\vhdmp.sys
14:31:40.0613 2672 vhdmp - ok
14:31:40.0628 2672 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp H:\Windows\system32\drivers\viaagp.sys
14:31:40.0644 2672 viaagp - ok
14:31:40.0660 2672 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 H:\Windows\system32\drivers\viac7.sys
14:31:40.0691 2672 ViaC7 - ok
14:31:40.0706 2672 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide H:\Windows\system32\drivers\viaide.sys
14:31:40.0722 2672 viaide - ok
14:31:40.0753 2672 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr H:\Windows\system32\drivers\volmgr.sys
14:31:40.0769 2672 volmgr - ok
14:31:40.0784 2672 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx H:\Windows\system32\drivers\volmgrx.sys
14:31:40.0816 2672 volmgrx - ok
14:31:40.0816 2672 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap H:\Windows\system32\drivers\volsnap.sys
14:31:40.0847 2672 volsnap - ok
14:31:40.0862 2672 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid H:\Windows\system32\drivers\vsmraid.sys
14:31:40.0878 2672 vsmraid - ok
14:31:40.0925 2672 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS H:\Windows\system32\vssvc.exe
14:31:41.0003 2672 VSS - ok
14:31:41.0018 2672 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus H:\Windows\System32\drivers\vwifibus.sys
14:31:41.0050 2672 vwifibus - ok
14:31:41.0081 2672 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time H:\Windows\system32\w32time.dll
14:31:41.0143 2672 W32Time - ok
14:31:41.0174 2672 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen H:\Windows\system32\drivers\wacompen.sys
14:31:41.0206 2672 WacomPen - ok
14:31:41.0237 2672 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP H:\Windows\system32\DRIVERS\wanarp.sys
14:31:41.0268 2672 WANARP - ok
14:31:41.0284 2672 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 H:\Windows\system32\DRIVERS\wanarp.sys
14:31:41.0299 2672 Wanarpv6 - ok
14:31:41.0377 2672 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc H:\Windows\system32\Wat\WatAdminSvc.exe
14:31:41.0440 2672 WatAdminSvc - ok
14:31:41.0486 2672 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine H:\Windows\system32\wbengine.exe
14:31:41.0533 2672 wbengine - ok
14:31:41.0549 2672 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc H:\Windows\System32\wbiosrvc.dll
14:31:41.0580 2672 WbioSrvc - ok
14:31:41.0596 2672 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc H:\Windows\System32\wcncsvc.dll
14:31:41.0627 2672 wcncsvc - ok
14:31:41.0642 2672 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService H:\Windows\System32\WcsPlugInService.dll
14:31:41.0674 2672 WcsPlugInService - ok
14:31:41.0705 2672 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd H:\Windows\system32\drivers\wd.sys
14:31:41.0720 2672 Wd - ok
14:31:41.0767 2672 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 H:\Windows\system32\drivers\Wdf01000.sys
14:31:41.0783 2672 Wdf01000 - ok
14:31:41.0798 2672 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost H:\Windows\system32\wdi.dll
14:31:41.0845 2672 WdiServiceHost - ok
14:31:41.0845 2672 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost H:\Windows\system32\wdi.dll
14:31:41.0861 2672 WdiSystemHost - ok
14:31:41.0908 2672 [ A9D880F97530D5B8FEE278923349929D ] WebClient H:\Windows\System32\webclnt.dll
14:31:41.0954 2672 WebClient - ok
14:31:41.0986 2672 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc H:\Windows\system32\wecsvc.dll
14:31:42.0017 2672 Wecsvc - ok
14:31:42.0032 2672 [ AC804569BB2364FB6017370258A4091B ] wercplsupport H:\Windows\System32\wercplsupport.dll
14:31:42.0079 2672 wercplsupport - ok
14:31:42.0095 2672 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc H:\Windows\System32\WerSvc.dll
14:31:42.0142 2672 WerSvc - ok
14:31:42.0157 2672 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf H:\Windows\system32\DRIVERS\wfplwf.sys
14:31:42.0188 2672 WfpLwf - ok
14:31:42.0220 2672 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount H:\Windows\system32\drivers\wimmount.sys
14:31:42.0235 2672 WIMMount - ok
14:31:42.0282 2672 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend H:\Program Files\Windows Defender\mpsvc.dll
14:31:42.0329 2672 WinDefend - ok
14:31:42.0344 2672 WinHttpAutoProxySvc - ok
14:31:42.0407 2672 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt H:\Windows\system32\wbem\WMIsvc.dll
14:31:42.0454 2672 Winmgmt - ok
14:31:42.0500 2672 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM H:\Windows\system32\WsmSvc.dll
14:31:42.0563 2672 WinRM - ok
14:31:42.0594 2672 [ A67E5F9A400F3BD1BE3D80613B45F708 ] winusb H:\Windows\system32\DRIVERS\winusb.sys
14:31:42.0641 2672 winusb - ok
14:31:42.0672 2672 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc H:\Windows\System32\wlansvc.dll
14:31:42.0719 2672 Wlansvc - ok
14:31:42.0734 2672 wlcrasvc - ok
