werso111 | 11.11.2013 18:16 | Code:
ComboFix 13-11-10.02 - robin 11.11.2013 17:56:41.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8183.6390 [GMT 1:00]
ausgeführt von:: c:\users\robin\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\uninst.exe
c:\users\robin\AppData\Roaming\convert\convert.exe
c:\users\robin\AppData\Roaming\dclogs
c:\users\robin\AppData\Roaming\dclogs\2012-11-13-3.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-14-4.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-15-5.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-16-6.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-17-7.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-18-1.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-19-2.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-20-3.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-21-4.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-22-5.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-23-6.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-24-7.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-25-1.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-26-2.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-27-3.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-28-4.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-29-5.dc
c:\users\robin\AppData\Roaming\dclogs\2012-11-30-6.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-01-7.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-02-1.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-03-2.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-04-3.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-05-4.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-06-5.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-07-6.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-08-7.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-09-1.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-10-2.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-11-3.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-12-4.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-13-5.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-14-6.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-15-7.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-16-1.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-17-2.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-18-3.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-19-4.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-20-5.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-21-6.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-22-7.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-23-1.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-24-2.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-25-3.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-26-4.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-27-5.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-28-6.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-29-7.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-30-1.dc
c:\users\robin\AppData\Roaming\dclogs\2012-12-31-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-01-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-02-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-03-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-04-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-05-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-06-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-07-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-08-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-09-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-10-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-11-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-12-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-13-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-14-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-15-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-16-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-17-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-18-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-19-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-20-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-21-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-22-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-23-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-24-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-25-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-26-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-27-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-28-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-29-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-30-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-01-31-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-01-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-02-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-03-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-04-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-05-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-06-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-07-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-08-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-09-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-10-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-11-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-12-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-13-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-14-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-15-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-16-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-17-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-18-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-19-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-20-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-21-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-22-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-23-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-24-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-25-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-26-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-27-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-02-28-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-01-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-02-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-03-