Trojaner-Board - Malwarebytes Anti-Malware Scan findet zwei Viren

Beitrag 8 nochmals durchgeführt

als Normal-Fix
und
Quick-Fix

Code:

OTL logfile created on: 28.11.2013 12:14:14 - Run 3

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\michael\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,99 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 49,58% Memory free

6,19 Gb Paging File | 4,73 Gb Available in Paging File | 76,37% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 277,96 Gb Total Space | 140,65 Gb Free Space | 50,60% Space Free | Partition Type: NTFS

Drive D: | 20,12 Gb Total Space | 11,23 Gb Free Space | 55,84% Space Free | Partition Type: FAT32

 

Computer Name: MICHAEL-PC | User Name: michael | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2013.11.25 09:08:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\michael\Downloads\OTL.exe

PRC - [2013.11.06 02:55:46 | 000,845,168 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

PRC - [2013.11.06 02:55:38 | 001,564,528 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe

PRC - [2013.10.23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe

PRC - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe

PRC - [2013.10.23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2013.10.09 16:13:42 | 000,836,160 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe

PRC - [2013.10.09 16:13:42 | 000,166,976 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoLauncherService.exe

PRC - [2013.10.09 16:13:40 | 001,233,472 | ---- | M] (Soluto) -- C:\Program Files\Soluto\Soluto.exe

PRC - [2013.10.09 16:10:06 | 001,667,584 | ---- | M] (GlavSoft LLC.) -- C:\Program Files\Soluto\SolutoRemoteService.exe

PRC - [2013.08.14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

PRC - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2013.04.04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2013.02.21 13:09:10 | 000,065,536 | ---- | M] () -- C:\Windows\System32\afasrv32.exe

PRC - [2012.12.29 11:26:54 | 001,260,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

PRC - [2012.12.29 09:26:22 | 000,873,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

PRC - [2012.12.29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

PRC - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE

PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2009.12.02 23:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe

PRC - [2009.09.02 08:44:22 | 000,315,478 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe

PRC - [2009.09.02 08:41:24 | 001,466,476 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe

PRC - [2009.09.02 08:41:06 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe

PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

PRC - [2008.12.09 08:32:06 | 000,055,120 | ---- | M] (NewSoft Technology Corporation) -- C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe

PRC - [2008.11.09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

PRC - [2008.11.03 14:21:18 | 000,030,544 | ---- | M] (NewSoft Technology Corporation) -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe

PRC - [2008.08.29 20:11:38 | 002,436,392 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec\VITAKEY\CompPtcVUI.exe

PRC - [2008.08.29 20:11:38 | 002,180,392 | ---- | M] () -- C:\Program Files\EgisTec\VITAKEY\BASVC.exe

PRC - [2008.08.28 15:03:22 | 000,233,472 | ---- | M] () -- C:\Windows\tsnp2uvc.exe

PRC - [2008.08.04 16:45:56 | 000,304,688 | ---- | M] (EgisTec Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe

PRC - [2008.05.24 13:34:28 | 000,026,448 | ---- | M] (NewSoft Technology Corporation) -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe

PRC - [2008.04.15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2008.04.15 17:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2008.03.21 12:16:20 | 000,344,064 | ---- | M] () -- C:\Program Files\ScanWizard 5\ScannerFinder.exe

PRC - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe

PRC - [2006.12.19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe

PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2013.11.22 19:51:34 | 014,972,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\642ba04dfd0cf6b5a4bd768ab404eb4f\Kies.Theme.ni.dll

MOD - [2013.11.22 19:51:33 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\9e97c3b33aa7fb9d900bca4f6d93ec9e\DummyStorePlugin.ni.dll

MOD - [2013.11.22 19:51:32 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\dcd008a3fba48090b7a4e6e4a5e7b20a\DeviceStoryAlbum.ni.dll

MOD - [2013.11.22 19:51:31 | 000,616,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\eeefdbf91e99a91bf0f1948d5fd68d87\DevicePodcast.ni.dll

MOD - [2013.11.22 19:51:30 | 000,301,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\3466f424f84c9d58703c8d49e3cec991\DeviceVideo.ni.dll

MOD - [2013.11.22 19:51:29 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\f8e9e990d7da96e9307421d5a315b2c2\DevicePhoto.ni.dll

MOD - [2013.11.22 19:51:28 | 000,308,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\330e21cf540e1aa133c80efc7eb9b134\DeviceMusic.ni.dll

MOD - [2013.11.22 19:51:26 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\b6dbdf0a1deb9bb640437d640b42d4e9\VideoManager.ni.dll

MOD - [2013.11.22 19:51:25 | 000,807,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\0c2f7492807cfcfe18ea06ce6acc909c\PhotoManager.ni.dll

MOD - [2013.11.22 19:51:23 | 001,993,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\8bdb875a966da6a46b121bb480b90510\Phonebook.ni.dll

MOD - [2013.11.22 19:51:20 | 000,207,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\9a0aa4c727254e57018d6618310763d2\StoryAlbumManager.ni.dll

MOD - [2013.11.22 19:51:19 | 000,945,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\1199d9d5982b9c9e09a68ff0a5c8c709\MusicManager.ni.dll

MOD - [2013.11.22 19:51:18 | 000,404,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\2cd3ab735bdeddcc09727d40c2c2d8a2\BATPlugin.ni.dll

MOD - [2013.11.22 19:51:16 | 000,534,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\da4a656f5af4ca1cb53934034314853e\Kies.Common.MediaDB.ni.dll

MOD - [2013.11.22 19:51:16 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\6e02e15174282cb0ddd24edfe74eb58b\Kies.Common.StoreManager.ni.dll

MOD - [2013.11.22 19:51:15 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\2c2dbe86884ed4a0f6ad598beae9699f\Kies.Common.AllShare.ni.dll

MOD - [2013.11.22 19:51:14 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\c3d1340662ee751e8d733de79da14ebd\Kies.Common.DBManager.ni.dll

MOD - [2013.11.22 19:51:13 | 000,110,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\6b1bd95506210a735156fd15f42262fa\Kies.Common.CRMManager.ni.dll

MOD - [2013.11.22 19:51:12 | 001,150,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\269bf7229a2bdccf2fac6ae1f9514060\Podcaster.ni.dll

MOD - [2013.11.22 19:51:10 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a6fc5e998baff5bb685990cb2d7eaac1\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll

MOD - [2013.11.22 19:51:09 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\218d40e918840027f02f89b6286f3da6\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll

MOD - [2013.11.22 19:51:09 | 000,178,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\4c137894061073dafac4b63132301fba\Interop.DevFileServiceLib.ni.dll

MOD - [2013.11.22 19:51:08 | 000,581,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1b40bd018e69bfb3e081df88e2547003\Kies.Common.DeviceServiceLib.FileService.ni.dll

MOD - [2013.11.22 19:51:07 | 001,226,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c4618a76c264bd85178296bb92391319\Kies.Common.DeviceService.ni.dll

MOD - [2013.11.22 19:51:04 | 001,002,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\d785f2e0cdc6d8873b86b6b266a4913d\DeviceCommonLib.ni.dll

MOD - [2013.11.22 19:51:03 | 000,750,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\ea8968244daac8c5873aa87235a7b49d\Kies.Plugin.ContentsManagerLib.ni.dll

MOD - [2013.11.22 19:51:01 | 000,206,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\25bfc8f9251c5d14e0deeca8cb047efe\Kies.Common.MainUI.ni.dll

MOD - [2013.11.22 19:50:54 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\fb36527133c6a9e51f53aab9ca2faabe\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll

MOD - [2013.11.22 19:50:53 | 000,940,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\80b0d9d062e12555279d83988d066d4b\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll

MOD - [2013.11.22 19:50:51 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\97feb913f82b178f436c759ba72a827f\Interop.PRPLAYERCORELib.ni.dll

MOD - [2013.11.22 19:50:50 | 002,221,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\38aa59acafca02f45ea4a74f287bb68a\Kies.Common.Multimedia.ni.dll

MOD - [2013.11.22 19:50:45 | 000,640,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\6b9eaab90feb84cec955aa5d2e9c2e80\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll

MOD - [2013.11.22 19:50:45 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\891822cfc054262435c02192bb220192\Kies.Common.DeviceServiceLib.Interface.ni.dll

MOD - [2013.11.22 19:50:38 | 007,192,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\ab72498f92b57b4621fd64b22c85815d\DeviceHost.ni.dll

MOD - [2013.11.22 19:50:29 | 000,315,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\2bcad8b67324e46ce281141cf9bb8043\Kies.Common.Util.ni.dll

MOD - [2013.11.22 19:50:28 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\8d5eca0d35b2a052e3a117cdf708a252\Interop.DeviceSearchLib.ni.dll

MOD - [2013.11.22 19:50:27 | 001,734,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c00186c7088636f481c1a2ec57faade5\Kies.Locale.ni.dll

MOD - [2013.11.22 19:50:26 | 001,952,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\abbba0f399508efdbeaf78b2e2fa7b03\Kies.UI.ni.dll

MOD - [2013.11.22 19:50:26 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\6f25a20174765872519f821c6c68bfda\Kies.MVVM.ni.dll

MOD - [2013.11.22 19:50:22 | 001,288,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\12c56c6f281e94ee5ff88ecd3b72b8d5\Kies.Interface.ni.dll

MOD - [2013.11.22 19:50:19 | 002,183,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\823d395f518a40bab1ba61d5bcca005b\Kies.ni.exe

MOD - [2013.10.10 11:07:11 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPostBootResources\a3c7d703aac11b9613b4ec2b9499fe27\PCGPostBootResources.ni.dll

MOD - [2013.10.10 11:07:10 | 000,061,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGHIDProbe\d808faa10b1aea52e3ba7338b934faeb\PCGHIDProbe.ni.dll

MOD - [2013.10.10 11:07:08 | 000,045,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGRSPProbe\e2aedb04b2ecfadf9f3e25b37db2a7de\PCGRSPProbe.ni.dll

MOD - [2013.10.10 11:07:06 | 000,210,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\a66c8fb1112a35ea5b167c63fc229762\PCGBootVisualizingCommon.ni.dll

MOD - [2013.10.10 11:07:02 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\4b559204a51e98c622e88c9e59cff88c\PCGDriverProbe.ni.dll

MOD - [2013.10.10 11:07:00 | 002,327,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\fea40edf5e90ea9176de6bb2b1ef5ad3\Community.CsharpSqlite.ni.dll

MOD - [2013.10.10 11:06:57 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGWuInfo\cc61d922797993ad22d12f24cea26fd5\PCGWuInfo.ni.dll

MOD - [2013.10.10 11:06:56 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\1cc564468f371f8f0209f230fa6679ec\Interop.IWshRuntimeLibrary.ni.dll

MOD - [2013.10.10 11:06:54 | 000,070,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\ba911318808ac46ccaa23b7948d55485\PCGUsersCenter.ni.dll

MOD - [2013.10.10 11:06:52 | 000,178,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\7d64c748a9d22e3d6e0b955b652081fa\PCGAppControlPluginLoader.ni.dll

MOD - [2013.10.10 11:06:51 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\4869c29247a668106dbff885f8d0a69d\PCGConfiguration.ni.dll

MOD - [2013.10.10 11:06:46 | 003,957,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDatabase\5801b3422fdecce9bebdd46a9e12d7af\PCGDatabase.ni.dll

MOD - [2013.10.10 11:06:38 | 001,340,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGCommunication\9c17f215c0729695bf3aef31d77889ad\PCGCommunication.ni.dll

MOD - [2013.10.10 11:06:22 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\479e5c8c45c4c774cfe0534e5857421f\PCGAzureEntityFramework.ni.dll

MOD - [2013.10.10 11:06:19 | 001,913,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\6f7fde1b6429e3f44aefa069fdaee688\PCGAzureShared.ni.dll

MOD - [2013.10.10 11:06:16 | 004,574,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\5c49b4b7de8da145abcafc75e3751b82\PCGClientCommon.ni.dll

MOD - [2013.10.10 11:05:57 | 002,845,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\76c2bd9ee1f5ffc30dc759f8724fdbeb\PCGPreCompiled.ni.dll

MOD - [2013.10.10 11:05:53 | 000,267,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPrestoSerializer\deb9987f7dbcd4eac8a30a6219a38480\PCGPrestoSerializer.ni.dll

MOD - [2013.10.10 11:05:52 | 000,596,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\162c64fffc7e69ab237b6486e3e5b3a7\Ionic.Zip.Reduced.ni.dll

MOD - [2013.10.10 11:05:51 | 002,128,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\c7d17aafbcdcc3aa47f35d53f325bda8\Newtonsoft.Json.Net35.ni.dll

MOD - [2013.10.10 11:05:38 | 003,312,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGFramework\f378fe18493c7c17e85418e8d33cce5e\PCGFramework.ni.dll

