misha2013 | 08.12.2012 10:43 | JAVA/Dldr.Lamar.OJ durch Avira Antivirus gefunden Hallo Trojaner-Board Team,
vielleicht könnt ihr mir weiterhelfen, da ich mir nicht sicher bin ob der gestern 07.12.2012 15:17 gefundene Trojaner vollständig entfernt wurde.
System:
Windows7 64bit
Fund durch Avira Antivirus Premium 2012 gefunden:
Die Datei 'C:\Users\mk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\6142ff7-3dc315b7'
enthielt einen Virus oder unerwünschtes Programm 'JAVA/Dldr.Lamar.OJ' [virus].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '574b5463.qua' verschoben!
Nachdem die Datei in Quarantäne verschoben wurde, ist bei den folgenden 2 Suchläufen nichts mehr gefunden worden.
defogger log: Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:22 on 08/12/2012 (mk)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=- OTL Log: Code:
OTL logfile created on: 08.12.2012 10:22:56 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mk\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,89 Gb Total Physical Memory | 5,66 Gb Available Physical Memory | 71,72% Memory free
15,78 Gb Paging File | 13,20 Gb Available in Paging File | 83,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 49,71 Gb Total Space | 5,65 Gb Free Space | 11,37% Space Free | Partition Type: NTFS
Drive D: | 61,98 Gb Total Space | 4,94 Gb Free Space | 7,97% Space Free | Partition Type: NTFS
Drive H: | 112,67 Gb Total Space | 47,29 Gb Free Space | 41,97% Space Free | Partition Type: NTFS
Computer Name: RIKA | User Name: mk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.12.08 10:00:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mk\Desktop\OTL.exe
PRC - [2012.10.19 20:46:22 | 000,144,896 | ---- | M] (Motorola Mobility Inc.) -- C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exe
PRC - [2012.10.19 20:46:00 | 000,240,056 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
PRC - [2012.10.08 16:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Programme\Tablet\Pen\WacomHost.exe
PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- D:\medien_archiv\_programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- D:\medien_archiv\_programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- D:\medien_archiv\_programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.11 10:29:57 | 003,729,400 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2012.09.07 20:36:46 | 000,087,992 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2012.08.23 02:50:22 | 000,403,888 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2012.08.23 02:49:48 | 006,049,096 | ---- | M] (Acronis) -- D:\medien_archiv\_programme\Acronis_True_Image2013\TrueImageHome\TrueImageMonitor.exe
PRC - [2012.08.18 20:22:02 | 007,027,752 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
PRC - [2012.07.30 13:15:36 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\medien_archiv\_programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.24 14:13:58 | 000,943,856 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
PRC - [2012.07.16 14:29:40 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\medien_archiv\_programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.07.16 14:29:11 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\medien_archiv\_programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.07.16 14:29:03 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\medien_archiv\_programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.07.16 14:29:01 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\medien_archiv\_programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.06.11 11:46:30 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2012.02.07 16:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.02.07 16:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.02.07 16:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.01.04 20:59:50 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011.12.15 02:02:52 | 000,184,320 | ---- | M] () -- D:\medien_archiv\_programme\InputDirector_1.3_KVM\InputDirectorSessionHelper.exe
PRC - [2011.12.15 02:02:24 | 000,593,920 | ---- | M] (Imperative Software Pty Ltd) -- D:\medien_archiv\_programme\InputDirector_1.3_KVM\InputDirector.exe
PRC - [2011.12.15 02:02:10 | 000,131,072 | ---- | M] (Imperative Software Pty Ltd) -- D:\medien_archiv\_programme\InputDirector_1.3_KVM\InputDirectorClipboardHelper.exe
PRC - [2011.12.15 02:01:54 | 000,036,864 | ---- | M] () -- D:\medien_archiv\_programme\InputDirector_1.3_KVM\IDWinService.exe
PRC - [2011.07.06 13:34:19 | 000,688,128 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2011.02.23 21:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2010.07.21 08:06:08 | 000,013,824 | ---- | M] () -- D:\medien_archiv\_programme\InputDirector_1.3_KVM\IDVistaService.exe
PRC - [2008.01.17 21:58:36 | 000,020,541 | ---- | M] (Apache Software Foundation) -- D:\medien_archiv\_programme\Apache2.0.63\Apache2\bin\Apache.exe
PRC - [2007.03.16 21:05:20 | 000,708,608 | ---- | M] (RaduKing) -- D:\medien_archiv\_programme\RK_Launcher\RKLauncher.exe
========== Modules (No Company Name) ==========
MOD - [2012.12.08 09:51:30 | 000,160,256 | ---- | M] () -- C:\Users\mk\AppData\Local\Temp\ZumoLocalGateway.dll3643273120618954303.lib
MOD - [2012.12.08 09:51:29 | 000,314,368 | ---- | M] () -- C:\Users\mk\AppData\Local\Temp\WindowsFolderWatcher.dll3025590802138436546.lib
MOD - [2012.12.08 09:51:27 | 000,205,824 | ---- | M] () -- C:\Users\mk\AppData\Local\Temp\WindowsAPI.dll8473015547848173143.lib
MOD - [2012.10.19 20:46:20 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideoscale.dll
MOD - [2012.10.19 20:46:20 | 000,061,952 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsttypefindfunctions.dll
MOD - [2012.10.19 20:46:20 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideobox.dll
MOD - [2012.10.19 20:46:20 | 000,054,784 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsmpte.dll