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-04-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-05-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-06-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-07-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-08-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-09-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-10-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-11-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-12-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-13-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-14-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-15-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-16-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-17-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-18-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-19-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-20-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-21-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-22-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-23-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-24-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-25-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-26-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-27-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-28-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-29-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-30-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-03-31-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-01-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-02-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-03-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-04-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-05-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-06-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-07-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-13-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-14-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-15-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-16-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-17-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-18-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-19-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-20-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-21-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-22-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-23-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-24-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-25-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-26-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-27-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-28-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-29-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-04-30-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-02-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-03-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-04-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-05-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-06-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-07-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-08-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-09-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-10-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-11-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-12-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-13-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-14-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-15-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-16-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-17-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-18-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-19-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-20-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-21-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-22-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-23-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-24-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-25-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-26-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-27-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-28-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-29-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-30-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-05-31-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-01-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-02-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-03-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-04-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-05-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-06-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-07-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-08-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-09-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-12-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-13-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-14-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-15-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-16-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-17-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-18-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-19-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-20-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-21-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-22-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-23-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-24-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-25-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-26-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-27-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-28-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-29-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-06-30-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-01-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-02-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-03-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-04-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-05-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-06-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-07-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-08-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-09-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-10-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-11-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-12-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-13-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-14-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-15-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-16-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-17-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-18-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-19-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-20-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-21-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-22-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-23-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-24-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-25-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-26-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-27-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-28-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-29-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-30-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-07-31-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-01-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-02-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-03-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-04-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-05-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-06-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-07-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-08-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-09-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-10-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-11-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-12-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-13-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-14-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-15-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-16-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-17-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-18-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-19-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-20-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-21-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-22-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-23-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-24-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-25-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-26-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-27-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-28-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-29-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-30-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-08-31-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-01-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-02-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-03-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-04-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-05-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-06-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-07-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-08-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-09-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-10-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-11-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-12-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-13-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-14-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-15-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-16-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-17-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-18-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-19-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-20-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-21-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-22-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-23-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-24-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-25-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-26-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-27-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-28-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-29-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-09-30-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-01-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-02-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-03-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-04-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-05-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-06-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-07-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-08-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-09-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-10-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-11-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-12-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-13-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-14-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-15-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-16-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-17-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-18-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-19-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-20-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-21-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-22-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-23-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-24-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-25-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-26-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-27-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-28-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-29-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-30-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-10-31-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-11-01-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-11-02-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-11-03-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-11-04-2.dc