MOD - [2013.10.10 11:05:31 | 001,725,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Soluto\f4e66fb093ea6066de39f10c73d7fd0b\Soluto.ni.exe

MOD - [2013.10.09 20:20:03 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll

MOD - [2013.10.09 16:10:06 | 000,077,376 | ---- | M] () -- C:\Program Files\Soluto\PCGDllExportInspector.dll

MOD - [2013.10.09 12:41:06 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll

MOD - [2013.10.09 12:40:49 | 002,518,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\3815d0ee28da0b5a6e6c1f083ef437f6\System.Data.Linq.ni.dll

MOD - [2013.10.09 12:40:34 | 002,295,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\ab40b51ac49fbee9a48b5b74ff78d5d6\System.Core.ni.dll

MOD - [2013.10.09 04:45:31 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\6cfb6056dfe610b88af47c21a80026b7\GongSolutions.Wpf.DragDrop.ni.dll

MOD - [2013.10.09 04:39:45 | 018,022,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e9147e4c70d4e387dc4aea59ce0a219a\PresentationFramework.ni.dll

MOD - [2013.10.09 04:39:29 | 011,527,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\99bbd3424207d205e9e680fa712dba04\PresentationCore.ni.dll

MOD - [2013.10.09 04:39:18 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b1ff5e4a64c0bb0a9b039aaefcde5ea7\WindowsBase.ni.dll

MOD - [2013.10.09 04:39:09 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\55c245966c0b23a47587c18681457e48\System.Core.ni.dll

MOD - [2013.10.09 04:39:01 | 001,014,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\85a501f8b0cb271f1bfab6532523ac3c\System.Configuration.ni.dll

MOD - [2013.08.15 08:08:25 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1bf91944c0a39048bb079c5d81f90529\System.Runtime.Serialization.ni.dll

MOD - [2013.08.15 08:07:47 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll

MOD - [2013.08.15 08:07:44 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll

MOD - [2013.08.14 16:13:23 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll

MOD - [2013.08.14 16:10:03 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll

MOD - [2013.08.14 16:01:40 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll

MOD - [2013.08.14 15:11:15 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\c5efe841e2998c266e0f5e29bed04b55\ASF_cSharpAPI.ni.dll

MOD - [2013.08.14 15:09:45 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d8f4106eee38420ac5eda7d630dc53fc\System.ServiceProcess.ni.dll

MOD - [2013.08.14 15:08:50 | 000,770,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\f17c7bc239be0eb7661cbcd3cff1ea16\System.Runtime.Remoting.ni.dll

MOD - [2013.08.14 15:08:27 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\c8648331484537c338fe2b606a9db8b7\System.Xaml.ni.dll

MOD - [2013.08.14 15:04:10 | 005,628,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b7285e9f3d19a05d5cc2c049e451685d\System.Xml.ni.dll

MOD - [2013.08.14 15:04:04 | 009,100,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\08c630893416f3379c9455870908ad6c\System.ni.dll

MOD - [2013.07.21 23:58:41 | 002,052,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MOD - [2013.07.21 23:58:40 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll

MOD - [2013.07.12 08:20:48 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\0cd09e4839a2bfe65311191d2e61c698\Interop.OGGFileInfoCOMLib.ni.dll

MOD - [2013.07.12 08:20:47 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\be9d4a331a41a83465c56b735845c86b\Interop.MP3FileInfoCOMLib.ni.dll

MOD - [2013.07.12 08:20:46 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\a474771ad225ef2b83d38a86a160ed53\Interop.P3MPINTERFACECTRLLib.ni.dll

MOD - [2013.07.12 08:20:15 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\abebd90a3673cde0cd3a1b81a9f18f86\CabLib.ni.dll

MOD - [2013.07.12 01:24:04 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\2cd2c82bbe22932ed5b4d51c3b5059eb\CustomMarshalers.ni.dll

MOD - [2013.07.11 16:37:56 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll

MOD - [2013.07.11 16:21:13 | 014,418,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a01e07e47ecdd94ae099e8c4bf650516\mscorlib.ni.dll

MOD - [2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

MOD - [2012.10.05 11:59:03 | 003,194,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

MOD - [2012.02.22 20:49:56 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll

MOD - [2009.06.27 18:14:15 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll

MOD - [2009.04.11 07:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll

MOD - [2009.03.30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll

MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

MOD - [2009.03.30 05:42:11 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

MOD - [2008.08.28 15:03:22 | 000,233,472 | ---- | M] () -- C:\Windows\tsnp2uvc.exe

MOD - [2008.03.21 12:16:20 | 000,344,064 | ---- | M] () -- C:\Program Files\ScanWizard 5\ScannerFinder.exe

MOD - [2007.08.27 12:44:58 | 000,049,152 | ---- | M] () -- C:\Program Files\ScanWizard 5\Scanners\Mphase32.dll

MOD - [2007.01.05 13:05:20 | 000,249,856 | ---- | M] () -- C:\Program Files\ScanWizard 5\SFRes.dll

MOD - [2005.05.04 14:26:00 | 000,045,056 | ---- | M] () -- C:\Program Files\ScanWizard 5\Scanners\MS32RES.DLL

 

 
 ========== Services (SafeList) ==========

 

SRV - [2013.11.16 02:04:51 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013.11.14 11:07:23 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013.10.23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2013.10.09 16:13:42 | 000,836,160 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)

SRV - [2013.10.09 16:13:42 | 000,166,976 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)

SRV - [2013.10.09 16:10:06 | 001,667,584 | ---- | M] (GlavSoft LLC.) [On_Demand | Running] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)

SRV - [2013.08.14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)

SRV - [2013.07.25 07:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2013.04.04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2013.04.04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2013.02.21 13:09:10 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Windows\System32\afasrv32.exe -- (AfaService)

SRV - [2012.12.29 11:26:54 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012.12.29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2012.01.23 05:43:08 | 000,092,592 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)

SRV - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)

SRV - [2011.06.13 21:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)

SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2009.11.16 13:19:22 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)

SRV - [2009.09.02 08:41:24 | 001,466,476 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)

SRV - [2009.09.02 08:41:06 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)

SRV - [2008.11.09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

SRV - [2008.08.29 20:11:38 | 002,180,392 | ---- | M] () [Auto | Running] -- C:\Program Files\EgisTec\VITAKEY\BASVC.exe -- (IGBASVC)

SRV - [2008.08.04 16:45:56 | 000,304,688 | ---- | M] () [Auto | Running] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)

SRV - [2008.04.15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)

SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)

SRV - [2006.12.19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)

SRV - [2006.12.14 01:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)

SRV - [2006.12.14 01:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)

SRV - [2006.12.14 00:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)

SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RTL2832UUSB.sys -- (RTL2832UUSB)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)

DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys -- (cpuz136)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\cnnctfy2.sys -- (cnnctfy2MP)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\michael\AppData\Local\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwrchid.sys -- (btwrchid)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwl2cap.sys -- (btwl2cap)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwavdt.sys -- (btwavdt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio)

DRV - [2013.10.09 16:09:44 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Soluto.sys -- (Soluto)

DRV - [2013.09.27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)

DRV - [2013.04.04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2012.12.29 11:26:54 | 008,904,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2012.07.03 16:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2011.03.29 11:08:08 | 000,028,144 | ---- | M] (REINER SCT) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cjusb.sys -- (cjusb)

DRV - [2010.12.02 05:34:32 | 000,052,096 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10)

DRV - [2010.10.18 10:14:22 | 006,959,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNv32.sys -- (NETwNv32)

DRV - [2010.06.23 08:21:32 | 000,259,176 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2010.01.07 03:49:00 | 000,057,856 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SCR3XX2K.sys -- (SCR3XX2K)

DRV - [2009.09.29 07:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)

DRV - [2009.09.29 07:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)

DRV - [2009.09.29 07:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)

DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)

DRV - [2009.07.08 09:17:36 | 000,039,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)

DRV - [2009.06.17 13:02:46 | 000,029,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)

DRV - [2009.06.17 13:02:40 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)

DRV - [2009.06.17 13:01:42 | 000,025,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)

DRV - [2009.06.17 13:01:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidBus.sys -- (BtHidBus)

DRV - [2009.06.17 13:01:10 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr)

DRV - [2009.04.11 06:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)

DRV - [2008.12.04 05:36:05 | 000,066,856 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\FPWinIo.sys -- (FPWinIo)

DRV - [2008.12.03 10:39:37 | 000,026,920 | ---- | M] (LTT) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\FPSensor.sys -- (FPSensor)

DRV - [2008.11.19 16:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)

DRV - [2008.11.19 16:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)

DRV - [2008.11.19 16:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)

DRV - [2008.10.09 14:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)

DRV - [2008.08.04 16:46:06 | 000,059,952 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV - [2008.08.04 16:46:04 | 000,019,504 | ---- | M] (Egis Incorporated.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV - [2008.08.04 16:46:04 | 000,016,432 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV - [2008.07.10 11:12:56 | 001,753,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)

DRV - [2008.04.28 06:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)

DRV - [2008.01.21 03:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV - [2007.07.31 11:58:18 | 000,908,896 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PhilCap.sys -- (PhilCap)

DRV - [2007.02.12 16:55:56 | 000,075,776 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)

DRV - [2006.11.30 15:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)

DRV - [2006.11.17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)

DRV - [2006.11.10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"

FF - prefs.js..extensions.enabledAddons: google%40hitachi.com:0.3

FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.2

FF - prefs.js..extensions.enabledAddons: toolbar-tbplatform%40alexa.com:2.2

FF - prefs.js..extensions.enabledAddons: ffextension%40weheartit.com:3.1.1

FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.8.1

FF - prefs.js..extensions.enabledAddons: %7B62a6949c-2fcd-f9f2-952c-ae165cfb33b2%7D:1.1

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\michael\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\michael\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\michael\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\michael\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\michael\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\michael\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\michael\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.11.20 20:58:33 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013.11.20 20:58:33 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.11.20 21:10:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.25 05:30:58 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.11.20 21:10:04 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.25 05:30:58 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin

FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter

 

[2009.07.20 18:31:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\Extensions

[2009.07.20 18:31:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\Extensions\home2@tomtom.com

[2009.07.02 14:48:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2013.11.23 12:03:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\1wge02ki.default-1341749340073\extensions

[2013.11.23 12:03:56 | 000,000,000 | ---D | M] ("Yahoo Community Smartbar") -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\1wge02ki.default-1341749340073\extensions\{62a6949c-2fcd-f9f2-952c-ae165cfb33b2}

[2013.07.25 11:54:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\1wge02ki.default-1341749340073\extensions\ich@maltegoetz.de

[2013.08.25 21:49:50 | 000,000,000 | ---D | M] ("OLDIE RADIO") -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\1wge02ki.default-1341749340073\extensions\toolbar-tbplatform@alexa.com

[2013.10.14 20:23:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions

[2011.08.27 10:07:35 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

[2011.07.02 13:16:19 | 000,000,000 | ---D | M] (MyKey Interface) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\{FACC66B7-E49F-49ed-997E-66A221FD956D}

[2011.08.09 16:35:08 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\DeviceDetection@logitech.com

[2011.08.11 13:39:38 | 000,000,000 | ---D | M] (Facebook Emoticon &amp; Smiley) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\emoticon@luzky.com

[2012.03.22 17:33:50 | 000,000,000 | ---D | M] (F1 by Mozilla Labs) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\ffshare@mozilla.org

[2012.05.21 17:27:09 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\foxyproxy@eric.h.jung

[2011.11.27 17:33:47 | 000,000,000 | ---D | M] ("Biscuit du trÃ©sor" />) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\inquiry@sharelovestory.com

[2013.06.24 14:55:40 | 000,238,232 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\1wge02ki.default-1341749340073\extensions\fbdislike@doweb.fr.xpi

[2013.11.02 01:00:40 | 000,102,027 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\1wge02ki.default-1341749340073\extensions\ffextension@weheartit.com.xpi

[2013.02.08 12:59:10 | 000,368,105 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\1wge02ki.default-1341749340073\extensions\google@hitachi.com.xpi

[2013.11.13 10:48:20 | 000,639,485 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\1wge02ki.default-1341749340073\extensions\toolbar@web.de.xpi

[2012.03.21 15:24:06 | 000,325,600 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\ezy83d9t.default\extensions\smarterwiki@wikiatic.com.xpi

[2012.07.07 11:44:09 | 000,575,929 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\ezy83d9t.default\extensions\toolbar@gmx.net.xpi

[2012.05.11 16:58:58 | 000,355,956 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\ezy83d9t.default\extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi

[2013.10.15 13:37:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013.10.16 09:32:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2013.08.17 14:02:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

[2013.11.16 02:04:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2013.11.20 20:58:00 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

CHR - Extension: No name found = C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0\

CHR - Extension: No name found = C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0\

 

O1 HOSTS File: ([2013.10.12 17:03:09 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Program Files\FireShot for IE\FSAddin-0.86.dll ()

O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)

O4 - HKLM..\Run: [BtTray] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation)

O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Soluto] c:\program files\soluto\soluto.exe (Soluto)

O4 - HKLM..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe ()

O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe (NewSoft Technology Corporation)

O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)

O4 - HKCU..\Run: [EPSON BX300F Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE (SEIKO EPSON CORPORATION)

O4 - HKCU..\Run: [Facebook Update] C:\Users\michael\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)

O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O4 - HKCU..\Run: [PMSpeed] C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation)

O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer File not found

O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer File not found

O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer File not found

O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: An OneNote s&enden - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found

O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found

O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe (Egis Technology Inc.)