MOD - [2012.10.19 20:46:20 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvorbis.dll
MOD - [2012.10.19 20:46:20 | 000,051,712 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsubparse.dll
MOD - [2012.10.19 20:46:20 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavpack.dll
MOD - [2012.10.19 20:46:20 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavparse.dll
MOD - [2012.10.19 20:46:20 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvolume.dll
MOD - [2012.10.19 20:46:20 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideocrop.dll
MOD - [2012.10.19 20:46:20 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideorate.dll
MOD - [2012.10.19 20:46:20 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsty4menc.dll
MOD - [2012.10.19 20:46:18 | 000,531,968 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg4video.dll
MOD - [2012.10.19 20:46:18 | 000,363,008 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg2video.dll
MOD - [2012.10.19 20:46:18 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstisomp4.dll
MOD - [2012.10.19 20:46:18 | 000,207,872 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmatroska.dll
MOD - [2012.10.19 20:46:18 | 000,150,528 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegdemux.dll
MOD - [2012.10.19 20:46:18 | 000,132,608 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstogg.dll
MOD - [2012.10.19 20:46:18 | 000,119,296 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpegdemux.dll
MOD - [2012.10.19 20:46:18 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflv.dll
MOD - [2012.10.19 20:46:18 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstjpeg.dll
MOD - [2012.10.19 20:46:18 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegaudioparse.dll
MOD - [2012.10.19 20:46:18 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegtsmux.dll
MOD - [2012.10.19 20:46:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgio.dll
MOD - [2012.10.19 20:46:18 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstinterleave.dll
MOD - [2012.10.19 20:46:18 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstreplaygain.dll
MOD - [2012.10.19 20:46:18 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3tag.dll
MOD - [2012.10.19 20:46:18 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3demux.dll
MOD - [2012.10.19 20:46:18 | 000,029,696 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgdp.dll
MOD - [2012.10.19 20:46:18 | 000,029,184 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstpng.dll
MOD - [2012.10.19 20:46:18 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultipart.dll
MOD - [2012.10.19 20:46:18 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegvideoparse.dll
MOD - [2012.10.19 20:46:18 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultifile.dll
MOD - [2012.10.19 20:46:18 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstlevel.dll
MOD - [2012.10.19 20:46:18 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmulaw.dll
MOD - [2012.10.19 20:46:18 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstshift.dll
MOD - [2012.10.19 20:46:16 | 001,563,136 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3enc.dll
MOD - [2012.10.19 20:46:16 | 001,376,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3dec.dll
MOD - [2012.10.19 20:46:16 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflummssrc.dll
MOD - [2012.10.19 20:46:16 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumch264enc.dll
MOD - [2012.10.19 20:46:16 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumcaacenc.dll
MOD - [2012.10.19 20:46:14 | 002,009,600 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluh264dec.dll
MOD - [2012.10.19 20:46:14 | 001,694,208 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluaacdec.dll
MOD - [2012.10.19 20:46:14 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluasfdemux.dll
MOD - [2012.10.19 20:46:12 | 000,187,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstffmpegcolorspace.dll
MOD - [2012.10.19 20:46:12 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowsrcwrapper.dll
MOD - [2012.10.19 20:46:12 | 000,069,120 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflac.dll
MOD - [2012.10.19 20:46:12 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstequalizer.dll
MOD - [2012.10.19 20:46:10 | 000,212,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreelements.dll
MOD - [2012.10.19 20:46:10 | 000,123,904 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstavi.dll
MOD - [2012.10.19 20:46:10 | 000,091,136 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowdecwrapper.dll
MOD - [2012.10.19 20:46:10 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdecodebin2.dll
MOD - [2012.10.19 20:46:10 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioconvert.dll
MOD - [2012.10.19 20:46:10 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioresample.dll
MOD - [2012.10.19 20:46:10 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautoconvert.dll
MOD - [2012.10.19 20:46:10 | 000,029,184 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautodetect.dll
MOD - [2012.10.19 20:46:10 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudiorate.dll
MOD - [2012.10.19 20:46:10 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrnb.dll
MOD - [2012.10.19 20:46:10 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstauparse.dll
MOD - [2012.10.19 20:46:10 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcutter.dll
MOD - [2012.10.19 20:46:10 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstapetag.dll
MOD - [2012.10.19 20:46:10 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrwbdec.dll
MOD - [2012.10.19 20:46:10 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreindexers.dll
MOD - [2012.10.19 20:46:08 | 001,520,128 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbisenc-2.dll
MOD - [2012.10.19 20:46:08 | 001,396,736 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libxml2-2.dll
MOD - [2012.10.19 20:46:08 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libwavpack-1.dll