c:\users\robin\AppData\Roaming\dclogs\2013-11-05-3.dc
c:\users\robin\AppData\Roaming\dclogs\2013-11-06-4.dc
c:\users\robin\AppData\Roaming\dclogs\2013-11-07-5.dc
c:\users\robin\AppData\Roaming\dclogs\2013-11-08-6.dc
c:\users\robin\AppData\Roaming\dclogs\2013-11-09-7.dc
c:\users\robin\AppData\Roaming\dclogs\2013-11-10-1.dc
c:\users\robin\AppData\Roaming\dclogs\2013-11-11-2.dc
c:\users\robin\AppData\Roaming\msnmsgr
c:\users\robin\AppData\Roaming\SQLite3.dll
c:\users\robin\Desktop\Search.lnk
c:\users\robin\Documents\MSDCSC\msdcsc.exe
c:\windows\SysWow64\ff
c:\windows\SysWow64\ff\App\AppInfo\appicon.ico
c:\windows\SysWow64\ff\App\AppInfo\appicon_128.png
c:\windows\SysWow64\ff\App\AppInfo\appicon_16.png
c:\windows\SysWow64\ff\App\AppInfo\appicon_32.png
c:\windows\SysWow64\ff\App\AppInfo\appinfo.ini
c:\windows\SysWow64\ff\App\AppInfo\installer.ini
c:\windows\SysWow64\ff\App\Bin\sqlite3.exe
c:\windows\SysWow64\ff\App\DefaultData\plugins\plugins_readme.txt
c:\windows\SysWow64\ff\App\DefaultData\profile\bookmarks.html
c:\windows\SysWow64\ff\App\DefaultData\profile\prefs.js
c:\windows\SysWow64\ff\App\DefaultData\settings\FirefoxPortableSettings.ini
c:\windows\SysWow64\ff\App\Firefox\AccessibleMarshal.dll
c:\windows\SysWow64\ff\App\Firefox\active-update.xml
c:\windows\SysWow64\ff\App\Firefox\application.ini
c:\windows\SysWow64\ff\App\Firefox\blocklist.xml
c:\windows\SysWow64\ff\App\Firefox\breakpadinjector.dll
c:\windows\SysWow64\ff\App\Firefox\browser\blocklist.xml
c:\windows\SysWow64\ff\App\Firefox\browser\chrome.manifest
c:\windows\SysWow64\ff\App\Firefox\browser\components\browsercomps.dll
c:\windows\SysWow64\ff\App\Firefox\browser\components\components.manifest
c:\windows\SysWow64\ff\App\Firefox\browser\crashreporter-override.ini
c:\windows\SysWow64\ff\App\Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png
c:\windows\SysWow64\ff\App\Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\windows\SysWow64\ff\App\Firefox\browser\omni.ja
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\amazondotcom-de.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\bing.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\eBay-de.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\google.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\leo_ende_de.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\wikipedia-de.xml
c:\windows\SysWow64\ff\App\Firefox\browser\searchplugins\yahoo-de.xml
c:\windows\SysWow64\ff\App\Firefox\chrome.manifest
c:\windows\SysWow64\ff\App\Firefox\components\binary.manifest
c:\windows\SysWow64\ff\App\Firefox\components\browsercomps.dll
c:\windows\SysWow64\ff\App\Firefox\crashreporter-override.ini
c:\windows\SysWow64\ff\App\Firefox\crashreporter.exe
c:\windows\SysWow64\ff\App\Firefox\crashreporter.ini
c:\windows\SysWow64\ff\App\Firefox\D3DCompiler_43.dll
c:\windows\SysWow64\ff\App\Firefox\d3dx9_43.dll
c:\windows\SysWow64\ff\App\Firefox\defaults\pref\channel-prefs.js
c:\windows\SysWow64\ff\App\Firefox\dependentlibs.list
c:\windows\SysWow64\ff\App\Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png
c:\windows\SysWow64\ff\App\Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\windows\SysWow64\ff\App\Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\preview.png
c:\windows\SysWow64\ff\App\Firefox\firefox.exe
c:\windows\SysWow64\ff\App\Firefox\freebl3.chk
c:\windows\SysWow64\ff\App\Firefox\freebl3.dll
c:\windows\SysWow64\ff\App\Firefox\gkmedias.dll
c:\windows\SysWow64\ff\App\Firefox\libEGL.dll
c:\windows\SysWow64\ff\App\Firefox\libGLESv2.dll
c:\windows\SysWow64\ff\App\Firefox\maintenanceservice.exe
c:\windows\SysWow64\ff\App\Firefox\maintenanceservice_installer.exe
c:\windows\SysWow64\ff\App\Firefox\mozalloc.dll
c:\windows\SysWow64\ff\App\Firefox\mozglue.dll
c:\windows\SysWow64\ff\App\Firefox\mozjs.dll
c:\windows\SysWow64\ff\App\Firefox\mozsqlite3.dll
c:\windows\SysWow64\ff\App\Firefox\msvcp100.dll
c:\windows\SysWow64\ff\App\Firefox\msvcr100.dll
c:\windows\SysWow64\ff\App\Firefox\nspr4.dll
c:\windows\SysWow64\ff\App\Firefox\nss3.dll
c:\windows\SysWow64\ff\App\Firefox\nssckbi.dll
c:\windows\SysWow64\ff\App\Firefox\nssdbm3.chk
c:\windows\SysWow64\ff\App\Firefox\nssdbm3.dll
c:\windows\SysWow64\ff\App\Firefox\nssutil3.dll
c:\windows\SysWow64\ff\App\Firefox\omni.ja
c:\windows\SysWow64\ff\App\Firefox\platform.ini
c:\windows\SysWow64\ff\App\Firefox\plc4.dll
c:\windows\SysWow64\ff\App\Firefox\plds4.dll
c:\windows\SysWow64\ff\App\Firefox\plugin-container.exe
c:\windows\SysWow64\ff\App\Firefox\plugin-hang-ui.exe
c:\windows\SysWow64\ff\App\Firefox\precomplete
c:\windows\SysWow64\ff\App\Firefox\removed-files
c:\windows\SysWow64\ff\App\Firefox\searchplugins\amazondotcom-de.xml
c:\windows\SysWow64\ff\App\Firefox\searchplugins\bing.xml
c:\windows\SysWow64\ff\App\Firefox\searchplugins\eBay-de.xml
c:\windows\SysWow64\ff\App\Firefox\searchplugins\google.xml
c:\windows\SysWow64\ff\App\Firefox\searchplugins\leo_ende_de.xml
c:\windows\SysWow64\ff\App\Firefox\searchplugins\wikipedia-de.xml
c:\windows\SysWow64\ff\App\Firefox\searchplugins\yahoo-de.xml
c:\windows\SysWow64\ff\App\Firefox\smime3.dll
c:\windows\SysWow64\ff\App\Firefox\softokn3.chk
c:\windows\SysWow64\ff\App\Firefox\softokn3.dll
c:\windows\SysWow64\ff\App\Firefox\ssl3.dll
c:\windows\SysWow64\ff\App\Firefox\uninstall\helper.exe
c:\windows\SysWow64\ff\App\Firefox\uninstall\uninstall.update
c:\windows\SysWow64\ff\App\Firefox\update-settings.ini
c:\windows\SysWow64\ff\App\Firefox\updater.exe
c:\windows\SysWow64\ff\App\Firefox\updater.ini
c:\windows\SysWow64\ff\App\Firefox\updates.xml
c:\windows\SysWow64\ff\App\Firefox\updates\0\update.log
c:\windows\SysWow64\ff\App\Firefox\updates\0\update.manifest
c:\windows\SysWow64\ff\App\Firefox\updates\0\update.mar
c:\windows\SysWow64\ff\App\Firefox\updates\0\update.status
c:\windows\SysWow64\ff\App\Firefox\updates\0\update.version
c:\windows\SysWow64\ff\App\Firefox\updates\0\updater.exe
c:\windows\SysWow64\ff\App\Firefox\updates\0\updater.ini
c:\windows\SysWow64\ff\App\Firefox\updates\last-update.log
c:\windows\SysWow64\ff\App\Firefox\webapp-uninstaller.exe
c:\windows\SysWow64\ff\App\Firefox\webapprt-stub.exe
c:\windows\SysWow64\ff\App\Firefox\webapprt\omni.ja
c:\windows\SysWow64\ff\App\Firefox\webapprt\webapprt.ini
c:\windows\SysWow64\ff\App\Firefox\xpcom.dll
c:\windows\SysWow64\ff\App\Firefox\xul.dll
c:\windows\SysWow64\ff\App\readme.txt
c:\windows\SysWow64\ff\Data\make.txt
c:\windows\SysWow64\ff\Data\open.txt
c:\windows\SysWow64\ff\Data\plugins\npdsplay.dll
c:\windows\SysWow64\ff\Data\plugins\npNxGameeu.dll
c:\windows\SysWow64\ff\Data\plugins\nppl3260.dll
c:\windows\SysWow64\ff\Data\plugins\nprpplugin.dll
c:\windows\SysWow64\ff\Data\plugins\npzylomgamesplayer.dll
c:\windows\SysWow64\ff\Data\plugins\plugins_readme.txt