O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe (Egis Technology Inc.)

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: IE-Spuren löschen - {6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - C:\Program Files\TraXEx\Integration\TraXEx Internet Explorer.lnk ()

O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: Löschautomat - {8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - C:\Program Files\TraXEx\Integration\TraXEx Löschautomat.lnk ()

O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab (Java Plug-in 10.45.2)

O16 - DPF: {CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab (Java Plug-in 1.7.0_40)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab (Java Plug-in 10.45.2)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71D0C0C8-EA67-4951-8803-AD2FA836D1DD}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{873F1988-35B9-4226-AD86-1FE3FBA7194F}: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found

O24 - Desktop WallPaper: C:\Users\michael\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O24 - Desktop BackupWallPaper: C:\Users\michael\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2008.08.21 11:50:32 | 000,000,672 | RH-- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.11.25 19:22:02 | 000,000,000 | ---D | C] -- C:\_OTL

[2013.11.25 07:35:42 | 000,000,000 | ---D | C] -- C:\Users\michael\Documents\Rentenversicherung_Kur

[2013.11.23 09:56:54 | 000,000,000 | ---D | C] -- C:\FRST

[2013.11.23 01:49:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

[2013.11.23 01:48:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft

[2013.11.20 21:08:49 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2013.11.20 20:59:05 | 000,000,000 | ---D | C] -- C:\Users\michael\AppData\Roaming\RealNetworks

[2013.11.20 20:58:31 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks

[2013.11.20 20:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks

[2013.11.20 20:58:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared

[2013.11.20 20:57:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks

[2013.11.19 21:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixlr

[2013.11.19 21:56:25 | 000,000,000 | ---D | C] -- C:\Users\michael\AppData\Roaming\Pixlromatic

[2013.11.19 21:55:19 | 000,000,000 | ---D | C] -- C:\Program Files\Pixlr

[2013.11.18 15:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator

[2013.11.18 15:50:51 | 000,095,416 | ---- | C] (pdfforge GmbH) -- C:\Windows\System32\pdfcmon.dll

[2013.11.18 15:50:47 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator

[2013.11.18 15:27:01 | 000,000,000 | ---D | C] -- C:\Users\michael\Documents\My Kindle Content

[2013.11.18 15:26:44 | 000,000,000 | ---D | C] -- C:\Users\michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

[2013.11.18 15:26:30 | 000,000,000 | ---D | C] -- C:\Users\michael\AppData\Local\Amazon

[2013.11.18 15:15:57 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2013.11.18 14:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2013.11.18 14:28:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2013.11.18 14:26:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2013.11.18 14:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2013.11.18 14:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2013.11.18 14:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2013.11.18 14:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

[2013.11.18 14:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[6 C:\*.tmp files -> C:\*.tmp -> ]

[1 C:\Users\michael\Documents\*.tmp files -> C:\Users\michael\Documents\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.11.28 12:17:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013.11.28 12:10:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000UA.job

[2013.11.28 11:46:15 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000UA.job

[2013.11.28 11:25:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.11.28 11:00:32 | 000,632,492 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2013.11.28 11:00:32 | 000,599,150 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013.11.28 11:00:32 | 000,127,722 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2013.11.28 11:00:32 | 000,105,164 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013.11.28 10:56:02 | 000,004,805 | ---- | M] () -- C:\Windows\System32\LOCALSERVICE.INI

[2013.11.28 10:56:02 | 000,000,726 | ---- | M] () -- C:\Windows\System32\bscs.ini

[2013.11.28 10:56:02 | 000,000,102 | ---- | M] () -- C:\Windows\System32\LOCALDEVICE.INI

[2013.11.28 10:54:23 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013.11.28 10:54:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013.11.28 10:54:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013.11.28 10:54:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.11.28 10:54:00 | 3215,847,424 | -HS- | M] () -- C:\hiberfil.sys

[2013.11.28 00:10:02 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000Core.job

[2013.11.27 22:46:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000Core.job

[2013.11.27 15:35:57 | 000,000,380 | ---- | M] () -- C:\Windows\System32\REMOTEDEVICE.INI

[2013.11.25 19:26:12 | 000,419,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013.11.25 09:08:41 | 000,000,519 | ---- | M] () -- C:\Users\michael\Desktop\OTL.exe - Verknüpfung.lnk

[2013.11.23 22:18:44 | 000,039,142 | ---- | M] () -- C:\Users\michael\Desktop\MaNuKa ..Graz.jpg

[2013.11.23 11:27:41 | 000,062,014 | ---- | M] () -- C:\Users\michael\Documents\602a. Neues MS... ab 22.03.odt

[2013.11.23 02:03:14 | 000,002,015 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube Download.lnk

[2013.11.23 02:03:14 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk

[2013.11.23 01:49:33 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\Free Audio Converter.lnk

[2013.11.21 23:05:16 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk

[2013.11.20 20:57:55 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll

[2013.11.19 21:57:00 | 000,000,896 | ---- | M] () -- C:\Users\Public\Desktop\Pixlr-o-matic.lnk

[2013.11.18 15:51:02 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk

[2013.11.18 14:38:46 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif

[2013.11.18 14:36:24 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2013.11.18 14:11:11 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2013.11.12 21:27:45 | 000,847,989 | ---- | M] () -- C:\Users\michael\Documents\3114.pdf

[2013.11.11 01:31:16 | 000,009,287 | ---- | M] () -- C:\Users\michael\.recently-used.xbel

[2013.11.08 19:32:57 | 000,043,174 | ---- | M] () -- C:\Users\michael\Documents\Happy Day.jpg

[6 C:\*.tmp files -> C:\*.tmp -> ]

[1 C:\Users\michael\Documents\*.tmp files -> C:\Users\michael\Documents\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013.11.25 09:08:41 | 000,000,519 | ---- | C] () -- C:\Users\michael\Desktop\OTL.exe - Verknüpfung.lnk

[2013.11.23 22:18:42 | 000,039,142 | ---- | C] () -- C:\Users\michael\Desktop\MaNuKa ..Graz.jpg

[2013.11.23 02:03:14 | 000,002,015 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube Download.lnk

[2013.11.23 01:49:33 | 000,002,013 | ---- | C] () -- C:\Users\Public\Desktop\Free Audio Converter.lnk

[2013.11.23 01:49:32 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk

[2013.11.21 11:59:30 | 000,419,104 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2013.11.20 21:53:13 | 000,013,153 | ---- | C] () -- C:\Windows\System32\nvinfo.pb

[2013.11.19 21:55:21 | 000,000,896 | ---- | C] () -- C:\Users\Public\Desktop\Pixlr-o-matic.lnk

[2013.11.18 15:51:02 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk

[2013.11.18 14:36:24 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2013.11.18 14:23:48 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

[2013.11.18 14:11:11 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2013.11.14 11:12:56 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF

[2013.11.12 21:27:44 | 000,847,989 | ---- | C] () -- C:\Users\michael\Documents\3114.pdf

[2013.11.11 01:31:16 | 000,009,287 | ---- | C] () -- C:\Users\michael\.recently-used.xbel

[2013.11.08 19:32:52 | 000,043,174 | ---- | C] () -- C:\Users\michael\Documents\Happy Day.jpg

[2013.10.16 09:35:46 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe

[2013.10.14 17:26:05 | 000,000,094 | ---- | C] () -- C:\Users\michael\AppData\Roaming\WB.CFG

[2013.10.14 17:26:05 | 000,000,006 | ---- | C] () -- C:\Users\michael\AppData\Roaming\WBPU-TTL.DAT

[2013.10.10 11:05:02 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

[2013.04.24 10:58:56 | 000,362,029 | ---- | C] () -- C:\Windows\System32\sqlite3.dll

[2013.04.18 18:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe

[2013.04.18 18:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll

[2013.04.18 18:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll

[2013.04.18 18:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll

[2013.04.18 18:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll

[2013.02.21 13:09:10 | 000,065,536 | ---- | C] () -- C:\Windows\System32\afasrv32.exe

[2012.05.29 14:00:29 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll

[2010.09.20 12:41:20 | 000,006,614 | ---- | C] () -- C:\Users\michael\shexview_lng.ini

[2010.07.25 18:18:14 | 000,000,544 | ---- | C] () -- C:\Users\michael\AppData\Roaming\$IGBT9Y2.JPG

[2010.07.25 18:18:11 | 000,000,544 | ---- | C] () -- C:\Users\michael\AppData\Roaming\$IDOOI7P.BUP

[2010.07.25 18:18:11 | 000,000,544 | ---- | C] () -- C:\Users\michael\AppData\Roaming\$IAURFUT.IFO

[2010.07.25 18:18:11 | 000,000,544 | ---- | C] () -- C:\Users\michael\AppData\Roaming\$I3IX2MZ.IFO

[2010.07.25 18:18:11 | 000,000,544 | ---- | C] () -- C:\Users\michael\AppData\Roaming\$I1QNAH1.BUP

[2010.05.13 10:15:42 | 000,019,456 | ---- | C] () -- C:\Users\michael\AppData\Local\WebpageIcons.db

[2010.04.10 08:08:46 | 000,000,680 | ---- | C] () -- C:\Users\michael\AppData\Local\d3d9caps.dat

[2009.10.01 13:25:59 | 000,000,148 | ---- | C] () -- C:\Users\michael\AppData\Roaming\default.pls

[2009.06.30 18:07:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2009.06.28 12:32:54 | 000,001,738 | ---- | C] () -- C:\Users\michael\AppData\Roaming\wklnhst.dat

[2009.06.27 19:39:38 | 000,233,984 | ---- | C] () -- C:\Users\michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 
 ========== ZeroAccess Check ==========

 

[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 
 ========== LOP Check ==========

 

[2013.11.28 10:56:25 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\.oit

[2012.04.19 14:33:50 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\1&1 Mail & Media GmbH

[2011.10.18 12:50:43 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Ashampoo

[2011.05.16 14:38:42 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Auslogics

[2012.05.15 17:35:48 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1

[2013.11.23 02:02:20 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\DVDVideoSoft

[2010.08.11 19:50:23 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\EPSON

[2010.01.21 15:16:26 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\FRITZ!

[2010.07.18 10:48:44 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\FRITZ!fax für FRITZ!Box

[2011.02.13 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\GARMIN

[2012.04.16 17:09:37 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\GMX

[2013.11.11 01:31:16 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\gtk-2.0

[2012.09.20 19:45:49 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\ICQ

[2012.03.16 15:36:23 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\ImgBurn

[2011.04.03 22:30:00 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\LibreOffice

[2009.10.03 09:21:03 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Lingoes

[2010.06.02 18:44:19 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\MuldeR

[2013.02.27 19:08:47 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\MusicNet

[2010.12.29 20:36:35 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\NewSoft

[2011.02.06 17:10:21 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Octoshape

[2013.07.25 12:09:03 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\OpenOffice

[2009.06.27 23:17:19 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\OpenOffice.org

[2009.08.27 11:47:52 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Opera

[2013.11.19 21:56:25 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Pixlromatic

[2009.09.22 19:31:52 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\ppstream

[2013.08.19 17:54:59 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Samsung

[2009.06.28 12:33:13 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Template

[2009.07.20 18:31:43 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\TomTom

[2012.08.11 20:07:32 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Trillian

[2013.11.23 01:50:22 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\TuneUp Software

[2012.04.16 17:09:11 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\WEB.DE

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers >

"ProviderID0" = 1

"ProviderID1" = 2

"ProviderID2" = 3

"ProviderID3" = 4

"NextProviderID" = 6

"ProviderFileName0" = unimdm.tsp -- [2009.04.11 07:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation)

"ProviderFileName1" = kmddsp.tsp -- [2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation)

"ProviderFileName2" = ndptsp.tsp -- [2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation)

"ProviderFileName3" = hidphone.tsp -- [2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation)

"NumProviders" = 5

"ProviderID4" = 5

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation /S >

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S >

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters]

"ServiceDll" = %SystemRoot%\System32\dnsrslvr.dll -- [2011.03.02 16:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation)

 
 < HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost >

"LocalService" = nsilltdsvcSSDPSRVupnphostSCard [Binary data over 200 bytes]