MOD - [2012.10.19 20:46:08 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\z.dll
MOD - [2012.10.19 20:46:08 | 000,048,640 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalpha.dll
MOD - [2012.10.19 20:46:08 | 000,038,400 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaiff.dll
MOD - [2012.10.19 20:46:08 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadder.dll
MOD - [2012.10.19 20:46:08 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalaw.dll
MOD - [2012.10.19 20:46:08 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalphacolor.dll
MOD - [2012.10.19 20:46:08 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadpcmdec.dll
MOD - [2012.10.19 20:46:06 | 000,471,552 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\liborc-0.4-0.dll
MOD - [2012.10.19 20:46:06 | 000,190,976 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libpng14-14.dll
MOD - [2012.10.19 20:46:06 | 000,162,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbis-0.dll
MOD - [2012.10.19 20:46:06 | 000,123,947 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrwb.0.1.1.dll
MOD - [2012.10.19 20:46:04 | 000,699,392 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstreamer-0.10.dll
MOD - [2012.10.19 20:46:04 | 000,276,992 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libjpeg-8.dll
MOD - [2012.10.19 20:46:04 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstbase-0.10.dll
MOD - [2012.10.19 20:46:04 | 000,248,352 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrnb.0.1.1.dll
MOD - [2012.10.19 20:46:04 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgsttag-0.10.dll
MOD - [2012.10.19 20:46:04 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstcontroller-0.10.dll
MOD - [2012.10.19 20:46:04 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstpbutils-0.10.dll
MOD - [2012.10.19 20:46:04 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstrtp-0.10.dll
MOD - [2012.10.19 20:46:04 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstinterfaces-0.10.dll
MOD - [2012.10.19 20:46:04 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstriff-0.10.dll
MOD - [2012.10.19 20:46:04 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstvideo-0.10.dll
MOD - [2012.10.19 20:46:04 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libogg-0.dll
MOD - [2012.10.19 20:46:04 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstdataprotocol-0.10.dll
MOD - [2012.10.19 20:46:02 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstaudio-0.10.dll
MOD - [2012.10.19 20:46:00 | 000,331,264 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libFLAC-8.dll
MOD - [2012.10.19 20:46:00 | 000,240,056 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
MOD - [2012.10.16 17:45:34 | 000,509,440 | ---- | M] () -- C:\Users\mk\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
MOD - [2012.08.23 02:35:38 | 013,873,200 | ---- | M] () -- D:\medien_archiv\_programme\Acronis_True_Image2013\TrueImageHome\ti_managers.dll
MOD - [2012.08.23 02:31:22 | 001,590,656 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\Home\icudt38.dll
MOD - [2012.08.16 15:10:28 | 007,865,439 | ---- | M] () -- D:\medien_archiv\_programme\K-Lite Codec Pack\Filters\LAV\avcodec-lav-54.dll
MOD - [2012.08.16 15:10:28 | 000,396,726 | ---- | M] () -- D:\medien_archiv\_programme\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll
MOD - [2012.08.16 15:10:28 | 000,235,961 | ---- | M] () -- D:\medien_archiv\_programme\K-Lite Codec Pack\Filters\LAV\avutil-lav-51.dll
MOD - [2012.08.16 15:10:28 | 000,166,436 | ---- | M] () -- D:\medien_archiv\_programme\K-Lite Codec Pack\Filters\LAV\avfilter-lav-3.dll
MOD - [2012.07.24 13:48:28 | 000,012,160 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
MOD - [2011.07.06 13:34:19 | 000,688,128 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2005.10.24 10:04:56 | 000,528,384 | ---- | M] () -- D:\medien_archiv\_programme\RK_Launcher\plugins\RKGenieEffectDX\RKGenieEffectDX.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.06.11 18:19:14 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.04.06 00:48:54 | 000,158,208 | ---- | M] (Samsung Electronics) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc2.exe -- (Samsung UPD Service2)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.11.14 14:45:32 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV - [2012.11.09 09:27:28 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\medien_archiv\_programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\medien_archiv\_programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.11 10:29:57 | 003,729,400 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012.09.07 20:36:46 | 000,087,992 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2012.08.23 02:50:44 | 001,127,432 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012.08.18 20:22:02 | 007,027,752 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2012.07.30 22:13:04 | 008,515,544 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Programme\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 19:54:46 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.16 21:12:22 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.07.16 19:24:13 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Users\mk\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2012.07.16 14:29:40 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\medien_archiv\_programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.07.16 14:29:11 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\medien_archiv\_programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.07.16 14:29:03 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\medien_archiv\_programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.07.16 14:29:01 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\medien_archiv\_programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.14 01:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.19 22:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.03.14 10:32:08 | 000,010,240 | ---- | M] (SeriousBit) [Auto | Running] -- D:\medien_archiv\_programme\NetBalancer\SeriousBit.NetBalancer.Service.exe -- (NetBalancerService)