14:31:42.0828 2672 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc H:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:31:42.0890 2672 wlidsvc - ok
14:31:42.0906 2672 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi H:\Windows\system32\drivers\wmiacpi.sys
14:31:42.0937 2672 WmiAcpi - ok
14:31:42.0968 2672 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv H:\Windows\system32\wbem\WmiApSrv.exe
14:31:43.0015 2672 wmiApSrv - ok
14:31:43.0078 2672 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc H:\Program Files\Windows Media Player\wmpnetwk.exe
14:31:43.0156 2672 WMPNetworkSvc - ok
14:31:43.0187 2672 WMZuneComm - ok
14:31:43.0218 2672 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc H:\Windows\System32\wpcsvc.dll
14:31:43.0280 2672 WPCSvc - ok
14:31:43.0280 2672 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum H:\Windows\system32\wpdbusenum.dll
14:31:43.0327 2672 WPDBusEnum - ok
14:31:43.0343 2672 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl H:\Windows\system32\drivers\ws2ifsl.sys
14:31:43.0374 2672 ws2ifsl - ok
14:31:43.0405 2672 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc H:\Windows\System32\wscsvc.dll
14:31:43.0421 2672 wscsvc - ok
14:31:43.0421 2672 WSearch - ok
14:31:43.0483 2672 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv H:\Windows\system32\wuaueng.dll
14:31:43.0530 2672 wuauserv - ok
14:31:43.0577 2672 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf H:\Windows\system32\drivers\WudfPf.sys
14:31:43.0608 2672 WudfPf - ok
14:31:43.0655 2672 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd H:\Windows\system32\DRIVERS\WUDFRd.sys
14:31:43.0702 2672 WUDFRd - ok
14:31:43.0733 2672 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc H:\Windows\System32\WUDFSvc.dll
14:31:43.0764 2672 wudfsvc - ok
14:31:43.0795 2672 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc H:\Windows\System32\wwansvc.dll
14:31:43.0826 2672 WwanSvc - ok
14:31:43.0904 2672 [ 24FB8DB6D1D55E2C5D0A53DFE48E6AF8 ] Yontoo Desktop Updater H:\Program Files\Yontoo Layers Runtime\Y2Desktop.Updater.exe
14:31:43.0904 2672 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - warning
14:31:43.0904 2672 Yontoo Desktop Updater - detected UnsignedFile.Multi.Generic (1)
14:31:43.0920 2672 ZuneNetworkSvc - ok
14:31:43.0936 2672 ZuneWlanCfgSvc - ok
14:31:43.0967 2672 ================ Scan global ===============================
14:31:43.0998 2672 [ DAB748AE0439955ED2FA22357533DDDB ] H:\Windows\system32\basesrv.dll
14:31:44.0045 2672 [ 1F5F07091D50244F17DD8D5147A628CC ] H:\Windows\system32\winsrv.dll
14:31:44.0060 2672 [ 1F5F07091D50244F17DD8D5147A628CC ] H:\Windows\system32\winsrv.dll
14:31:44.0092 2672 [ 364455805E64882844EE9ACB72522830 ] H:\Windows\system32\sxssrv.dll
14:31:44.0123 2672 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] H:\Windows\system32\services.exe
14:31:44.0123 2672 [Global] - ok
14:31:44.0123 2672 ================ Scan MBR ==================================
14:31:44.0138 2672 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:31:44.0404 2672 \Device\Harddisk0\DR0 - ok
14:31:44.0404 2672 ================ Scan VBR ==================================
14:31:44.0404 2672 [ 57E3F482BD6C367FA18C49AF69548CA0 ] \Device\Harddisk0\DR0\Partition1
14:31:44.0404 2672 \Device\Harddisk0\DR0\Partition1 - ok
14:31:44.0450 2672 [ 9F5A6A872184B363A93B0ACA159D82C2 ] \Device\Harddisk0\DR0\Partition2
14:31:44.0450 2672 \Device\Harddisk0\DR0\Partition2 - ok
14:31:44.0466 2672 [ 29FE1C801A1AED9F8C3C2C6EDF1DDC93 ] \Device\Harddisk0\DR0\Partition3
14:31:44.0466 2672 \Device\Harddisk0\DR0\Partition3 - ok
14:31:44.0497 2672 [ 4727F2F5F3E54533640937C9AE7DF880 ] \Device\Harddisk0\DR0\Partition4
14:31:44.0497 2672 \Device\Harddisk0\DR0\Partition4 - ok
14:31:44.0528 2672 [ 6FBDBCA440D593F3C1361D632B313630 ] \Device\Harddisk0\DR0\Partition5
14:31:44.0528 2672 \Device\Harddisk0\DR0\Partition5 - ok
14:31:44.0528 2672 ============================================================
14:31:44.0528 2672 Scan finished
14:31:44.0528 2672 ============================================================
14:31:44.0544 6056 Detected object count: 5
14:31:44.0544 6056 Actual detected object count: 5
14:32:04.0559 6056 BMLoad ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:04.0559 6056 BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:32:04.0559 6056 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:04.0559 6056 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:32:04.0559 6056 tcpipBM ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:04.0559 6056 tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:32:04.0559 6056 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:04.0559 6056 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:32:04.0559 6056 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:04.0559 6056 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip


danke

Alt 24.05.2013, 13:42   #13
markusg
/// Malware-holic
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



Hi,
ist nich nötig meine Beiträge komplett zu zitieren :-)
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 24.05.2013, 16:13   #14
Kungen686
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



Hejj, Du das läuft nun svhon seit ca 2h und lässt sich nicht mehr schließen

Alt 24.05.2013, 17:15   #15
markusg
/// Malware-holic
 
serach nu, bitte um hilfe - Standard

serach nu, bitte um hilfe



geht es weiter, also die Stufen, dann lass es laufen, ansonsten mal neustarten, f8 drücken, abgesicherter Modus wählen in deinem Konto anmelden und erneut ausführen, dann wieder in den normalen Modus starten und Log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu serach nu, bitte um hilfe
browser, empfehlen, fehlermeldungen, firefox, gutes, komplett, kostenlos, loswerden, mail, min, neu, problem, programm, search, seite, startseite, stürzt, tagen, täglich, versucht, virenprogramm, virus, windows, windows 7, ändern



Ähnliche Themen: serach nu, bitte um hilfe


  1. Befall von Maleware nach Download (u.a. Serach.New.Tab). GMER meldet Rootkit
    Log-Analyse und Auswertung - 02.11.2013 (14)
  2. Virus Dirty Decrypt Verschlüsselung Trojaner, alle Foto kann ich nicht aufmachen, bitte bitte Hilfe!!!
    Log-Analyse und Auswertung - 24.07.2013 (6)
  3. Delta Serach konnte nicht entfernt werden
    Log-Analyse und Auswertung - 17.04.2013 (2)
  4. Hilfe Mein forum wurde übernomen keine möglichkeiten rein zu kommen bitte um ideen und hilfe
    Diskussionsforum - 29.06.2012 (6)
  5. (3x) Bitte Bitte um Hilfe habe mir AKM Trojaner eingefangen brauche aber dringend meinen PC
    Mülltonne - 08.05.2012 (1)
  6. Hilfe Virus! Antivir, internet usw außer gefächt!!! Bitte um Hilfe
    Mülltonne - 15.07.2008 (0)
  7. "Free Downloads" Google Serach Trojaner ??!?
    Plagegeister aller Art und deren Bekämpfung - 26.02.2008 (1)
  8. Viren??Würmer..HILFE! Bitte um Hilfe bei der Auswertung meines hijackthis-log
    Mülltonne - 14.11.2007 (0)
  9. Oh man brauch so dringend Hilfe!!!! Virus?Spyware? Hilfe für einen Laien!Bitte!
    Log-Analyse und Auswertung - 13.06.2007 (6)
  10. SCVHOST.EXE Log file bitte checken! Bitte um hilfe
    Log-Analyse und Auswertung - 06.06.2007 (8)
  11. Ich bin verzweifelt bitte um Dringende Hilfe Bitte bitte
    Plagegeister aller Art und deren Bekämpfung - 08.01.2007 (11)
  12. Bitte, bitte Hilfe wegen Winfixer/ Errorsafe
    Plagegeister aller Art und deren Bekämpfung - 19.12.2006 (3)
  13. Bitte BITTE bitte HILFE log-file
    Log-Analyse und Auswertung - 18.01.2006 (1)
  14. HILFE, ich habe einige Trojaner - bitte um Eure Hilfe
    Log-Analyse und Auswertung - 01.12.2005 (2)
  15. hot-serach...nein danke...also HILFE, BITTE!!!
    Log-Analyse und Auswertung - 28.10.2005 (2)
  16. Schnauze voll von Aurora.brauche dringend hilfe bitte bitte
    Log-Analyse und Auswertung - 08.08.2005 (2)
  17. Hilfe,Hilfe,habe Probleme mit Norton Antivirus bitte helfen!!
    Plagegeister aller Art und deren Bekämpfung - 02.03.2004 (1)

Zum Thema serach nu, bitte um hilfe - hallo, ich bitte euch um hilfe. habe seit ca 4 tagen ein Problem mit meinem PC, ( Browser und Game.) Beim Browser kommen immer als Startseite ungewöhnliche Suchmaschienen, wie zb - serach nu, bitte um hilfe...
Archiv
Du betrachtest: serach nu, bitte um hilfe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.