"LocalSystemNetworkRestricted" = hidservUxSmsWdiSystemHostNetman [Binary data over 200 bytes]

"NetworkServiceNetworkRestricted" = PolicyAgent [binary data]

"LocalServiceNoNetwork" = PLADPSBFEmpssvcehstart [binary data]

"NetworkService" = CryptSvcDHCPTermServiceKtmRmDN [Binary data over 200 bytes]

"termsvcs" = TermService [binary data]

"WerSvcGroup" = wersvc [binary data] -- [2009.04.11 07:28:25 | 000,126,976 | ---- | M] (Microsoft Corporation)

"netsvcs" = AeLookupSvcwercplsupportThemesC [Binary data over 200 bytes]

"swprv" = swprv [binary data] -- [2009.04.11 07:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation)

"LocalServiceNetworkRestricted" = DHCPeventlogAudioSrvLmHostswsc [Binary data over 200 bytes]

"rpcss" = RpcSs [binary data] -- [2009.04.11 07:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation)

"regsvc" = RemoteRegistry [binary data]

"wcssvc" = WcsPlugInService [binary data] -- [2006.11.02 10:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation)

"DcomLaunch" = PlugPlayDcomLaunch [binary data]

"wdisvc" = WdiServiceHost [binary data]

"sdrsvc" = sdrsvc [binary data] -- [2008.01.21 03:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation)

"imgsvc" = StiSvc [binary data]

"secsvcs" = WinDefend [binary data]

"bthsvcs" = BthServ [binary data] -- [2009.04.11 07:28:18 | 000,040,960 | ---- | M] (Microsoft Corporation)

"getPlusHelper" = getPlusHelper [binary data]

"LocalServiceAndNoImpersonation" = FontCache [binary data]

"GPSvcGroup" = GPSvc [binary data] -- [2009.04.11 07:28:19 | 000,576,512 | ---- | M] (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\getPlusHelper]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\GPSvcGroup]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\SDRSVC]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\swprv]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wercplsupport]

 
 < HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com >

 
 < %SystemRoot%\system32\*.tsp >

[2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp

[2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp

[2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp

[2006.11.02 10:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp

[2009.04.11 07:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp

 
 < C:\Windows\system32\*.dll /800 >

[2012.04.19 13:56:56 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\admparse.dll

[2012.04.19 13:56:56 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\advpack.dll

[2013.06.04 02:49:59 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\atmfd.dll

[2013.06.04 05:16:35 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\system32\atmlib.dll

[2013.08.01 03:49:15 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cdd.dll

[2013.04.24 05:00:24 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certenc.dll

[2013.04.18 18:06:46 | 000,974,848 | ---- | M] () -- C:\Windows\system32\cis-2.4.dll

[2013.07.04 05:21:15 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comctl32.dll

[2013.10.03 13:45:45 | 000,993,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll

[2013.04.17 13:30:06 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptdlg.dll

[2013.07.08 05:16:55 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll

[2013.07.08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll

[2013.03.09 04:45:04 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\csrsrv.dll

[2013.08.27 02:32:20 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d2d1.dll

[2013.08.27 03:47:50 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10.dll

[2013.08.27 03:47:50 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10core.dll

[2013.08.27 02:50:40 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll

[2013.08.27 02:52:08 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10warp.dll

[2013.08.27 03:47:50 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1.dll

[2013.08.27 03:47:50 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1core.dll

[2013.04.18 18:06:08 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\system32\dgderapi.dll

[2013.04.18 18:06:08 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DIFxAPI.dll

[2012.11.02 11:18:17 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnet.dll

[2013.08.27 02:28:36 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll

[2012.04.19 13:56:59 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll

[2012.04.19 13:57:00 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll

[2011.10.14 17:02:19 | 000,429,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EncDec.dll

[2013.08.27 02:28:35 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FntCache.dll

[2013.10.11 03:07:57 | 000,596,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FWPUCLNT.DLL

[2013.10.03 13:45:50 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gdi32.dll

[2012.08.21 13:01:22 | 000,106,928 | ---- | M] (GEAR Software Inc.) -- C:\Windows\system32\GEARAspi.dll

[2013.06.15 14:22:11 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icaapi.dll

[2012.04.19 13:56:59 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll

[2012.04.19 13:56:55 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll

[2012.04.19 13:56:55 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakeng.dll

[2012.04.19 13:56:56 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieaksie.dll

[2012.04.19 13:56:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakui.dll

[2012.04.19 13:56:59 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll

[2012.04.19 13:56:59 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll

[2013.10.13 11:08:04 | 009,739,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll

[2012.04.19 13:56:56 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll

[2012.04.19 13:56:59 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll

[2013.10.13 10:27:40 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll

[2012.04.19 13:56:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll

[2012.04.19 13:57:00 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll

[2013.10.13 10:20:51 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll

[2013.10.11 03:08:02 | 000,444,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IKEEXT.DLL

[2012.02.29 16:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll

[2012.04.19 13:56:56 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll

[2012.04.19 13:56:58 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll

[2013.04.18 18:06:46 | 000,081,920 | ---- | M] () -- C:\Windows\system32\issacapi_bs-2.3.dll

[2013.04.18 18:06:46 | 000,065,536 | ---- | M] () -- C:\Windows\system32\issacapi_pe-2.3.dll

[2013.04.18 18:06:46 | 000,057,344 | ---- | M] () -- C:\Windows\system32\issacapi_se-2.3.dll

[2013.10.13 10:30:20 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll

[2013.10.13 10:48:06 | 001,806,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll

[2013.10.13 10:32:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll

[2012.09.28 17:11:03 | 000,892,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kernel32.dll

[2012.04.19 13:56:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll

[2012.05.11 16:57:00 | 000,623,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\localspl.dll

[2011.11.16 17:21:57 | 001,259,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lsasrv.dll

[2013.04.18 18:06:46 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MACXMLProto.dll

[2013.04.18 18:06:46 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\system32\MaDRM.dll

[2013.04.18 18:06:46 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MaJGUILib.dll

[2013.04.18 18:06:46 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\system32\MAMACExtract.dll

[2013.04.18 18:06:46 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MaXMLProto.dll

[2011.10.14 17:00:23 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mciseq.dll

[2013.04.18 18:06:46 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\system32\MK_Lyric.dll

[2013.04.18 18:06:46 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\system32\MSCLib.dll

[2013.10.13 10:27:43 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll

[2012.04.19 13:56:55 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll

[2013.04.18 18:06:46 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\system32\MSFLib.dll

[2013.10.13 11:42:12 | 012,344,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll

[2013.10.13 10:26:08 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll

[2012.04.19 13:57:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll

[2012.04.19 13:57:02 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll

[2013.04.18 18:06:46 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\system32\MSLUR71.dll

[2012.05.05 11:54:20 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSMPIDE.DLL

[2012.04.19 13:57:01 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll

[2013.03.08 04:52:22 | 002,067,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mstscax.dll

[2013.11.20 20:57:50 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp71.dll

[2012.08.16 14:12:06 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr100.dll

[2011.12.14 17:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcrt.dll

[2012.06.05 17:47:27 | 001,248,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll

[2012.11.02 11:19:34 | 001,400,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll

[2013.04.18 18:06:46 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\system32\MTTELECHIP.dll

[2013.04.18 18:06:46 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\system32\MTXSYNCICON.dll

[2013.04.18 18:06:46 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\system32\muzaf1.dll

[2013.04.18 18:06:46 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\system32\muzapp.dll

[2013.04.18 18:06:46 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\system32\muzwmts.dll

[2012.11.20 05:22:50 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll

[2012.06.29 17:01:42 | 000,467,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll

[2013.07.09 13:10:36 | 001,205,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdll.dll

[2012.12.29 11:26:54 | 002,504,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvapi.dll

[2012.07.03 16:25:20 | 000,067,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvapo32v.dll

[2012.12.29 11:26:54 | 017,560,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcompiler.dll

[2012.12.29 09:26:22 | 004,129,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcpl.dll

[2012.12.29 11:26:54 | 007,931,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuda.dll

[2012.12.29 11:26:54 | 001,985,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvenc.dll

[2012.12.29 11:26:54 | 002,720,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvid.dll

[2012.12.29 11:26:54 | 015,129,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvd3dum.dll

[2012.12.29 11:26:54 | 001,017,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvdispco32.dll

[2012.12.29 11:26:54 | 000,889,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvdispgenco32.dll

[2012.05.15 11:26:00 | 000,883,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvgenco32.dll

[2012.07.03 08:37:56 | 000,884,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvhdagenco3220103.dll

[2012.07.03 16:25:21 | 000,028,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvhdap32.dll

[2012.12.29 09:25:57 | 000,108,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvmctray.dll

[2012.12.29 11:26:54 | 020,450,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvoglv32.dll

[2012.12.29 11:26:54 | 006,263,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvopencl.dll

[2012.12.29 09:25:57 | 000,062,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvshext.dll

[2012.12.29 09:26:22 | 003,001,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvsvc.dll

[2012.12.29 09:25:57 | 002,557,880 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvsvcr.dll

[2012.12.29 11:26:54 | 012,641,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvwgf2um.dll

[2012.04.19 13:56:57 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll

[2012.05.15 11:26:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\system32\OpenCL.dll

[2011.11.18 18:47:03 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\packager.dll

[2013.04.09 15:13:52 | 000,095,416 | ---- | M] (pdfforge GmbH) -- C:\Windows\system32\pdfcmon.dll

[2013.11.20 20:57:55 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\system32\pncrt.dll

[2013.11.20 20:57:56 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\system32\pndx5016.dll

[2013.11.20 20:57:56 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\system32\pndx5032.dll

[2012.04.19 13:56:57 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll

[2013.07.20 11:44:53 | 000,102,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

[2013.05.02 05:03:42 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\printcom.dll

[2011.10.25 16:58:54 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qdvd.dll

[2013.06.01 05:06:08 | 000,505,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qedit.dll

[2012.11.08 04:48:38 | 001,314,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\quartz.dll

[2012.01.09 16:54:08 | 000,613,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpencom.dll

[2013.04.18 18:08:14 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\system32\Redemption.dll

[2013.11.20 20:58:11 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\system32\rmoc3260.dll

[2013.07.10 10:47:00 | 000,783,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rpcrt4.dll

[2012.06.02 01:04:25 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll

[2011.11.16 17:23:08 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll

[2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll

[2012.11.22 04:54:36 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shlwapi.dll

[2013.04.24 10:58:56 | 000,362,029 | ---- | M] () -- C:\Windows\system32\sqlite3.dll

[2012.09.25 17:19:41 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\synceng.dll

[2013.07.16 05:35:16 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\themeui.dll

[2013.07.17 20:41:34 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll

[2013.10.13 10:33:57 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll

[2013.10.13 10:37:03 | 001,104,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll

[2013.10.13 10:29:02 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll

[2013.04.03 08:58:16 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WdfCoInstaller01007.dll

[2012.07.26 03:46:47 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wdfres.dll

[2012.04.19 13:56:58 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll

[2013.05.02 05:04:25 | 000,443,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll

[2013.11.18 14:14:06 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge.dll

[2011.11.16 17:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winhttp.dll

[2013.10.13 10:35:38 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll

[2011.10.14 17:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winmm.dll

[2013.03.08 04:53:50 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winsrv.dll

[2013.07.08 05:20:04 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll

[2013.04.03 08:58:16 | 000,581,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinUSBCoInstaller.dll

[2012.02.29 16:11:45 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmi.dll

[2013.08.02 05:09:35 | 001,548,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMVDECOD.DLL

[2012.06.02 23:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuapi.dll

[2012.06.02 23:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuaueng.dll

[2012.06.02 23:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wucltux.dll

[2012.07.26 04:20:40 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFCoinstaller.dll

[2012.07.26 04:20:40 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFPlatform.dll

[2012.07.26 04:20:40 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFSvc.dll

[2012.07.26 04:20:40 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFx.dll

[2012.06.02 23:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wudriver.dll

[2012.06.02 23:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wups.dll

[2012.06.02 23:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wups2.dll

[2012.06.02 14:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuwebv.dll

[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

[2006.11.02 14:01:49 | 000,032,534 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2009.06.30 20:30:27 | 000,001,076 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000Core.job

[2009.06.30 20:30:28 | 000,001,128 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000UA.job

[2010.02.09 16:23:56 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

[2010.02.09 16:23:58 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[2013.03.20 07:32:00 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

[2013.08.22 23:05:53 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000Core.job

[2013.08.22 23:05:56 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000UA.job

 
 <           >
 

< End of report >

Code:

OTL logfile created on: 28.11.2013 12:14:14 - Run 3

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\michael\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,99 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 49,58% Memory free