SRV - [2012.02.07 16:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.02.07 16:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.02.07 16:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.02.02 21:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2011.12.15 02:01:54 | 000,036,864 | ---- | M] () [Auto | Running] -- D:\medien_archiv\_programme\InputDirector_1.3_KVM\IDWinService.exe -- (InputDirector)
SRV - [2010.07.21 08:06:08 | 000,013,824 | ---- | M] () [On_Demand | Running] -- D:\medien_archiv\_programme\InputDirector_1.3_KVM\IDVistaService.exe -- (IDVistaService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.14 23:23:10 | 008,399,488 | ---- | M] () [Auto | Running] -- D:\medien_archiv\_programme\mysql5\bin\mysqld.exe -- (MySQL)
SRV - [2008.01.17 21:58:36 | 000,020,541 | ---- | M] (Apache Software Foundation) [Auto | Running] -- D:\medien_archiv\_programme\Apache2.0.63\Apache2\bin\Apache.exe -- (Apache2)
SRV - [2007.05.31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.10.12 09:54:54 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012.10.12 09:20:38 | 000,081,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012.10.12 09:20:38 | 000,013,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.09.11 10:29:57 | 001,340,040 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2012.09.11 10:29:57 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2012.09.11 10:29:56 | 001,093,256 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:64bit: - [2012.09.11 10:29:56 | 000,228,488 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2012.09.11 10:29:56 | 000,166,024 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vidsflt.sys -- (vidsflt)
DRV:64bit: - [2012.09.11 10:29:55 | 000,340,104 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012.09.11 10:29:55 | 000,155,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2012.07.30 22:13:23 | 000,318,840 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2012.07.30 22:13:23 | 000,015,224 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2012.07.30 20:18:28 | 000,017,408 | ---- | M] (hxxp://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_6.3.40660.0.sys -- (DisplayLinkUsbPort)
DRV:64bit: - [2012.07.30 10:24:30 | 000,158,720 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2012.07.16 14:29:57 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.07.16 14:29:56 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.07.16 14:29:56 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.06.14 02:57:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2012.06.11 19:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.06.11 17:26:14 | 000,367,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.19 22:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.23 13:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.01.04 20:58:50 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.01.04 20:58:50 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.01.04 20:58:50 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011.12.05 20:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.10 00:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.09.29 10:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.08.17 08:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.08.17 08:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.08.17 08:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.08.17 08:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.05.18 15:57:32 | 000,041,256 | ---- | M] (SeriousBit) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nbdrv.sys -- (Nbdrv)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.09.30 23:16:34 | 000,013,312 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VKbms.sys -- (VKbms)
DRV:64bit: - [2010.08.17 18:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2009.10.30 12:39:54 | 000,460,864 | ---- | M] (BEHRINGER) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BUSB2902.sys -- (BEHRINGER_2902)
DRV:64bit: - [2009.10.30 12:39:54 | 000,049,728 | ---- | M] (BEHRINGER) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\busbwdm.sys -- (BUSB_AUDIO_WDM)
DRV:64bit: - [2009.10.30 09:53:50 | 000,010,880 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Abyssus.sys -- (Abyssus)
DRV:64bit: - [2009.09.10 08:50:16 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.06.27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.08.14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=18bd1b92-a9f6-4c86-b302-efc09dec5c46&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=18bd1b92-a9f6-4c86-b302-efc09dec5c46&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=18bd1b92-a9f6-4c86-b302-efc09dec5c46&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file:///D:/medien_archiv/wichtige_systemdatein/browser_startseite/gogo.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 28 8B 38 BA B2 65 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=18bd1b92-a9f6-4c86-b302-efc09dec5c46&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=18bd1b92-a9f6-4c86-b302-efc09dec5c46&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=18bd1b92-a9f6-4c86-b302-efc09dec5c46&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=d2ea1dac-e560-45dc-a41e-2b6683eff6a7&pid=murb&k=0