c:\windows\SysWow64\ff\Data\plugins_choice\list.txt
c:\windows\SysWow64\ff\Data\plugins_choice\np-mswmp.dll
c:\windows\SysWow64\ff\Data\plugins_choice\np32dsw.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npauthz.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npAviraCallingID.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npctrl.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npdeploytk.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npdivx32.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npdrmv2.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npdsplay.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npgeplugin.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npgoogleupdate3.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npitunes.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npjp2.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npnul32.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npNxGameeu.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npovshelper.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npPandoWebPlugin.dll
c:\windows\SysWow64\ff\Data\plugins_choice\nppdf32.dll
c:\windows\SysWow64\ff\Data\plugins_choice\nppl3260.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npqtplugin.dll
c:\windows\SysWow64\ff\Data\plugins_choice\nprpplugin.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npspwrap.dll
c:\windows\SysWow64\ff\Data\plugins_choice\NPSWF32_11_7_700_169.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npunity3d32.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npvlc.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npwinext.dll
c:\windows\SysWow64\ff\Data\plugins_choice\NPWLPG.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npwmsdrm.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npwpf.dll
c:\windows\SysWow64\ff\Data\plugins_choice\npzylomgamesplayer.dll
c:\windows\SysWow64\ff\Data\profile\blocklist.xml
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-08.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-09.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-10.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-11.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-16.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-22.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-23.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-24.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-25.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-28.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-29.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-09-30.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-10-01.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-10-02.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-10-03.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-10-04.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-10-05.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-10-06.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-10-07.json
c:\windows\SysWow64\ff\Data\profile\bookmarkbackups\bookmarks-2013-10-08.json
c:\windows\SysWow64\ff\Data\profile\bookmarks.html
c:\windows\SysWow64\ff\Data\profile\cert8.db
c:\windows\SysWow64\ff\Data\profile\chromeappsstore.sqlite
c:\windows\SysWow64\ff\Data\profile\compatibility.ini
c:\windows\SysWow64\ff\Data\profile\content-prefs.sqlite
c:\windows\SysWow64\ff\Data\profile\cookies.sqlite
c:\windows\SysWow64\ff\Data\profile\cookies.sqlite.bak
c:\windows\SysWow64\ff\Data\profile\downloads.sqlite
c:\windows\SysWow64\ff\Data\profile\extensions.ini
c:\windows\SysWow64\ff\Data\profile\extensions.log
c:\windows\SysWow64\ff\Data\profile\extensions.sqlite
c:\windows\SysWow64\ff\Data\profile\extensions\firebug@software.joehewitt.com.xpi
c:\windows\SysWow64\ff\Data\profile\extensions\remote-control@morch.com.xpi
c:\windows\SysWow64\ff\Data\profile\firebug\annotations.json
c:\windows\SysWow64\ff\Data\profile\firebug\breakpoints.json
c:\windows\SysWow64\ff\Data\profile\formhistory.sqlite
c:\windows\SysWow64\ff\Data\profile\healthreport.sqlite
c:\windows\SysWow64\ff\Data\profile\indexedDB\chrome\.metadata
c:\windows\SysWow64\ff\Data\profile\indexedDB\chrome\idb\2588645841ssegtnti.sqlite
c:\windows\SysWow64\ff\Data\profile\key3.db
c:\windows\SysWow64\ff\Data\profile\localstore-safe.rdf
c:\windows\SysWow64\ff\Data\profile\localstore.rdf
c:\windows\SysWow64\ff\Data\profile\marionette.log
c:\windows\SysWow64\ff\Data\profile\mimeTypes.rdf
c:\windows\SysWow64\ff\Data\profile\minidumps\1897f0a1-fbe0-4bb8-88a5-73050418ab62.dmp
c:\windows\SysWow64\ff\Data\profile\minidumps\654e509e-9152-403f-8c22-90ec1642993a.dmp
c:\windows\SysWow64\ff\Data\profile\minidumps\654e509e-9152-403f-8c22-90ec1642993a.extra
c:\windows\SysWow64\ff\Data\profile\minidumps\a98c2742-fa9f-4fe8-a65d-009c3107488f.dmp
c:\windows\SysWow64\ff\Data\profile\OfflineCache\index.sqlite
c:\windows\SysWow64\ff\Data\profile\parent.lock
c:\windows\SysWow64\ff\Data\profile\permissions.sqlite
c:\windows\SysWow64\ff\Data\profile\places.sqlite
c:\windows\SysWow64\ff\Data\profile\pluginreg.dat
c:\windows\SysWow64\ff\Data\profile\prefs.js
c:\windows\SysWow64\ff\Data\profile\safebrowsing\goog-malware-shavar.cache
c:\windows\SysWow64\ff\Data\profile\safebrowsing\goog-malware-shavar.pset
c:\windows\SysWow64\ff\Data\profile\safebrowsing\goog-malware-shavar.sbstore
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-malware-simple.cache
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-malware-simple.pset
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-malware-simple.sbstore
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-phish-simple.cache
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-phish-simple.pset
c:\windows\SysWow64\ff\Data\profile\safebrowsing\test-phish-simple.sbstore
c:\windows\SysWow64\ff\Data\profile\search-metadata.json
c:\windows\SysWow64\ff\Data\profile\search.json
c:\windows\SysWow64\ff\Data\profile\search.sqlite
c:\windows\SysWow64\ff\Data\profile\secmod.db
c:\windows\SysWow64\ff\Data\profile\signons.sqlite
c:\windows\SysWow64\ff\Data\profile\start.txt
c:\windows\SysWow64\ff\Data\profile\startupCache\startupCache.4.little
c:\windows\SysWow64\ff\Data\profile\Telemetry.FailedProfileLocks.txt
c:\windows\SysWow64\ff\Data\profile\times.json
c:\windows\SysWow64\ff\Data\profile\urlclassifier.pset
c:\windows\SysWow64\ff\Data\profile\urlclassifier3.sqlite
c:\windows\SysWow64\ff\Data\profile\webapps\webapps.json
c:\windows\SysWow64\ff\Data\profile\webappsstore.sqlite
c:\windows\SysWow64\ff\Data\settings\FirefoxPortableSettings.ini
c:\windows\SysWow64\ff\FirefoxPortable.exe
c:\windows\SysWow64\ff\Fonts\aaaiight.ttf
c:\windows\SysWow64\ff\Fonts\abusive pencil.ttf
c:\windows\SysWow64\ff\Fonts\Acens.ttf