6,19 Gb Paging File | 4,73 Gb Available in Paging File | 76,37% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 277,96 Gb Total Space | 140,65 Gb Free Space | 50,60% Space Free | Partition Type: NTFS

Drive D: | 20,12 Gb Total Space | 11,23 Gb Free Space | 55,84% Space Free | Partition Type: FAT32

 

Computer Name: MICHAEL-PC | User Name: michael | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2013.11.25 09:08:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\michael\Downloads\OTL.exe

PRC - [2013.11.06 02:55:46 | 000,845,168 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

PRC - [2013.11.06 02:55:38 | 001,564,528 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe

PRC - [2013.10.23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe

PRC - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe

PRC - [2013.10.23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2013.10.09 16:13:42 | 000,836,160 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe

PRC - [2013.10.09 16:13:42 | 000,166,976 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoLauncherService.exe

PRC - [2013.10.09 16:13:40 | 001,233,472 | ---- | M] (Soluto) -- C:\Program Files\Soluto\Soluto.exe

PRC - [2013.10.09 16:10:06 | 001,667,584 | ---- | M] (GlavSoft LLC.) -- C:\Program Files\Soluto\SolutoRemoteService.exe

PRC - [2013.08.14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

PRC - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2013.04.04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2013.02.21 13:09:10 | 000,065,536 | ---- | M] () -- C:\Windows\System32\afasrv32.exe

PRC - [2012.12.29 11:26:54 | 001,260,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

PRC - [2012.12.29 09:26:22 | 000,873,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

PRC - [2012.12.29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

PRC - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE

PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2009.12.02 23:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe

PRC - [2009.09.02 08:44:22 | 000,315,478 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe

PRC - [2009.09.02 08:41:24 | 001,466,476 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe

PRC - [2009.09.02 08:41:06 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe

PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

PRC - [2008.12.09 08:32:06 | 000,055,120 | ---- | M] (NewSoft Technology Corporation) -- C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe

PRC - [2008.11.09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

PRC - [2008.11.03 14:21:18 | 000,030,544 | ---- | M] (NewSoft Technology Corporation) -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe

PRC - [2008.08.29 20:11:38 | 002,436,392 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec\VITAKEY\CompPtcVUI.exe

PRC - [2008.08.29 20:11:38 | 002,180,392 | ---- | M] () -- C:\Program Files\EgisTec\VITAKEY\BASVC.exe

PRC - [2008.08.28 15:03:22 | 000,233,472 | ---- | M] () -- C:\Windows\tsnp2uvc.exe

PRC - [2008.08.04 16:45:56 | 000,304,688 | ---- | M] (EgisTec Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe

PRC - [2008.05.24 13:34:28 | 000,026,448 | ---- | M] (NewSoft Technology Corporation) -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe

PRC - [2008.04.15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2008.04.15 17:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2008.03.21 12:16:20 | 000,344,064 | ---- | M] () -- C:\Program Files\ScanWizard 5\ScannerFinder.exe

PRC - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe

PRC - [2006.12.19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe

PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2013.11.22 19:51:34 | 014,972,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\642ba04dfd0cf6b5a4bd768ab404eb4f\Kies.Theme.ni.dll

MOD - [2013.11.22 19:51:33 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\9e97c3b33aa7fb9d900bca4f6d93ec9e\DummyStorePlugin.ni.dll

MOD - [2013.11.22 19:51:32 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\dcd008a3fba48090b7a4e6e4a5e7b20a\DeviceStoryAlbum.ni.dll

MOD - [2013.11.22 19:51:31 | 000,616,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\eeefdbf91e99a91bf0f1948d5fd68d87\DevicePodcast.ni.dll

MOD - [2013.11.22 19:51:30 | 000,301,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\3466f424f84c9d58703c8d49e3cec991\DeviceVideo.ni.dll

MOD - [2013.11.22 19:51:29 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\f8e9e990d7da96e9307421d5a315b2c2\DevicePhoto.ni.dll

MOD - [2013.11.22 19:51:28 | 000,308,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\330e21cf540e1aa133c80efc7eb9b134\DeviceMusic.ni.dll

MOD - [2013.11.22 19:51:26 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\b6dbdf0a1deb9bb640437d640b42d4e9\VideoManager.ni.dll

MOD - [2013.11.22 19:51:25 | 000,807,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\0c2f7492807cfcfe18ea06ce6acc909c\PhotoManager.ni.dll

MOD - [2013.11.22 19:51:23 | 001,993,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\8bdb875a966da6a46b121bb480b90510\Phonebook.ni.dll

MOD - [2013.11.22 19:51:20 | 000,207,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\9a0aa4c727254e57018d6618310763d2\StoryAlbumManager.ni.dll

MOD - [2013.11.22 19:51:19 | 000,945,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\1199d9d5982b9c9e09a68ff0a5c8c709\MusicManager.ni.dll

MOD - [2013.11.22 19:51:18 | 000,404,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\2cd3ab735bdeddcc09727d40c2c2d8a2\BATPlugin.ni.dll

MOD - [2013.11.22 19:51:16 | 000,534,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\da4a656f5af4ca1cb53934034314853e\Kies.Common.MediaDB.ni.dll

MOD - [2013.11.22 19:51:16 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\6e02e15174282cb0ddd24edfe74eb58b\Kies.Common.StoreManager.ni.dll

MOD - [2013.11.22 19:51:15 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\2c2dbe86884ed4a0f6ad598beae9699f\Kies.Common.AllShare.ni.dll

MOD - [2013.11.22 19:51:14 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\c3d1340662ee751e8d733de79da14ebd\Kies.Common.DBManager.ni.dll

MOD - [2013.11.22 19:51:13 | 000,110,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\6b1bd95506210a735156fd15f42262fa\Kies.Common.CRMManager.ni.dll

MOD - [2013.11.22 19:51:12 | 001,150,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\269bf7229a2bdccf2fac6ae1f9514060\Podcaster.ni.dll

MOD - [2013.11.22 19:51:10 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a6fc5e998baff5bb685990cb2d7eaac1\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll

MOD - [2013.11.22 19:51:09 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\218d40e918840027f02f89b6286f3da6\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll

MOD - [2013.11.22 19:51:09 | 000,178,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\4c137894061073dafac4b63132301fba\Interop.DevFileServiceLib.ni.dll

MOD - [2013.11.22 19:51:08 | 000,581,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1b40bd018e69bfb3e081df88e2547003\Kies.Common.DeviceServiceLib.FileService.ni.dll

MOD - [2013.11.22 19:51:07 | 001,226,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c4618a76c264bd85178296bb92391319\Kies.Common.DeviceService.ni.dll

MOD - [2013.11.22 19:51:04 | 001,002,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\d785f2e0cdc6d8873b86b6b266a4913d\DeviceCommonLib.ni.dll

MOD - [2013.11.22 19:51:03 | 000,750,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\ea8968244daac8c5873aa87235a7b49d\Kies.Plugin.ContentsManagerLib.ni.dll

MOD - [2013.11.22 19:51:01 | 000,206,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\25bfc8f9251c5d14e0deeca8cb047efe\Kies.Common.MainUI.ni.dll

MOD - [2013.11.22 19:50:54 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\fb36527133c6a9e51f53aab9ca2faabe\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll

MOD - [2013.11.22 19:50:53 | 000,940,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\80b0d9d062e12555279d83988d066d4b\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll

MOD - [2013.11.22 19:50:51 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\97feb913f82b178f436c759ba72a827f\Interop.PRPLAYERCORELib.ni.dll

MOD - [2013.11.22 19:50:50 | 002,221,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\38aa59acafca02f45ea4a74f287bb68a\Kies.Common.Multimedia.ni.dll

MOD - [2013.11.22 19:50:45 | 000,640,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\6b9eaab90feb84cec955aa5d2e9c2e80\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll

MOD - [2013.11.22 19:50:45 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\891822cfc054262435c02192bb220192\Kies.Common.DeviceServiceLib.Interface.ni.dll

MOD - [2013.11.22 19:50:38 | 007,192,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\ab72498f92b57b4621fd64b22c85815d\DeviceHost.ni.dll

MOD - [2013.11.22 19:50:29 | 000,315,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\2bcad8b67324e46ce281141cf9bb8043\Kies.Common.Util.ni.dll

MOD - [2013.11.22 19:50:28 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\8d5eca0d35b2a052e3a117cdf708a252\Interop.DeviceSearchLib.ni.dll

MOD - [2013.11.22 19:50:27 | 001,734,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c00186c7088636f481c1a2ec57faade5\Kies.Locale.ni.dll

MOD - [2013.11.22 19:50:26 | 001,952,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\abbba0f399508efdbeaf78b2e2fa7b03\Kies.UI.ni.dll

MOD - [2013.11.22 19:50:26 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\6f25a20174765872519f821c6c68bfda\Kies.MVVM.ni.dll

MOD - [2013.11.22 19:50:22 | 001,288,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\12c56c6f281e94ee5ff88ecd3b72b8d5\Kies.Interface.ni.dll

MOD - [2013.11.22 19:50:19 | 002,183,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\823d395f518a40bab1ba61d5bcca005b\Kies.ni.exe

MOD - [2013.10.10 11:07:11 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPostBootResources\a3c7d703aac11b9613b4ec2b9499fe27\PCGPostBootResources.ni.dll

MOD - [2013.10.10 11:07:10 | 000,061,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGHIDProbe\d808faa10b1aea52e3ba7338b934faeb\PCGHIDProbe.ni.dll

MOD - [2013.10.10 11:07:08 | 000,045,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGRSPProbe\e2aedb04b2ecfadf9f3e25b37db2a7de\PCGRSPProbe.ni.dll

MOD - [2013.10.10 11:07:06 | 000,210,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\a66c8fb1112a35ea5b167c63fc229762\PCGBootVisualizingCommon.ni.dll

MOD - [2013.10.10 11:07:02 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\4b559204a51e98c622e88c9e59cff88c\PCGDriverProbe.ni.dll

MOD - [2013.10.10 11:07:00 | 002,327,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\fea40edf5e90ea9176de6bb2b1ef5ad3\Community.CsharpSqlite.ni.dll

MOD - [2013.10.10 11:06:57 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGWuInfo\cc61d922797993ad22d12f24cea26fd5\PCGWuInfo.ni.dll

MOD - [2013.10.10 11:06:56 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\1cc564468f371f8f0209f230fa6679ec\Interop.IWshRuntimeLibrary.ni.dll

MOD - [2013.10.10 11:06:54 | 000,070,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\ba911318808ac46ccaa23b7948d55485\PCGUsersCenter.ni.dll

MOD - [2013.10.10 11:06:52 | 000,178,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\7d64c748a9d22e3d6e0b955b652081fa\PCGAppControlPluginLoader.ni.dll

MOD - [2013.10.10 11:06:51 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\4869c29247a668106dbff885f8d0a69d\PCGConfiguration.ni.dll

MOD - [2013.10.10 11:06:46 | 003,957,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDatabase\5801b3422fdecce9bebdd46a9e12d7af\PCGDatabase.ni.dll

MOD - [2013.10.10 11:06:38 | 001,340,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGCommunication\9c17f215c0729695bf3aef31d77889ad\PCGCommunication.ni.dll

MOD - [2013.10.10 11:06:22 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\479e5c8c45c4c774cfe0534e5857421f\PCGAzureEntityFramework.ni.dll

MOD - [2013.10.10 11:06:19 | 001,913,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\6f7fde1b6429e3f44aefa069fdaee688\PCGAzureShared.ni.dll

MOD - [2013.10.10 11:06:16 | 004,574,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\5c49b4b7de8da145abcafc75e3751b82\PCGClientCommon.ni.dll

MOD - [2013.10.10 11:05:57 | 002,845,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\76c2bd9ee1f5ffc30dc759f8724fdbeb\PCGPreCompiled.ni.dll

MOD - [2013.10.10 11:05:53 | 000,267,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPrestoSerializer\deb9987f7dbcd4eac8a30a6219a38480\PCGPrestoSerializer.ni.dll

MOD - [2013.10.10 11:05:52 | 000,596,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\162c64fffc7e69ab237b6486e3e5b3a7\Ionic.Zip.Reduced.ni.dll

MOD - [2013.10.10 11:05:51 | 002,128,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\c7d17aafbcdcc3aa47f35d53f325bda8\Newtonsoft.Json.Net35.ni.dll

MOD - [2013.10.10 11:05:38 | 003,312,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGFramework\f378fe18493c7c17e85418e8d33cce5e\PCGFramework.ni.dll

MOD - [2013.10.10 11:05:31 | 001,725,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Soluto\f4e66fb093ea6066de39f10c73d7fd0b\Soluto.ni.exe

MOD - [2013.10.09 20:20:03 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll

MOD - [2013.10.09 16:10:06 | 000,077,376 | ---- | M] () -- C:\Program Files\Soluto\PCGDllExportInspector.dll