IE - HKCU\..\SearchScopes\{5308ED8A-F86C-41A5-BD64-E6A3FF5A970F}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d2ea1dac-e560-45dc-a41e-2b6683eff6a7&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{B15F9D09-B946-4E35-9449-63D802D18B3C}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d2ea1dac-e560-45dc-a41e-2b6683eff6a7&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{B23A44D6-99AC-44C7-87EC-BDEA55240A02}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d2ea1dac-e560-45dc-a41e-2b6683eff6a7&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{B2D1724F-010E-418D-B568-370DA16DACFC}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d2ea1dac-e560-45dc-a41e-2b6683eff6a7&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{CE7D5535-1587-4ACB-97AA-BDA9F4C9A1BF}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d2ea1dac-e560-45dc-a41e-2b6683eff6a7&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{E4B53C77-C41F-44E8-B66B-8583138E92CD}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d2ea1dac-e560-45dc-a41e-2b6683eff6a7&pid=murb&mode=bounce&k=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "file:///D:/medien_archiv/wichtige_systemdatein/browser_startseite/gogo.html"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: "217.20.20.78"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 8080
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: "217.20.20.78"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 8080
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: "217.20.20.78"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 8080
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.4
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.3
FF - prefs.js..extensions.enabledAddons: maps%40ovi.com:5.10.3.0
FF - prefs.js..extensions.enabledAddons: %7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.1.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..network.proxy.ftp: "217.20.20.78"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "217.20.20.78"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.socks: "217.20.20.78"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "217.20.20.78"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: D:\medien_archiv\_programme\Adob_Illustrator_64bit\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\medien_archiv\_programme\Picasa_Viewer\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\medien_archiv\_programme\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: D:\medien_archiv\_programme\Real_Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: D:\medien_archiv\_programme\Real_Player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: D:\medien_archiv\_programme\Real_Player\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: D:\medien_archiv\_programme\Adob_Illustrator_64bit\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: D:\medien_archiv\_programme\dradio-Recorder\npphonostarDetectNP.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\mk\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\mk\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\medien_archiv\_programme\mozilla_firefox_browser\components [2012.12.01 12:32:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: D:\medien_archiv\_programme\mozilla_firefox_browser\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: D:\medien_archiv\_programme\mozilla_thunderbird_email\components [2012.11.15 12:28:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: D:\medien_archiv\_programme\mozilla_thunderbird_email\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mail@shopping-preise.de: C:\Users\mk\AppData\Roaming\Mozilla\Firefox\Profiles\yp25ekof.default\extensions\mail@shopping-preise.de
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Users\mk\AppData\Roaming\Mozilla\Firefox\Profiles\yp25ekof.default\extensions\firejump@firejump.net
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: D:\medien_archiv\_programme\mozilla_firefox_browser\components [2012.12.01 12:32:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: D:\medien_archiv\_programme\mozilla_firefox_browser\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: D:\medien_archiv\_programme\mozilla_thunderbird_email\components [2012.11.15 12:28:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: D:\medien_archiv\_programme\mozilla_thunderbird_email\plugins
[2012.07.16 12:26:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\Extensions
[2012.10.16 07:42:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\Firefox\Profiles\yp25ekof.default\extensions
[2012.07.16 13:17:19 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\mk\AppData\Roaming\mozilla\Firefox\Profiles\yp25ekof.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012.07.16 13:17:19 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\mk\AppData\Roaming\mozilla\Firefox\Profiles\yp25ekof.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2012.07.16 13:17:19 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\mk\AppData\Roaming\mozilla\Firefox\Profiles\yp25ekof.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.07.16 13:17:16 | 000,000,000 | ---D | M] (Firefogg) -- C:\Users\mk\AppData\Roaming\mozilla\Firefox\Profiles\yp25ekof.default\extensions\firefogg@firefogg.org
[2012.10.12 07:20:50 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\mk\AppData\Roaming\mozilla\Firefox\Profiles\yp25ekof.default\extensions\firefox@ghostery.com
[2012.10.08 15:45:35 | 000,000,000 | ---D | M] (Nokia Maps 3D browser plugin) -- C:\Users\mk\AppData\Roaming\mozilla\Firefox\Profiles\yp25ekof.default\extensions\maps@ovi.com
[2012.07.24 10:07:17 | 000,109,964 | ---- | M] () (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\extensions\adblockpopups@jessehakanen.net.xpi
[2012.03.08 09:47:46 | 000,165,912 | ---- | M] () (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\extensions\artur.dubovoy@gmail.com.xpi
[2012.10.16 07:42:23 | 000,088,614 | ---- | M] () (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\extensions\extension@ciuvo.com.xpi
[2012.03.08 09:48:04 | 000,009,523 | ---- | M] () (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2012.07.21 20:41:06 | 000,015,162 | ---- | M] () (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi
[2011.12.19 11:29:06 | 000,096,307 | ---- | M] () (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi
[2011.08.24 13:31:54 | 000,413,408 | ---- | M] () (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2012.07.24 10:06:49 | 000,743,290 | ---- | M] () (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.12.13 10:58:24 | 000,042,336 | ---- | M] () (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi
[2012.07.25 07:44:14 | 000,000,003 | ---- | M] () (No name found) -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\extensions\maps@ovi.com\plugins\package.XPI
[2012.07.16 19:24:14 | 000,001,864 | ---- | M] () -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\searchplugins\{3EC4D8E4-D12C-4383-BC90-ADB4EC7F32A5}.xml
[2012.07.16 19:24:14 | 000,002,182 | ---- | M] () -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\searchplugins\{5F72D1EF-4E60-4B0E-850D-FAD17CCBE203}.xml
[2012.07.16 19:24:14 | 000,002,071 | ---- | M] () -- C:\Users\mk\AppData\Roaming\mozilla\firefox\profiles\yp25ekof.default\searchplugins\{F4698FF9-7375-4320-ACD4-E6028DF53F24}.xml
========== Chrome ==========
CHR - homepage: hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=18bd1b92-a9f6-4c86-b302-efc09dec5c46&affid=111583&searchtype=hp&babsrc=lnkry
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D2669653D7574662D38266F653D7574662D382661713D7426726C733D7B6D6F7A3A646973747269627574696F6E49447D3A7B6D6F7A3A6C6F63616C657D3A7B6D6F7A3A6F6666696369616C7D&st={searchTerms}&clid=d2ea1dac-e560-45dc-a41e-2b6683eff6a7&pid=murb&k=0
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=18bd1b92-a9f6-4c86-b302-efc09dec5c46&affid=111583&searchtype=hp&babsrc=lnkry
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\mk\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\mk\AppData\Local\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\mk\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\mk\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\medien_archiv\_programme\Quicktime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\medien_archiv\_programme\Quicktime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\medien_archiv\_programme\Quicktime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\medien_archiv\_programme\Quicktime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\medien_archiv\_programme\Quicktime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\medien_archiv\_programme\Quicktime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\medien_archiv\_programme\Quicktime\plugins\npqtplugin7.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Disabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Disabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = D:\medien_archiv\_programme\Real_Player\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = D:\medien_archiv\_programme\Real_Player\Netscape6\nprpplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\mk\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = D:\medien_archiv\_programme\Picasa_Viewer\npPicasa3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = D:\medien_archiv\_programme\Real_Player\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Users\mk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\mk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Mail = C:\Users\mk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\medien_archiv\_programme\Java\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\medien_archiv\_programme\Java\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\mk\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] D:\medien_archiv\_programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\medien_archiv\_programme\Acronis_True_Image2013\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [InputDirector] D:\medien_archiv\_programme\InputDirector_1.3_KVM\InputDirector.exe (Imperative Software Pty Ltd)
O4 - HKCU..\Run: [MotoCast] C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O4 - HKCU..\Run: [RK Launcher] D:\medien_archiv\_programme\RK_Launcher\RKLauncher.exe (RaduKing)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 [2012.10.15 16:17:51 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 [2012.10.15 16:17:51 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 [2012.10.16 15:48:35 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2012.10.15 16:17:51 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 [2012.10.15 16:17:51 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2012.10.15 16:17:51 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2012.10.15 16:17:51 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 [2012.10.15 16:17:51 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2012.10.15 16:17:51 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2012.10.15 16:17:51 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3 [2012.10.16 15:48:35 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 [2012.10.15 16:17:51 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2012.10.15 16:17:51 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2012.10.18 08:31:18 | 000,000,000 | ---D | M]
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Client auf Monitor & öffnen1 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: Client auf Monitor & öffnen2 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Client auf Monitor & öffnen1 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Client auf Monitor & öffnen2 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9:64bit: - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "D:\medien_archiv\_programme\Fiddler_Webproxy\Fiddler2\Fiddler.exe" File not found
O9:64bit: - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "D:\medien_archiv\_programme\Fiddler_Webproxy\Fiddler2\Fiddler.exe" File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\medien_archiv\_programme\icq_7M\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\medien_archiv\_programme\icq_7M\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - D:\medien_archiv\_programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: samsungsetup.com ([www] http in Vertrauenswürdige Sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B5ACC06-4C8B-4C57-98D6-32CA7F9DC2B7}: NameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5d88117b-1696-11e2-b82e-10bf48bc556a}\Shell - "" = AutoRun