c:\windows\SysWow64\ff\Fonts\Acidic.TTF
c:\windows\SysWow64\ff\Fonts\adam.ttf
c:\windows\SysWow64\ff\Fonts\adamb.ttf
c:\windows\SysWow64\ff\Fonts\adambital.ttf
c:\windows\SysWow64\ff\Fonts\Aerosol.ttf
c:\windows\SysWow64\ff\Fonts\aggstock.ttf
c:\windows\SysWow64\ff\Fonts\AIFRAGME.TTF
c:\windows\SysWow64\ff\Fonts\AIRSTREA.TTF
c:\windows\SysWow64\ff\Fonts\airstrip.ttf
c:\windows\SysWow64\ff\Fonts\aladdin.ttf
c:\windows\SysWow64\ff\Fonts\Alias.ttf
c:\windows\SysWow64\ff\Fonts\All Star Resort.ttf
c:\windows\SysWow64\ff\Fonts\AlteHaasGroteskBold.ttf
c:\windows\SysWow64\ff\Fonts\Amerdcon.ttf
c:\windows\SysWow64\ff\Fonts\Android Nation.ttf
c:\windows\SysWow64\ff\Fonts\Anime Ace.ttf
c:\windows\SysWow64\ff\Fonts\beaswfte.ttf
c:\windows\SysWow64\ff\Fonts\Blambot Custom.ttf
c:\windows\SysWow64\ff\Fonts\Blambot Pro.ttf
c:\windows\SysWow64\ff\Fonts\city_burn.ttf
c:\windows\SysWow64\ff\Fonts\CNN.ttf
c:\windows\SysWow64\ff\Fonts\Colcothar.ttf
c:\windows\SysWow64\ff\Fonts\Damn Noisy Kids.ttf
c:\windows\SysWow64\ff\Fonts\Daredevil.ttf
c:\windows\SysWow64\ff\Fonts\DENSMORE.TTF
c:\windows\SysWow64\ff\Fonts\desperado.ttf
c:\windows\SysWow64\ff\Fonts\Detectives Inc.ttf
c:\windows\SysWow64\ff\Fonts\detroitghetto.ttf
c:\windows\SysWow64\ff\Fonts\devotion.ttf
c:\windows\SysWow64\ff\Fonts\dirtyheadline.ttf
c:\windows\SysWow64\ff\Fonts\Diskoboll.ttf
c:\windows\SysWow64\ff\Fonts\EARWIGFA.TTF
c:\windows\SysWow64\ff\Fonts\EDITION_.TTF
c:\windows\SysWow64\ff\Fonts\Ellianarelle s Path.ttf
c:\windows\SysWow64\ff\Fonts\EMPIREST.TTF
c:\windows\SysWow64\ff\Fonts\EpoXY_histoRy.ttf
c:\windows\SysWow64\ff\Fonts\ERTHQAKE.TTF
c:\windows\SysWow64\ff\Fonts\esp.ttf
c:\windows\SysWow64\ff\Fonts\EUROSWH.TTF
c:\windows\SysWow64\ff\Fonts\EVITA.TTF
c:\windows\SysWow64\ff\Fonts\FAREAST.TTF
c:\windows\SysWow64\ff\Fonts\fbsbltc.ttf
c:\windows\SysWow64\ff\Fonts\FerroRosso.ttf
c:\windows\SysWow64\ff\Fonts\Fiesta.ttf
c:\windows\SysWow64\ff\Fonts\fight.TTF
c:\windows\SysWow64\ff\Fonts\Findet Nemo.ttf
c:\windows\SysWow64\ff\Fonts\Flat Earth Scribe.ttf
c:\windows\SysWow64\ff\Fonts\friends good.ttf
c:\windows\SysWow64\ff\Fonts\GameCube.ttf
c:\windows\SysWow64\ff\Fonts\Ginga.ttf
c:\windows\SysWow64\ff\Fonts\Godzilla.ttf
c:\windows\SysWow64\ff\Fonts\GothicFlames.ttf
c:\windows\SysWow64\ff\Fonts\gothikka.ttf
c:\windows\SysWow64\ff\Fonts\Graffogie.ttf
c:\windows\SysWow64\ff\Fonts\groening.ttf
c:\windows\SysWow64\ff\Fonts\gyparody.ttf
c:\windows\SysWow64\ff\Fonts\halflife.ttf
c:\windows\SysWow64\ff\Fonts\Halo.ttf
c:\windows\SysWow64\ff\Fonts\HandSean.ttf
c:\windows\SysWow64\ff\Fonts\HARD_ROCK.ttf
c:\windows\SysWow64\ff\Fonts\Hellraiser SC.ttf
c:\windows\SysWow64\ff\Fonts\Hursheys.ttf
c:\windows\SysWow64\ff\Fonts\idiot.ttf
c:\windows\SysWow64\ff\Fonts\Impossible.ttf
c:\windows\SysWow64\ff\Fonts\in_my_head.ttf
c:\windows\SysWow64\ff\Fonts\Indianhotel.ttf
c:\windows\SysWow64\ff\Fonts\jandles.ttf
c:\windows\SysWow64\ff\Fonts\JaneAust.ttf
c:\windows\SysWow64\ff\Fonts\JerseyLetters.ttf
c:\windows\SysWow64\ff\Fonts\JungleRuff.ttf
c:\windows\SysWow64\ff\Fonts\kaileenw.ttf
c:\windows\SysWow64\ff\Fonts\karabine.ttf
c:\windows\SysWow64\ff\Fonts\Karate.ttf
c:\windows\SysWow64\ff\Fonts\Kitten Meat.ttf
c:\windows\SysWow64\ff\Fonts\Kittkat.ttf
c:\windows\SysWow64\ff\Fonts\Laine.TTF
c:\windows\SysWow64\ff\Fonts\Lazy.ttf
c:\windows\SysWow64\ff\Fonts\LEDLIGHT.ttf
c:\windows\SysWow64\ff\Fonts\Legothick.ttf
c:\windows\SysWow64\ff\Fonts\linkin.ttf
c:\windows\SysWow64\ff\Fonts\LinkinPark.ttf
c:\windows\SysWow64\ff\Fonts\lottepaperfang.ttf
c:\windows\SysWow64\ff\Fonts\maksukehoitus.ttf
c:\windows\SysWow64\ff\Fonts\manga_speak.ttf
c:\windows\SysWow64\ff\Fonts\MARK.TTF
c:\windows\SysWow64\ff\Fonts\Marlboc.ttf
c:\windows\SysWow64\ff\Fonts\Marlbow.ttf
c:\windows\SysWow64\ff\Fonts\Megadeth.ttf
c:\windows\SysWow64\ff\Fonts\meresre.ttf
c:\windows\SysWow64\ff\Fonts\morgenstern.ttf
c:\windows\SysWow64\ff\Fonts\N-Gage.ttf
c:\windows\SysWow64\ff\Fonts\NASALIZA.TTF
c:\windows\SysWow64\ff\Fonts\neon2.ttf
c:\windows\SysWow64\ff\Fonts\NEUROTOX.TTF
c:\windows\SysWow64\ff\Fonts\nevis.ttf
c:\windows\SysWow64\ff\Fonts\Orange Fizz.ttf
c:\windows\SysWow64\ff\Fonts\oreos.ttf
c:\windows\SysWow64\ff\Fonts\Origami.ttf
c:\windows\SysWow64\ff\Fonts\PaisleyCaps .ttf
c:\windows\SysWow64\ff\Fonts\Patches.ttf
c:\windows\SysWow64\ff\Fonts\pdark.ttf
c:\windows\SysWow64\ff\Fonts\Phorssa.ttf
c:\windows\SysWow64\ff\Fonts\Planet of the Apes.ttf
c:\windows\SysWow64\ff\Fonts\Playtoy.ttf
c:\windows\SysWow64\ff\Fonts\Pleiades.TTF
c:\windows\SysWow64\ff\Fonts\postoffice.ttf
c:\windows\SysWow64\ff\Fonts\Pozo.ttf
c:\windows\SysWow64\ff\Fonts\Prototype.ttf
c:\windows\SysWow64\ff\Fonts\Prozak.ttf
c:\windows\SysWow64\ff\Fonts\Pyromane.ttf
c:\windows\SysWow64\ff\Fonts\quake.TTF
c:\windows\SysWow64\ff\Fonts\Requiem.ttf
c:\windows\SysWow64\ff\Fonts\Resident Evil Large.ttf
c:\windows\SysWow64\ff\Fonts\retroRockPoster.ttf
c:\windows\SysWow64\ff\Fonts\ribbon.ttf
c:\windows\SysWow64\ff\Fonts\riesling.ttf
c:\windows\SysWow64\ff\Fonts\Rockit.ttf
c:\windows\SysWow64\ff\Fonts\romeo.ttf
c:\windows\SysWow64\ff\Fonts\Rounded.ttf
c:\windows\SysWow64\ff\Fonts\rzrarti.ttf
c:\windows\SysWow64\ff\Fonts\Scream Real.ttf
c:\windows\SysWow64\ff\Fonts\se7en.ttf
c:\windows\SysWow64\ff\Fonts\Searfont.ttf
c:\windows\SysWow64\ff\Fonts\shellhead.ttf
c:\windows\SysWow64\ff\Fonts\Sickness.ttf
c:\windows\SysWow64\ff\Fonts\sidewalk.ttf
c:\windows\SysWow64\ff\Fonts\Sin City.ttf
c:\windows\SysWow64\ff\Fonts\Sliced_Juice.ttf
c:\windows\SysWow64\ff\Fonts\Smallville1.ttf
c:\windows\SysWow64\ff\Fonts\Spirit Medium.ttf
c:\windows\SysWow64\ff\Fonts\splinter2.ttf
c:\windows\SysWow64\ff\Fonts\spongefont.ttf
c:\windows\SysWow64\ff\Fonts\stentiga.ttf
c:\windows\SysWow64\ff\Fonts\TAGSTER.TTF
c:\windows\SysWow64\ff\Fonts\Taste of steel.ttf
c:\windows\SysWow64\ff\Fonts\TERMINAT.TTF
c:\windows\SysWow64\ff\Fonts\the ring.ttf
c:\windows\SysWow64\ff\Fonts\the sixth sense.ttf
c:\windows\SysWow64\ff\Fonts\the_King__26_Queen_font.ttf
c:\windows\SysWow64\ff\Fonts\the_Poison.ttf
c:\windows\SysWow64\ff\Fonts\TheGodFather.ttf
c:\windows\SysWow64\ff\Fonts\tiza.ttf
c:\windows\SysWow64\ff\Fonts\tondo.ttf
c:\windows\SysWow64\ff\Fonts\tron.ttf
c:\windows\SysWow64\ff\Fonts\Trumania.ttf
c:\windows\SysWow64\ff\Fonts\Turok.ttf
c:\windows\SysWow64\ff\Fonts\ultimate MIDNIGHT.ttf
c:\windows\SysWow64\ff\Fonts\Umberto.ttf
c:\windows\SysWow64\ff\Fonts\Unreal.ttf
c:\windows\SysWow64\ff\Fonts\Uptown__.ttf
c:\windows\SysWow64\ff\Fonts\uwch.ttf
c:\windows\SysWow64\ff\Fonts\Vampiress.ttf
c:\windows\SysWow64\ff\Fonts\Varsity.ttf
c:\windows\SysWow64\ff\Fonts\vintage.ttf
c:\windows\SysWow64\ff\Fonts\walk_plank.ttf
c:\windows\SysWow64\ff\Fonts\weezerfont.ttf
c:\windows\SysWow64\ff\Fonts\WillyWonka.ttf
c:\windows\SysWow64\ff\Fonts\Xfiles.ttf