MOD - [2013.10.09 12:41:06 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll

MOD - [2013.10.09 12:40:49 | 002,518,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\3815d0ee28da0b5a6e6c1f083ef437f6\System.Data.Linq.ni.dll

MOD - [2013.10.09 12:40:34 | 002,295,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\ab40b51ac49fbee9a48b5b74ff78d5d6\System.Core.ni.dll

MOD - [2013.10.09 04:45:31 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\6cfb6056dfe610b88af47c21a80026b7\GongSolutions.Wpf.DragDrop.ni.dll

MOD - [2013.10.09 04:39:45 | 018,022,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e9147e4c70d4e387dc4aea59ce0a219a\PresentationFramework.ni.dll

MOD - [2013.10.09 04:39:29 | 011,527,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\99bbd3424207d205e9e680fa712dba04\PresentationCore.ni.dll

MOD - [2013.10.09 04:39:18 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b1ff5e4a64c0bb0a9b039aaefcde5ea7\WindowsBase.ni.dll

MOD - [2013.10.09 04:39:09 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\55c245966c0b23a47587c18681457e48\System.Core.ni.dll

MOD - [2013.10.09 04:39:01 | 001,014,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\85a501f8b0cb271f1bfab6532523ac3c\System.Configuration.ni.dll

MOD - [2013.08.15 08:08:25 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1bf91944c0a39048bb079c5d81f90529\System.Runtime.Serialization.ni.dll

MOD - [2013.08.15 08:07:47 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll

MOD - [2013.08.15 08:07:44 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll

MOD - [2013.08.14 16:13:23 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll

MOD - [2013.08.14 16:10:03 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll

MOD - [2013.08.14 16:01:40 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll

MOD - [2013.08.14 15:11:15 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\c5efe841e2998c266e0f5e29bed04b55\ASF_cSharpAPI.ni.dll

MOD - [2013.08.14 15:09:45 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d8f4106eee38420ac5eda7d630dc53fc\System.ServiceProcess.ni.dll

MOD - [2013.08.14 15:08:50 | 000,770,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\f17c7bc239be0eb7661cbcd3cff1ea16\System.Runtime.Remoting.ni.dll

MOD - [2013.08.14 15:08:27 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\c8648331484537c338fe2b606a9db8b7\System.Xaml.ni.dll

MOD - [2013.08.14 15:04:10 | 005,628,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b7285e9f3d19a05d5cc2c049e451685d\System.Xml.ni.dll

MOD - [2013.08.14 15:04:04 | 009,100,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\08c630893416f3379c9455870908ad6c\System.ni.dll

MOD - [2013.07.21 23:58:41 | 002,052,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MOD - [2013.07.21 23:58:40 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll

MOD - [2013.07.12 08:20:48 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\0cd09e4839a2bfe65311191d2e61c698\Interop.OGGFileInfoCOMLib.ni.dll

MOD - [2013.07.12 08:20:47 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\be9d4a331a41a83465c56b735845c86b\Interop.MP3FileInfoCOMLib.ni.dll

MOD - [2013.07.12 08:20:46 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\a474771ad225ef2b83d38a86a160ed53\Interop.P3MPINTERFACECTRLLib.ni.dll

MOD - [2013.07.12 08:20:15 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\abebd90a3673cde0cd3a1b81a9f18f86\CabLib.ni.dll

MOD - [2013.07.12 01:24:04 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\2cd2c82bbe22932ed5b4d51c3b5059eb\CustomMarshalers.ni.dll

MOD - [2013.07.11 16:37:56 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll

MOD - [2013.07.11 16:21:13 | 014,418,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a01e07e47ecdd94ae099e8c4bf650516\mscorlib.ni.dll

MOD - [2012.10.08 12:01:03 | 000,970,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

MOD - [2012.10.05 11:59:03 | 003,194,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

MOD - [2012.02.22 20:49:56 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll

MOD - [2009.06.27 18:14:15 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll

MOD - [2009.04.11 07:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll

MOD - [2009.03.30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll

MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

MOD - [2009.03.30 05:42:11 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

MOD - [2008.08.28 15:03:22 | 000,233,472 | ---- | M] () -- C:\Windows\tsnp2uvc.exe

MOD - [2008.03.21 12:16:20 | 000,344,064 | ---- | M] () -- C:\Program Files\ScanWizard 5\ScannerFinder.exe

MOD - [2007.08.27 12:44:58 | 000,049,152 | ---- | M] () -- C:\Program Files\ScanWizard 5\Scanners\Mphase32.dll

MOD - [2007.01.05 13:05:20 | 000,249,856 | ---- | M] () -- C:\Program Files\ScanWizard 5\SFRes.dll

MOD - [2005.05.04 14:26:00 | 000,045,056 | ---- | M] () -- C:\Program Files\ScanWizard 5\Scanners\MS32RES.DLL

 

 
 ========== Services (SafeList) ==========

 

SRV - [2013.11.16 02:04:51 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013.11.14 11:07:23 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013.10.23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2013.10.09 16:13:42 | 000,836,160 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)

SRV - [2013.10.09 16:13:42 | 000,166,976 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)

SRV - [2013.10.09 16:10:06 | 001,667,584 | ---- | M] (GlavSoft LLC.) [On_Demand | Running] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)

SRV - [2013.08.14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)

SRV - [2013.07.25 07:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2013.04.04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2013.04.04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2013.02.21 13:09:10 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Windows\System32\afasrv32.exe -- (AfaService)

SRV - [2012.12.29 11:26:54 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012.12.29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2012.01.23 05:43:08 | 000,092,592 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)

SRV - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)

SRV - [2011.06.13 21:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)

SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2009.11.16 13:19:22 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)

SRV - [2009.09.02 08:41:24 | 001,466,476 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)

SRV - [2009.09.02 08:41:06 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)

SRV - [2008.11.09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

SRV - [2008.08.29 20:11:38 | 002,180,392 | ---- | M] () [Auto | Running] -- C:\Program Files\EgisTec\VITAKEY\BASVC.exe -- (IGBASVC)

SRV - [2008.08.04 16:45:56 | 000,304,688 | ---- | M] () [Auto | Running] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)

SRV - [2008.04.15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)

SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)

SRV - [2006.12.19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)

SRV - [2006.12.14 01:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)

SRV - [2006.12.14 01:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)

SRV - [2006.12.14 00:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)

SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RTL2832UUSB.sys -- (RTL2832UUSB)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)

DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys -- (cpuz136)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\cnnctfy2.sys -- (cnnctfy2MP)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\michael\AppData\Local\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwrchid.sys -- (btwrchid)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwl2cap.sys -- (btwl2cap)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwavdt.sys -- (btwavdt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio)

DRV - [2013.10.09 16:09:44 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Soluto.sys -- (Soluto)

DRV - [2013.09.27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)

DRV - [2013.04.04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2012.12.29 11:26:54 | 008,904,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2012.07.03 16:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2011.03.29 11:08:08 | 000,028,144 | ---- | M] (REINER SCT) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cjusb.sys -- (cjusb)

DRV - [2010.12.02 05:34:32 | 000,052,096 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10)

DRV - [2010.10.18 10:14:22 | 006,959,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNv32.sys -- (NETwNv32)

DRV - [2010.06.23 08:21:32 | 000,259,176 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2010.01.07 03:49:00 | 000,057,856 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SCR3XX2K.sys -- (SCR3XX2K)

DRV - [2009.09.29 07:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)

DRV - [2009.09.29 07:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)

DRV - [2009.09.29 07:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)

DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)

DRV - [2009.07.08 09:17:36 | 000,039,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)

DRV - [2009.06.17 13:02:46 | 000,029,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)

DRV - [2009.06.17 13:02:40 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)

DRV - [2009.06.17 13:01:42 | 000,025,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)

DRV - [2009.06.17 13:01:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidBus.sys -- (BtHidBus)

DRV - [2009.06.17 13:01:10 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr)

DRV - [2009.04.11 06:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)

DRV - [2008.12.04 05:36:05 | 000,066,856 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\FPWinIo.sys -- (FPWinIo)

DRV - [2008.12.03 10:39:37 | 000,026,920 | ---- | M] (LTT) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\FPSensor.sys -- (FPSensor)

DRV - [2008.11.19 16:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)

DRV - [2008.11.19 16:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)

DRV - [2008.11.19 16:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)

DRV - [2008.10.09 14:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)

DRV - [2008.08.04 16:46:06 | 000,059,952 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV - [2008.08.04 16:46:04 | 000,019,504 | ---- | M] (Egis Incorporated.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV - [2008.08.04 16:46:04 | 000,016,432 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV - [2008.07.10 11:12:56 | 001,753,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)

DRV - [2008.04.28 06:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)

DRV - [2008.01.21 03:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV - [2007.07.31 11:58:18 | 000,908,896 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PhilCap.sys -- (PhilCap)

DRV - [2007.02.12 16:55:56 | 000,075,776 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)

DRV - [2006.11.30 15:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)

DRV - [2006.11.17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)

DRV - [2006.11.10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"

FF - prefs.js..extensions.enabledAddons: google%40hitachi.com:0.3

FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.2

FF - prefs.js..extensions.enabledAddons: toolbar-tbplatform%40alexa.com:2.2

FF - prefs.js..extensions.enabledAddons: ffextension%40weheartit.com:3.1.1

FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.8.1

FF - prefs.js..extensions.enabledAddons: %7B62a6949c-2fcd-f9f2-952c-ae165cfb33b2%7D:1.1

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\michael\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\michael\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\michael\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\michael\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\michael\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\michael\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\michael\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.11.20 20:58:33 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013.11.20 20:58:33 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.11.20 21:10:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.25 05:30:58 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.11.20 21:10:04 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.25 05:30:58 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin

FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter

 

[2009.07.20 18:31:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\Extensions

[2009.07.20 18:31:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\Extensions\home2@tomtom.com

[2009.07.02 14:48:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2013.11.23 12:03:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\1wge02ki.default-1341749340073\extensions

[2013.11.23 12:03:56 | 000,000,000 | ---D | M] ("Yahoo Community Smartbar") -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\1wge02ki.default-1341749340073\extensions\{62a6949c-2fcd-f9f2-952c-ae165cfb33b2}

[2013.07.25 11:54:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\1wge02ki.default-1341749340073\extensions\ich@maltegoetz.de

[2013.08.25 21:49:50 | 000,000,000 | ---D | M] ("OLDIE RADIO") -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\1wge02ki.default-1341749340073\extensions\toolbar-tbplatform@alexa.com

[2013.10.14 20:23:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions

[2011.08.27 10:07:35 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

[2011.07.02 13:16:19 | 000,000,000 | ---D | M] (MyKey Interface) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\{FACC66B7-E49F-49ed-997E-66A221FD956D}

[2011.08.09 16:35:08 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\DeviceDetection@logitech.com

[2011.08.11 13:39:38 | 000,000,000 | ---D | M] (Facebook Emoticon &amp; Smiley) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\emoticon@luzky.com

[2012.03.22 17:33:50 | 000,000,000 | ---D | M] (F1 by Mozilla Labs) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\ffshare@mozilla.org

[2012.05.21 17:27:09 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\foxyproxy@eric.h.jung

[2011.11.27 17:33:47 | 000,000,000 | ---D | M] ("Biscuit du trÃ©sor" />) -- C:\Users\michael\AppData\Roaming\mozilla\Firefox\Profiles\ezy83d9t.default\extensions\inquiry@sharelovestory.com

[2013.06.24 14:55:40 | 000,238,232 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\1wge02ki.default-1341749340073\extensions\fbdislike@doweb.fr.xpi

[2013.11.02 01:00:40 | 000,102,027 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\1wge02ki.default-1341749340073\extensions\ffextension@weheartit.com.xpi

[2013.02.08 12:59:10 | 000,368,105 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\1wge02ki.default-1341749340073\extensions\google@hitachi.com.xpi

[2013.11.13 10:48:20 | 000,639,485 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\1wge02ki.default-1341749340073\extensions\toolbar@web.de.xpi

[2012.03.21 15:24:06 | 000,325,600 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\ezy83d9t.default\extensions\smarterwiki@wikiatic.com.xpi

[2012.07.07 11:44:09 | 000,575,929 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\ezy83d9t.default\extensions\toolbar@gmx.net.xpi

[2012.05.11 16:58:58 | 000,355,956 | ---- | M] () (No name found) -- C:\Users\michael\AppData\Roaming\mozilla\firefox\profiles\ezy83d9t.default\extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi

[2013.10.15 13:37:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013.10.16 09:32:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2013.08.17 14:02:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

[2013.11.16 02:04:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2013.11.20 20:58:00 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

CHR - Extension: No name found = C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0\

CHR - Extension: No name found = C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0\

 

O1 HOSTS File: ([2013.10.12 17:03:09 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Program Files\FireShot for IE\FSAddin-0.86.dll ()

O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)

O4 - HKLM..\Run: [BtTray] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation)

O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Soluto] c:\program files\soluto\soluto.exe (Soluto)

O4 - HKLM..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe ()

O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe (NewSoft Technology Corporation)

O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)

O4 - HKCU..\Run: [EPSON BX300F Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE (SEIKO EPSON CORPORATION)

O4 - HKCU..\Run: [Facebook Update] C:\Users\michael\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)

O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O4 - HKCU..\Run: [PMSpeed] C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe (NewSoft Technology Corporation)

O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer File not found

O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer File not found

O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer File not found

O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: An OneNote s&enden - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found

O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found

O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe (Egis Technology Inc.)