O33 - MountPoints2\{5d88117b-1696-11e2-b82e-10bf48bc556a}\Shell\AutoRun\command - "" = F:\MotorolaDeviceManagerSetup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.08 10:00:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mk\Desktop\OTL.exe
[2012.11.28 14:34:54 | 000,000,000 | R--D | C] -- C:\Users\mk\Documents\Notes
[2012.11.28 14:30:36 | 000,000,000 | ---D | C] -- C:\Users\mk\AppData\Roaming\WTablet
[2012.11.28 14:30:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins
[2012.11.28 14:30:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo
[2012.11.28 14:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins
[2012.11.28 14:30:21 | 000,015,776 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys
[2012.11.28 14:30:20 | 000,081,312 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wachidrouter.sys
[2012.11.28 14:30:20 | 000,013,728 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\hidkmdf.sys
[2012.11.28 14:30:14 | 001,981,824 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll
[2012.11.28 14:30:14 | 001,974,656 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll
[2012.11.28 14:30:14 | 001,844,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll
[2012.11.28 14:30:14 | 001,841,024 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\WacomMT.dll
[2012.11.28 14:30:14 | 001,629,056 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll
[2012.11.28 14:30:14 | 001,621,888 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
[2012.11.28 14:30:14 | 001,510,272 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll
[2012.11.28 14:30:14 | 001,506,176 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\WacomMT.dll
[2012.11.28 14:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet
[2012.11.15 12:33:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.15 12:28:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.08 10:22:40 | 000,000,000 | ---- | M] () -- C:\Users\mk\defogger_reenable
[2012.12.08 10:00:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mk\Desktop\OTL.exe
[2012.12.08 09:58:17 | 000,013,408 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.08 09:58:17 | 000,013,408 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.08 09:57:59 | 000,050,477 | ---- | M] () -- C:\Users\mk\Desktop\Defogger.exe
[2012.12.08 09:56:06 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.08 09:56:06 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.08 09:56:06 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.08 09:56:06 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.08 09:56:06 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.08 09:51:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.08 09:50:57 | 2057,867,263 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.07 23:48:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.07 23:34:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3704734803-2889074234-2623126078-1000UA.job
[2012.12.07 13:47:46 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3704734803-2889074234-2623126078-1000Core.job
[2012.12.07 12:21:14 | 000,000,251 | ---- | M] () -- C:\Users\mk\Desktop\warentest Adv.URL
[2012.12.07 11:01:06 | 000,000,216 | ---- | M] () -- C:\Users\mk\Desktop\netc adv 2012.URL
[2012.12.06 09:51:16 | 000,000,132 | ---- | M] () -- C:\Users\mk\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.12.02 14:05:14 | 000,000,259 | ---- | M] () -- C:\Users\mk\Desktop\10 tips for des mobile web.URL
[2012.11.28 14:30:21 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf
[2012.11.24 12:09:55 | 011,042,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.22 15:36:49 | 000,000,218 | ---- | M] () -- C:\Users\mk\AppData\Local\recently-used.xbel
[2012.11.20 15:53:29 | 000,000,065 | ---- | M] () -- C:\Users\mk\Desktop\Shadowmans Homepage - Daft Punk Coffee Table.URL
[2012.11.19 14:15:05 | 000,000,094 | ---- | M] () -- C:\Users\mk\Desktop\neosmart STREAM 1.0.URL
[2012.11.18 18:43:14 | 000,000,172 | ---- | M] () -- C:\Users\mk\Desktop\Basic Band 1-10 eBay.URL
[2012.11.15 16:09:25 | 000,000,082 | ---- | M] () -- C:\Users\mk\Desktop\Mac (OSX) emulator für Windows 7 - ComputerBase Forum.URL
[2012.11.15 09:21:07 | 000,000,127 | ---- | M] () -- C:\Users\mk\Desktop\Bildbetrachter Gucki.URL
[2012.11.14 14:45:34 | 001,981,824 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll
[2012.11.14 14:45:34 | 001,974,656 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll
[2012.11.14 14:45:34 | 001,844,096 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll
[2012.11.14 14:45:34 | 001,841,024 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysNative\WacomMT.dll
[2012.11.14 14:45:32 | 001,510,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll
[2012.11.14 14:45:32 | 001,506,176 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\WacomMT.dll
[2012.11.14 14:45:30 | 001,629,056 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll
[2012.11.14 14:45:30 | 001,621,888 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
[2012.11.13 12:29:22 | 007,721,362 | ---- | M] () -- C:\Users\mk\Desktop\bluemotion.psd
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.08 09:58:28 | 000,000,000 | ---- | C] () -- C:\Users\mk\defogger_reenable
[2012.12.08 09:57:59 | 000,050,477 | ---- | C] () -- C:\Users\mk\Desktop\Defogger.exe
[2012.12.07 12:16:14 | 000,000,251 | ---- | C] () -- C:\Users\mk\Desktop\warentest Adv.URL
[2012.12.07 11:01:06 | 000,000,216 | ---- | C] () -- C:\Users\mk\Desktop\netc adv 2012.URL
[2012.12.02 14:05:14 | 000,000,259 | ---- | C] () -- C:\Users\mk\Desktop\10 tips for des mobile web.URL
[2012.11.28 14:30:21 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf
[2012.11.22 15:36:49 | 000,000,218 | ---- | C] () -- C:\Users\mk\AppData\Local\recently-used.xbel
[2012.11.20 15:53:29 | 000,000,065 | ---- | C] () -- C:\Users\mk\Desktop\Shadowmans Homepage - Daft Punk Coffee Table.URL
[2012.11.19 14:15:05 | 000,000,094 | ---- | C] () -- C:\Users\mk\Desktop\neosmart STREAM 1.0.URL
[2012.11.18 18:43:14 | 000,000,172 | ---- | C] () -- C:\Users\mk\Desktop\Basic Band 1-10 eBay.URL
[2012.11.15 16:09:25 | 000,000,082 | ---- | C] () -- C:\Users\mk\Desktop\Mac (OSX) emulator für Windows 7 - ComputerBase Forum.URL
[2012.11.15 09:21:07 | 000,000,127 | ---- | C] () -- C:\Users\mk\Desktop\Bildbetrachter Gucki.URL
[2012.11.13 12:27:42 | 007,721,362 | ---- | C] () -- C:\Users\mk\Desktop\bluemotion.psd
[2012.09.17 09:58:57 | 000,000,037 | ---- | C] () -- C:\Windows\SWFConverter.INI
[2012.09.17 09:58:55 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.09.17 09:58:55 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.09.17 09:24:04 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.09.16 12:38:09 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.12 07:03:50 | 000,001,500 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012.08.31 18:38:55 | 000,493,432 | ---- | C] () -- C:\Windows\ssndii.exe
[2012.08.30 12:21:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumdfb9.dll
[2012.08.30 12:21:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumdfb11.dll
[2012.08.30 12:21:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumdfb10.dll
[2012.08.30 12:21:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2012.08.30 12:21:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
[2012.08.30 12:21:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2012.07.27 09:07:40 | 000,000,132 | ---- | C] () -- C:\Users\mk\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.07.19 15:52:19 | 000,000,132 | ---- | C] () -- C:\Users\mk\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012.07.19 14:09:56 | 000,000,132 | ---- | C] () -- C:\Users\mk\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012.07.17 11:30:35 | 000,000,469 | ---- | C] () -- C:\Users\mk\AppData\Roaming\Poladroid prefs.plist
[2012.07.16 21:01:09 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2012.07.16 19:24:17 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012.07.16 18:33:11 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\Msvcrt10.dll
[2012.07.16 18:33:07 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\adistres.dll
[2012.07.16 18:21:49 | 001,558,432 | ---- | C] () -- C:\Windows\TotalUninstaller.exe
[2012.07.16 12:18:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.16 11:09:46 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.07.16 11:09:44 | 000,037,114 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.06.14 02:57:26 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2012.06.11 17:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.06.11 17:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.10 15:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.03.19 22:37:12 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.03.19 22:37:12 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.03.19 22:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.03.19 21:23:38 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.02.02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.08.05 19:50:59 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\.minecraft
[2012.09.11 10:30:17 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\Acronis
[2012.11.06 12:44:28 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\Audacity
[2012.07.23 13:33:14 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\Avery
[2012.08.02 11:57:29 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\Charles
[2012.10.10 11:40:04 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.09.11 17:47:43 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\com.adobe.ExMan
[2012.07.16 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\DesktopIconForAmazon
[2012.07.17 14:30:36 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\elsterformular
[2012.11.06 08:26:57 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\fltk.org
[2012.07.16 15:25:25 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\FreePDF
[2012.09.24 13:05:37 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\GoPal Assistant
[2012.09.19 16:11:32 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\gpdf2swf
[2012.11.25 15:34:49 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\HandBrake
[2012.07.16 14:00:42 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\Helios
[2012.07.17 13:57:26 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\IcoFX
[2012.12.06 16:16:12 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\ICQ
[2012.07.17 14:28:36 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\inkscape
[2012.07.16 18:31:28 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\InterTrust
[2012.07.16 13:32:54 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\KeePass
[2012.12.08 09:51:29 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\MotoCast
[2012.10.16 17:45:05 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\Motorola
[2012.10.15 11:34:14 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\Motorola Mobility
[2012.07.17 13:59:15 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\MySQL
[2012.07.16 19:24:13 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\OCS
[2012.10.18 10:05:06 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\OpenCandy
[2012.07.16 19:24:14 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\Opera
[2012.10.10 13:21:22 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\PDAppFlex
[2012.07.26 10:52:38 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\RotMG.Production
[2012.07.16 18:51:46 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.07.16 13:11:56 | 000,000,000 | ---D | M] -- C:\Users\mk\AppData\Roaming\Thunderbird
========== Purity Check ==========
< End of report > |