c:\windows\SysWow64\ff\Fonts\Yoshitoshi.ttf
c:\windows\SysWow64\ff\Fonts\Yukon Gold.ttf
c:\windows\SysWow64\ff\Fonts\zerogene.ttf
c:\windows\SysWow64\ff\help.html
c:\windows\SysWow64\ff\Other\Help\images\donation_button.png
c:\windows\SysWow64\ff\Other\Help\images\favicon.ico
c:\windows\SysWow64\ff\Other\Help\images\help_background_footer.png
c:\windows\SysWow64\ff\Other\Help\images\help_background_header.png
c:\windows\SysWow64\ff\Other\Help\images\help_logo_top.png
c:\windows\SysWow64\ff\Other\Source\AppSource.txt
c:\windows\SysWow64\ff\Other\Source\CheckForPlatformSplashDisable.nsh
c:\windows\SysWow64\ff\Other\Source\FirefoxPortable.ini
c:\windows\SysWow64\ff\Other\Source\FirefoxPortable.jpg
c:\windows\SysWow64\ff\Other\Source\FirefoxPortableU.nsi
c:\windows\SysWow64\ff\Other\Source\License.txt
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_DUTCH.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_ENGLISH.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_ENGLISHGB.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_FRENCH.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_GERMAN.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_HUNGARIAN.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_ITALIAN.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_JAPANESE.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_KOREAN.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_POLISH.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_PORTUGUESE.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_PORTUGUESEBR.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_RUSSIAN.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_SIMPCHINESE.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_SPANISH.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_SPANISHINTERNATIONAL.nsh
c:\windows\SysWow64\ff\Other\Source\PortableApps.comLauncherLANG_TRADCHINESE.nsh
c:\windows\SysWow64\ff\Other\Source\ReadINIStrWithDefault.nsh
c:\windows\SysWow64\ff\Other\Source\Readme.txt
c:\windows\SysWow64\ff\Other\Source\ReplaceInFileWithTextReplace.nsh
c:\windows\SysWow64\ff\Other\Source\SetFileAttributesDirectoryNormal.nsh
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\r_unzip.exe
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-10-11 bis 2013-11-11 ))))))))))))))))))))))))))))))
.
.
2013-11-10 09:35 . 2013-11-10 09:35 -------- d-----w- C:\FRST
2013-11-08 13:51 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{63FDE940-7B5A-4780-ABF4-D2BAD9C96E13}\mpengine.dll
2013-10-29 17:25 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-29 17:25 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-29 17:25 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-29 17:25 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-29 17:25 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-29 17:25 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-29 17:25 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-25 20:26 . 2013-10-25 20:26 -------- d-----w- c:\users\robin\AppData\Local\photoOptimizeHistoryDataBase
2013-10-25 20:26 . 2013-10-25 20:26 -------- d-----w- c:\users\robin\AppData\Local\Ashampoo Photo Optimizer 4
2013-10-22 20:31 . 2013-10-26 10:37 -------- d-----w- c:\users\robin\AppData\Local\RadioSure
2013-10-22 20:15 . 2013-10-22 20:22 -------- d-----w- c:\users\robin\AppData\Roaming\Chilirec
2013-10-22 20:15 . 2013-10-22 20:29 -------- d-----w- c:\program files (x86)\Chilirec
2013-10-19 15:05 . 2013-10-19 15:05 -------- d-----w- c:\programdata\Oracle
2013-10-19 15:05 . 2013-10-19 15:05 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-19 15:05 . 2013-10-19 15:04 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-19 15:04 . 2013-10-19 15:04 -------- d-----w- c:\program files (x86)\Java
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-11 21:47 . 2012-06-04 20:37 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-08 19:24 . 2012-10-18 18:04 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-08 19:24 . 2012-10-18 18:04 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-22 23:28 . 2013-10-11 21:50 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-09-22 23:27 . 2013-10-11 21:50 2876928 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-09-22 23:27 . 2013-10-11 21:50 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-09-22 23:27 . 2013-10-11 21:50 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55 . 2013-10-11 21:50 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-09-22 22:55 . 2013-10-11 21:50 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-09-22 22:55 . 2013-10-11 21:50 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-09-22 22:54 . 2013-10-11 21:50 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-09-22 22:54 . 2013-10-11 21:50 19252224 ----a-w- c:\windows\system32\mshtml.dll
2013-09-22 22:54 . 2013-10-11 21:50 855552 ----a-w- c:\windows\system32\jscript.dll
2013-09-22 22:54 . 2013-10-11 21:50 3959296 ----a-w- c:\windows\system32\jscript9.dll
2013-09-22 22:54 . 2013-10-11 21:50 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-09-22 22:54 . 2013-10-11 21:50 526336 ----a-w- c:\windows\system32\ieui.dll
2013-09-22 22:54 . 2013-10-11 21:50 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-09-22 22:54 . 2013-10-11 21:50 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-09-22 22:54 . 2013-10-11 21:50 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-09-22 22:54 . 2013-10-11 21:50 2647552 ----a-w- c:\windows\system32\iertutil.dll
2013-09-22 22:54 . 2013-10-11 21:50 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-09-21 03:38 . 2013-10-11 21:50 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-09-21 03:30 . 2013-10-11 21:50 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48 . 2013-10-11 21:50 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-09-21 02:39 . 2013-10-11 21:50 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-17 20:33 . 2013-09-17 20:33 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-09-14 01:10 . 2013-10-11 15:25 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-10 14:18 . 2013-09-10 14:18 715038 ----a-w- c:\windows\unins000.exe