O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe (Egis Technology Inc.)

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: IE-Spuren löschen - {6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - C:\Program Files\TraXEx\Integration\TraXEx Internet Explorer.lnk ()

O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: Löschautomat - {8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - C:\Program Files\TraXEx\Integration\TraXEx Löschautomat.lnk ()

O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab (Java Plug-in 10.45.2)

O16 - DPF: {CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab (Java Plug-in 1.7.0_40)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab (Java Plug-in 10.45.2)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71D0C0C8-EA67-4951-8803-AD2FA836D1DD}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{873F1988-35B9-4226-AD86-1FE3FBA7194F}: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found

O24 - Desktop WallPaper: C:\Users\michael\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O24 - Desktop BackupWallPaper: C:\Users\michael\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2008.08.21 11:50:32 | 000,000,672 | RH-- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.11.25 19:22:02 | 000,000,000 | ---D | C] -- C:\_OTL

[2013.11.25 07:35:42 | 000,000,000 | ---D | C] -- C:\Users\michael\Documents\Rentenversicherung_Kur

[2013.11.23 09:56:54 | 000,000,000 | ---D | C] -- C:\FRST

[2013.11.23 01:49:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

[2013.11.23 01:48:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft

[2013.11.20 21:08:49 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2013.11.20 20:59:05 | 000,000,000 | ---D | C] -- C:\Users\michael\AppData\Roaming\RealNetworks

[2013.11.20 20:58:31 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks

[2013.11.20 20:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks

[2013.11.20 20:58:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared

[2013.11.20 20:57:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks

[2013.11.19 21:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixlr

[2013.11.19 21:56:25 | 000,000,000 | ---D | C] -- C:\Users\michael\AppData\Roaming\Pixlromatic

[2013.11.19 21:55:19 | 000,000,000 | ---D | C] -- C:\Program Files\Pixlr

[2013.11.18 15:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator

[2013.11.18 15:50:51 | 000,095,416 | ---- | C] (pdfforge GmbH) -- C:\Windows\System32\pdfcmon.dll

[2013.11.18 15:50:47 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator

[2013.11.18 15:27:01 | 000,000,000 | ---D | C] -- C:\Users\michael\Documents\My Kindle Content

[2013.11.18 15:26:44 | 000,000,000 | ---D | C] -- C:\Users\michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

[2013.11.18 15:26:30 | 000,000,000 | ---D | C] -- C:\Users\michael\AppData\Local\Amazon

[2013.11.18 15:15:57 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2013.11.18 14:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2013.11.18 14:28:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2013.11.18 14:26:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2013.11.18 14:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2013.11.18 14:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2013.11.18 14:23:46 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2013.11.18 14:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

[2013.11.18 14:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[6 C:\*.tmp files -> C:\*.tmp -> ]

[1 C:\Users\michael\Documents\*.tmp files -> C:\Users\michael\Documents\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.11.28 12:17:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013.11.28 12:10:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000UA.job

[2013.11.28 11:46:15 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000UA.job

[2013.11.28 11:25:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.11.28 11:00:32 | 000,632,492 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2013.11.28 11:00:32 | 000,599,150 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013.11.28 11:00:32 | 000,127,722 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2013.11.28 11:00:32 | 000,105,164 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013.11.28 10:56:02 | 000,004,805 | ---- | M] () -- C:\Windows\System32\LOCALSERVICE.INI

[2013.11.28 10:56:02 | 000,000,726 | ---- | M] () -- C:\Windows\System32\bscs.ini

[2013.11.28 10:56:02 | 000,000,102 | ---- | M] () -- C:\Windows\System32\LOCALDEVICE.INI

[2013.11.28 10:54:23 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013.11.28 10:54:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013.11.28 10:54:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013.11.28 10:54:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.11.28 10:54:00 | 3215,847,424 | -HS- | M] () -- C:\hiberfil.sys

[2013.11.28 00:10:02 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000Core.job

[2013.11.27 22:46:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000Core.job

[2013.11.27 15:35:57 | 000,000,380 | ---- | M] () -- C:\Windows\System32\REMOTEDEVICE.INI

[2013.11.25 19:26:12 | 000,419,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013.11.25 09:08:41 | 000,000,519 | ---- | M] () -- C:\Users\michael\Desktop\OTL.exe - Verknüpfung.lnk

[2013.11.23 22:18:44 | 000,039,142 | ---- | M] () -- C:\Users\michael\Desktop\MaNuKa ..Graz.jpg

[2013.11.23 11:27:41 | 000,062,014 | ---- | M] () -- C:\Users\michael\Documents\602a. Neues MS... ab 22.03.odt

[2013.11.23 02:03:14 | 000,002,015 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube Download.lnk

[2013.11.23 02:03:14 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk

[2013.11.23 01:49:33 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\Free Audio Converter.lnk

[2013.11.21 23:05:16 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk

[2013.11.20 20:57:55 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll

[2013.11.19 21:57:00 | 000,000,896 | ---- | M] () -- C:\Users\Public\Desktop\Pixlr-o-matic.lnk

[2013.11.18 15:51:02 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk

[2013.11.18 14:38:46 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif

[2013.11.18 14:36:24 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2013.11.18 14:11:11 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2013.11.12 21:27:45 | 000,847,989 | ---- | M] () -- C:\Users\michael\Documents\3114.pdf

[2013.11.11 01:31:16 | 000,009,287 | ---- | M] () -- C:\Users\michael\.recently-used.xbel

[2013.11.08 19:32:57 | 000,043,174 | ---- | M] () -- C:\Users\michael\Documents\Happy Day.jpg

[6 C:\*.tmp files -> C:\*.tmp -> ]

[1 C:\Users\michael\Documents\*.tmp files -> C:\Users\michael\Documents\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013.11.25 09:08:41 | 000,000,519 | ---- | C] () -- C:\Users\michael\Desktop\OTL.exe - Verknüpfung.lnk

[2013.11.23 22:18:42 | 000,039,142 | ---- | C] () -- C:\Users\michael\Desktop\MaNuKa ..Graz.jpg

[2013.11.23 02:03:14 | 000,002,015 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube Download.lnk

[2013.11.23 01:49:33 | 000,002,013 | ---- | C] () -- C:\Users\Public\Desktop\Free Audio Converter.lnk

[2013.11.23 01:49:32 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk

[2013.11.21 11:59:30 | 000,419,104 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2013.11.20 21:53:13 | 000,013,153 | ---- | C] () -- C:\Windows\System32\nvinfo.pb

[2013.11.19 21:55:21 | 000,000,896 | ---- | C] () -- C:\Users\Public\Desktop\Pixlr-o-matic.lnk

[2013.11.18 15:51:02 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk

[2013.11.18 14:36:24 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2013.11.18 14:23:48 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

[2013.11.18 14:11:11 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2013.11.14 11:12:56 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF

[2013.11.12 21:27:44 | 000,847,989 | ---- | C] () -- C:\Users\michael\Documents\3114.pdf

[2013.11.11 01:31:16 | 000,009,287 | ---- | C] () -- C:\Users\michael\.recently-used.xbel

[2013.11.08 19:32:52 | 000,043,174 | ---- | C] () -- C:\Users\michael\Documents\Happy Day.jpg

[2013.10.16 09:35:46 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe

[2013.10.14 17:26:05 | 000,000,094 | ---- | C] () -- C:\Users\michael\AppData\Roaming\WB.CFG

[2013.10.14 17:26:05 | 000,000,006 | ---- | C] () -- C:\Users\michael\AppData\Roaming\WBPU-TTL.DAT

[2013.10.10 11:05:02 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

[2013.04.24 10:58:56 | 000,362,029 | ---- | C] () -- C:\Windows\System32\sqlite3.dll

[2013.04.18 18:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe

[2013.04.18 18:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll

[2013.04.18 18:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll

[2013.04.18 18:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll

[2013.04.18 18:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll

[2013.02.21 13:09:10 | 000,065,536 | ---- | C] () -- C:\Windows\System32\afasrv32.exe

[2012.05.29 14:00:29 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll

[2010.09.20 12:41:20 | 000,006,614 | ---- | C] () -- C:\Users\michael\shexview_lng.ini

[2010.07.25 18:18:14 | 000,000,544 | ---- | C] () -- C:\Users\michael\AppData\Roaming\$IGBT9Y2.JPG

[2010.07.25 18:18:11 | 000,000,544 | ---- | C] () -- C:\Users\michael\AppData\Roaming\$IDOOI7P.BUP

[2010.07.25 18:18:11 | 000,000,544 | ---- | C] () -- C:\Users\michael\AppData\Roaming\$IAURFUT.IFO

[2010.07.25 18:18:11 | 000,000,544 | ---- | C] () -- C:\Users\michael\AppData\Roaming\$I3IX2MZ.IFO

[2010.07.25 18:18:11 | 000,000,544 | ---- | C] () -- C:\Users\michael\AppData\Roaming\$I1QNAH1.BUP

[2010.05.13 10:15:42 | 000,019,456 | ---- | C] () -- C:\Users\michael\AppData\Local\WebpageIcons.db

[2010.04.10 08:08:46 | 000,000,680 | ---- | C] () -- C:\Users\michael\AppData\Local\d3d9caps.dat

[2009.10.01 13:25:59 | 000,000,148 | ---- | C] () -- C:\Users\michael\AppData\Roaming\default.pls

[2009.06.30 18:07:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2009.06.28 12:32:54 | 000,001,738 | ---- | C] () -- C:\Users\michael\AppData\Roaming\wklnhst.dat

[2009.06.27 19:39:38 | 000,233,984 | ---- | C] () -- C:\Users\michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 
 ========== ZeroAccess Check ==========

 

[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 
 ========== LOP Check ==========

 

[2013.11.28 10:56:25 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\.oit

[2012.04.19 14:33:50 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\1&1 Mail & Media GmbH

[2011.10.18 12:50:43 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Ashampoo

[2011.05.16 14:38:42 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Auslogics

[2012.05.15 17:35:48 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1

[2013.11.23 02:02:20 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\DVDVideoSoft

[2010.08.11 19:50:23 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\EPSON

[2010.01.21 15:16:26 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\FRITZ!

[2010.07.18 10:48:44 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\FRITZ!fax für FRITZ!Box

[2011.02.13 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\GARMIN

[2012.04.16 17:09:37 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\GMX

[2013.11.11 01:31:16 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\gtk-2.0

[2012.09.20 19:45:49 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\ICQ

[2012.03.16 15:36:23 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\ImgBurn

[2011.04.03 22:30:00 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\LibreOffice

[2009.10.03 09:21:03 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Lingoes

[2010.06.02 18:44:19 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\MuldeR

[2013.02.27 19:08:47 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\MusicNet

[2010.12.29 20:36:35 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\NewSoft

[2011.02.06 17:10:21 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Octoshape

[2013.07.25 12:09:03 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\OpenOffice

[2009.06.27 23:17:19 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\OpenOffice.org

[2009.08.27 11:47:52 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Opera

[2013.11.19 21:56:25 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Pixlromatic

[2009.09.22 19:31:52 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\ppstream

[2013.08.19 17:54:59 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Samsung

[2009.06.28 12:33:13 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Template

[2009.07.20 18:31:43 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\TomTom

[2012.08.11 20:07:32 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\Trillian

[2013.11.23 01:50:22 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\TuneUp Software

[2012.04.16 17:09:11 | 000,000,000 | ---D | M] -- C:\Users\michael\AppData\Roaming\WEB.DE

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers >

"ProviderID0" = 1

"ProviderID1" = 2

"ProviderID2" = 3

"ProviderID3" = 4

"NextProviderID" = 6

"ProviderFileName0" = unimdm.tsp -- [2009.04.11 07:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation)

"ProviderFileName1" = kmddsp.tsp -- [2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation)

"ProviderFileName2" = ndptsp.tsp -- [2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation)

"ProviderFileName3" = hidphone.tsp -- [2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation)

"NumProviders" = 5

"ProviderID4" = 5

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation /S >

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S >

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters]

"ServiceDll" = %SystemRoot%\System32\dnsrslvr.dll -- [2011.03.02 16:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation)

 
 < HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost >

"LocalService" = nsilltdsvcSSDPSRVupnphostSCard [Binary data over 200 bytes]

"LocalSystemNetworkRestricted" = hidservUxSmsWdiSystemHostNetman [Binary data over 200 bytes]

"NetworkServiceNetworkRestricted" = PolicyAgent [binary data]

"LocalServiceNoNetwork" = PLADPSBFEmpssvcehstart [binary data]

"NetworkService" = CryptSvcDHCPTermServiceKtmRmDN [Binary data over 200 bytes]

"termsvcs" = TermService [binary data]

"WerSvcGroup" = wersvc [binary data] -- [2009.04.11 07:28:25 | 000,126,976 | ---- | M] (Microsoft Corporation)

"netsvcs" = AeLookupSvcwercplsupportThemesC [Binary data over 200 bytes]

"swprv" = swprv [binary data] -- [2009.04.11 07:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation)

"LocalServiceNetworkRestricted" = DHCPeventlogAudioSrvLmHostswsc [Binary data over 200 bytes]

"rpcss" = RpcSs [binary data] -- [2009.04.11 07:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation)

"regsvc" = RemoteRegistry [binary data]

"wcssvc" = WcsPlugInService [binary data] -- [2006.11.02 10:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation)

"DcomLaunch" = PlugPlayDcomLaunch [binary data]

"wdisvc" = WdiServiceHost [binary data]

"sdrsvc" = sdrsvc [binary data] -- [2008.01.21 03:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation)

"imgsvc" = StiSvc [binary data]

"secsvcs" = WinDefend [binary data]

"bthsvcs" = BthServ [binary data] -- [2009.04.11 07:28:18 | 000,040,960 | ---- | M] (Microsoft Corporation)

"getPlusHelper" = getPlusHelper [binary data]

"LocalServiceAndNoImpersonation" = FontCache [binary data]

"GPSvcGroup" = GPSvc [binary data] -- [2009.04.11 07:28:19 | 000,576,512 | ---- | M] (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\getPlusHelper]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\GPSvcGroup]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\SDRSVC]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\swprv]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wercplsupport]

 
 < HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com >

 
 < %SystemRoot%\system32\*.tsp >

[2006.11.02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp

[2006.11.02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp

[2006.11.02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp

[2006.11.02 10:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp

[2009.04.11 07:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp

 
 < C:\Windows\system32\*.dll /800 >

[2012.04.19 13:56:56 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\admparse.dll

[2012.04.19 13:56:56 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\advpack.dll

[2013.06.04 02:49:59 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\atmfd.dll

[2013.06.04 05:16:35 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\system32\atmlib.dll

[2013.08.01 03:49:15 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cdd.dll

[2013.04.24 05:00:24 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certenc.dll

[2013.04.18 18:06:46 | 000,974,848 | ---- | M] () -- C:\Windows\system32\cis-2.4.dll

[2013.07.04 05:21:15 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comctl32.dll

[2013.10.03 13:45:45 | 000,993,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll

[2013.04.17 13:30:06 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptdlg.dll

[2013.07.08 05:16:55 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll

[2013.07.08 05:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll

[2013.03.09 04:45:04 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\csrsrv.dll

[2013.08.27 02:32:20 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d2d1.dll

[2013.08.27 03:47:50 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10.dll

[2013.08.27 03:47:50 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10core.dll

[2013.08.27 02:50:40 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll

[2013.08.27 02:52:08 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10warp.dll

[2013.08.27 03:47:50 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1.dll

[2013.08.27 03:47:50 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1core.dll

[2013.04.18 18:06:08 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\system32\dgderapi.dll

[2013.04.18 18:06:08 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DIFxAPI.dll

[2012.11.02 11:18:17 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnet.dll

[2013.08.27 02:28:36 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll

[2012.04.19 13:56:59 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll

[2012.04.19 13:57:00 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll

[2011.10.14 17:02:19 | 000,429,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EncDec.dll

[2013.08.27 02:28:35 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FntCache.dll

[2013.10.11 03:07:57 | 000,596,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FWPUCLNT.DLL

[2013.10.03 13:45:50 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gdi32.dll

[2012.08.21 13:01:22 | 000,106,928 | ---- | M] (GEAR Software Inc.) -- C:\Windows\system32\GEARAspi.dll

[2013.06.15 14:22:11 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icaapi.dll

[2012.04.19 13:56:59 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll

[2012.04.19 13:56:55 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll

[2012.04.19 13:56:55 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakeng.dll

[2012.04.19 13:56:56 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieaksie.dll

[2012.04.19 13:56:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakui.dll

[2012.04.19 13:56:59 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll

[2012.04.19 13:56:59 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll

[2013.10.13 11:08:04 | 009,739,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll

[2012.04.19 13:56:56 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll

[2012.04.19 13:56:59 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll

[2013.10.13 10:27:40 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll

[2012.04.19 13:56:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll

[2012.04.19 13:57:00 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll

[2013.10.13 10:20:51 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll

[2013.10.11 03:08:02 | 000,444,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IKEEXT.DLL

[2012.02.29 16:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll

[2012.04.19 13:56:56 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll

[2012.04.19 13:56:58 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll

[2013.04.18 18:06:46 | 000,081,920 | ---- | M] () -- C:\Windows\system32\issacapi_bs-2.3.dll

[2013.04.18 18:06:46 | 000,065,536 | ---- | M] () -- C:\Windows\system32\issacapi_pe-2.3.dll

[2013.04.18 18:06:46 | 000,057,344 | ---- | M] () -- C:\Windows\system32\issacapi_se-2.3.dll

[2013.10.13 10:30:20 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll

[2013.10.13 10:48:06 | 001,806,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll

[2013.10.13 10:32:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll

[2012.09.28 17:11:03 | 000,892,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kernel32.dll

[2012.04.19 13:56:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll

[2012.05.11 16:57:00 | 000,623,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\localspl.dll

[2011.11.16 17:21:57 | 001,259,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lsasrv.dll

[2013.04.18 18:06:46 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MACXMLProto.dll

[2013.04.18 18:06:46 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\system32\MaDRM.dll

[2013.04.18 18:06:46 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MaJGUILib.dll

[2013.04.18 18:06:46 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\system32\MAMACExtract.dll

[2013.04.18 18:06:46 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\system32\MaXMLProto.dll

[2011.10.14 17:00:23 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mciseq.dll

[2013.04.18 18:06:46 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\system32\MK_Lyric.dll

[2013.04.18 18:06:46 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\system32\MSCLib.dll

[2013.10.13 10:27:43 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll

[2012.04.19 13:56:55 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll

[2013.04.18 18:06:46 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\system32\MSFLib.dll

[2013.10.13 11:42:12 | 012,344,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll

[2013.10.13 10:26:08 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll

[2012.04.19 13:57:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll

[2012.04.19 13:57:02 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll

[2013.04.18 18:06:46 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\system32\MSLUR71.dll

[2012.05.05 11:54:20 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSMPIDE.DLL

[2012.04.19 13:57:01 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll

[2013.03.08 04:52:22 | 002,067,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mstscax.dll

[2013.11.20 20:57:50 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp71.dll

[2012.08.16 14:12:06 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr100.dll

[2011.12.14 17:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcrt.dll

[2012.06.05 17:47:27 | 001,248,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll

[2012.11.02 11:19:34 | 001,400,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll

[2013.04.18 18:06:46 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\system32\MTTELECHIP.dll

[2013.04.18 18:06:46 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\system32\MTXSYNCICON.dll

[2013.04.18 18:06:46 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\system32\muzaf1.dll

[2013.04.18 18:06:46 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\system32\muzapp.dll

[2013.04.18 18:06:46 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\system32\muzwmts.dll

[2012.11.20 05:22:50 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll

[2012.06.29 17:01:42 | 000,467,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll

[2013.07.09 13:10:36 | 001,205,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdll.dll

[2012.12.29 11:26:54 | 002,504,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvapi.dll

[2012.07.03 16:25:20 | 000,067,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvapo32v.dll

[2012.12.29 11:26:54 | 017,560,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcompiler.dll

[2012.12.29 09:26:22 | 004,129,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcpl.dll

[2012.12.29 11:26:54 | 007,931,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuda.dll

[2012.12.29 11:26:54 | 001,985,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvenc.dll

[2012.12.29 11:26:54 | 002,720,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvid.dll

[2012.12.29 11:26:54 | 015,129,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvd3dum.dll

[2012.12.29 11:26:54 | 001,017,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvdispco32.dll

[2012.12.29 11:26:54 | 000,889,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvdispgenco32.dll

[2012.05.15 11:26:00 | 000,883,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvgenco32.dll

[2012.07.03 08:37:56 | 000,884,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvhdagenco3220103.dll

[2012.07.03 16:25:21 | 000,028,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvhdap32.dll

[2012.12.29 09:25:57 | 000,108,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvmctray.dll

[2012.12.29 11:26:54 | 020,450,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvoglv32.dll

[2012.12.29 11:26:54 | 006,263,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvopencl.dll

[2012.12.29 09:25:57 | 000,062,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvshext.dll

[2012.12.29 09:26:22 | 003,001,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvsvc.dll

[2012.12.29 09:25:57 | 002,557,880 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvsvcr.dll

[2012.12.29 11:26:54 | 012,641,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvwgf2um.dll

[2012.04.19 13:56:57 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll

[2012.05.15 11:26:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\system32\OpenCL.dll

[2011.11.18 18:47:03 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\packager.dll

[2013.04.09 15:13:52 | 000,095,416 | ---- | M] (pdfforge GmbH) -- C:\Windows\system32\pdfcmon.dll

[2013.11.20 20:57:55 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\system32\pncrt.dll

[2013.11.20 20:57:56 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\system32\pndx5016.dll

[2013.11.20 20:57:56 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\system32\pndx5032.dll

[2012.04.19 13:56:57 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll

[2013.07.20 11:44:53 | 000,102,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

[2013.05.02 05:03:42 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\printcom.dll

[2011.10.25 16:58:54 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qdvd.dll

[2013.06.01 05:06:08 | 000,505,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qedit.dll

[2012.11.08 04:48:38 | 001,314,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\quartz.dll

[2012.01.09 16:54:08 | 000,613,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpencom.dll

[2013.04.18 18:08:14 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\system32\Redemption.dll

[2013.11.20 20:58:11 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\system32\rmoc3260.dll

[2013.07.10 10:47:00 | 000,783,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rpcrt4.dll

[2012.06.02 01:04:25 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll

[2011.11.16 17:23:08 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll

[2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll

[2012.11.22 04:54:36 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shlwapi.dll

[2013.04.24 10:58:56 | 000,362,029 | ---- | M] () -- C:\Windows\system32\sqlite3.dll

[2012.09.25 17:19:41 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\synceng.dll

[2013.07.16 05:35:16 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\themeui.dll

[2013.07.17 20:41:34 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll

[2013.10.13 10:33:57 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll

[2013.10.13 10:37:03 | 001,104,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll

[2013.10.13 10:29:02 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll

[2013.04.03 08:58:16 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WdfCoInstaller01007.dll

[2012.07.26 03:46:47 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wdfres.dll

[2012.04.19 13:56:58 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll

[2013.05.02 05:04:25 | 000,443,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll

[2013.11.18 14:14:06 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge.dll

[2011.11.16 17:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winhttp.dll

[2013.10.13 10:35:38 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll

[2011.10.14 17:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winmm.dll

[2013.03.08 04:53:50 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winsrv.dll

[2013.07.08 05:20:04 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll

[2013.04.03 08:58:16 | 000,581,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinUSBCoInstaller.dll

[2012.02.29 16:11:45 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmi.dll

[2013.08.02 05:09:35 | 001,548,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMVDECOD.DLL

[2012.06.02 23:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuapi.dll

[2012.06.02 23:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuaueng.dll

[2012.06.02 23:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wucltux.dll

[2012.07.26 04:20:40 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFCoinstaller.dll

[2012.07.26 04:20:40 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFPlatform.dll

[2012.07.26 04:20:40 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFSvc.dll

[2012.07.26 04:20:40 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFx.dll

[2012.06.02 23:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wudriver.dll

[2012.06.02 23:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wups.dll

[2012.06.02 23:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wups2.dll

[2012.06.02 14:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuwebv.dll

[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

[2006.11.02 14:01:49 | 000,032,534 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2009.06.30 20:30:27 | 000,001,076 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000Core.job

[2009.06.30 20:30:28 | 000,001,128 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000UA.job

[2010.02.09 16:23:56 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

[2010.02.09 16:23:58 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[2013.03.20 07:32:00 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

[2013.08.22 23:05:53 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000Core.job

[2013.08.22 23:05:56 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-472820592-3686497848-1455512980-1000UA.job

 
 <           >
 

< End of report >