2013-09-08 02:30 . 2013-10-11 15:25 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-11 15:25 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-11 15:25 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-05 12:37 . 2013-05-06 11:29 81112 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-09-05 12:37 . 2013-03-30 03:10 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-09-05 12:37 . 2013-03-30 03:10 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-09-03 12:35 . 2012-08-10 15:49 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 02:17 . 2013-10-11 15:25 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-11 15:25 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-11 15:25 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-11 15:25 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-11 15:25 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-11 15:25 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-11 15:25 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-11 15:25 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-11 15:25 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-11 15:25 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-11 15:25 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-11 15:25 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-11 15:25 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-11 15:25 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-11 15:25 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-11 15:25 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-11 15:25 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-11 15:25 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-08-26 09:13 . 2013-08-26 09:13 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-21 17:44 220632 ----a-w- c:\users\robin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-21 17:44 220632 ----a-w- c:\users\robin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-21 17:44 220632 ----a-w- c:\users\robin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\robin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\robin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\robin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\daten\Steam\steam.exe" [2013-10-30 1820584]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-21 20549280]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-08-25 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-08-21 450560]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-09-05 347192]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\robin\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2013-2-10 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DiscountfinderService;DiscountfinderService;c:\programdata\Rabatt-Finder\DFService.exe;c:\programdata\Rabatt-Finder\DFService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 HCW88AUD;Hauppauge WinTV 88x Audio Capture;c:\windows\system32\drivers\hcw88aud.sys;c:\windows\SYSNATIVE\drivers\hcw88aud.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Rent Update;Rent Update;C:/Windows/Rent/Update.exe;C:/Windows/Rent/Update.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 hcw88bda;Hauppauge WinTV 88x DVB Tuner/Demod;c:\windows\system32\drivers\hcw88bda.sys;c:\windows\SYSNATIVE\drivers\hcw88bda.sys [x]
S3 hcw88rc5;Hauppauge WinTV 88x IR Decoder;c:\windows\system32\Drivers\hcw88rc5.sys;c:\windows\SYSNATIVE\Drivers\hcw88rc5.sys [x]
S3 HCW88TSE;Hauppauge WinTV 88x MPEG/TS Capture;c:\windows\system32\drivers\hcw88tse.sys;c:\windows\SYSNATIVE\drivers\hcw88tse.sys [x]
S3 hcw88vid;Hauppauge WinTV 88x Video;c:\windows\system32\drivers\hcw88vid.sys;c:\windows\SYSNATIVE\drivers\hcw88vid.sys [x]
S3 HCW88XBAR;Hauppauge WinTV 88x Crossbar;c:\windows\system32\drivers\HCW88BAR.sys;c:\windows\SYSNATIVE\drivers\HCW88BAR.sys [x]
S3 MonitorFunction;Driver for Monitor;c:\windows\system32\DRIVERS\TVMonitor.sys;c:\windows\SYSNATIVE\DRIVERS\TVMonitor.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-18 19:24]
.
2013-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099103694-3175837312-4042448093-1000Core.job
- c:\users\robin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-03 14:42]
.
2013-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099103694-3175837312-4042448093-1000UA.job
- c:\users\robin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-03 14:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-21 17:44 244696 ----a-w- c:\users\robin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-21 17:44 244696 ----a-w- c:\users\robin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-21 17:44 244696 ----a-w- c:\users\robin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\robin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\robin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\robin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\robin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files (x86)\PokerStars.EU\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.178.1
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Toolbar-!{e36df325-3f4b-476f-8f89-123bc5d51a30} - (no file)
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\robin\AppData\Local\Akamai\netsession_win.exe
Wow6432Node-HKCU-Run-Remote Control Server - c:\program files (x86)\Remote Control Server\Remote Control Server.exe
Wow6432Node-HKCU-Run-Exetender_148 - c:\program files (x86)\FreeRide Games\GPlayer.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
Toolbar-!{e36df325-3f4b-476f-8f89-123bc5d51a30} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Rent Update]
"ImagePath"="C:/Windows/Rent/Update.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Rent Update]
"ImagePath"="C:/Windows/Rent/Update.exe"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,01,60,
1a,82,e9,65,3d,9d,e9,17,af,a2,b0,e5,ab
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:6c,07,07,72,1c,4e,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,30,bc,ce,13,37,76,28,48,b3,9e,25,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,30,bc,ce,13,37,76,28,48,b3,9e,25,\
.
[HKEY_USERS\S-1-5-21-2099103694-3175837312-4042448093-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2099103694-3175837312-4042448093-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-2099103694-3175837312-4042448093-1000\Software\SecuROM\License information*]
"datasecu"=hex:6d,16,55,fc,c5,b5,7b,96,3d,d8,69,c4,43,59,52,10,b2,73,94,ed,fb,
e7,ac,ce,25,e8,87,c8,c6,dc,34,ac,d2,2e,0b,fc,b4,a7,5a,3d,dd,cf,39,c5,30,ee,\
"rkeysecu"=hex:e8,1c,b6,72,10,72,8a,b6,48,fd,90,ef,fb,0d,29,0e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{722b3793-5367-4446-b6bb-db89b05c1f24}\LocalServer32]
@DACL=(02 0000)
@=expand:"%SystemRoot%\\System32\\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {722b3793-5367-4446-b6bb-db89b05c1f24}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\Rent\Update.exe
c:\program files (x86)\TeamViewer\Version8\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version8\tv_w32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-11-11 18:08:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-11-11 17:08
.
Vor Suchlauf: 17 Verzeichnis(se), 36.672.356.352 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 36.369.608.704 Bytes frei
.
- - End Of File - - 7F682F7211B1A26C782D0B63E3E4F701
A36C5E4F47E84449FF07ED3517B43A31 |