-
Browse to save
Hello! I try to ged rid of "browse to save". I cannot find an Add-on in my firefox-browser. Kaspersky is no help and spybot doesnt find anything.
Here's the dds:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by Martin at 13:18:52 on 2013-01-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.7974.4300 [GMT 1:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\SysWOW64\cjpcsc.exe
C:\Program Files (x86)\Prey\platform\windows\cronsvc.exe
C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\windows\system32\LMabcoms.exe
C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\system32\WLANExt.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\WUDFHost.exe
C:\windows\System32\WUDFHost.exe
C:\windows\System32\rundll32.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe
C:\Program Files\Lexmark\ErrorApp\lmab1err.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Users\Martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Martin\AppData\Roaming\Wuala\Wuala.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\igfxpers.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtbws.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://search.autocompletepro.com/?si=10214&bi=400
uSearch Page = hxxp://search.autocompletepro.com/?si=10214&bi=400
uDefault_Page_URL = hxxp://samsung.msn.com
uDefault_Search_URL = hxxp://search.autocompletepro.com/?si=10214&bi=400
mStart Page = hxxp://searchab.com/?aff=7&uid=c61aca2d-4839-11e2-8e56-e8039ab06a14
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
uRun: [LMab1err] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRun: [RESTART_STICKY_NOTES] C:\windows\System32\StikyNot.exe
uRun: [Spotify Web Helper] "C:\Users\Martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
dRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
StartupFolder: C:\Users\Martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Wuala.lnk - C:\Users\Martin\AppData\Roaming\Wuala\Wuala.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTOST~1.LNK - C:\Program Files (x86)\WinTV\Ir.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINTVR~1.LNK - C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:24
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
TCP: NameServer = 192.168.179.1
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A} : DHCPNameServer = 192.168.179.1
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\0516474797 : DHCPNameServer = 10.74.210.210 10.74.210.211
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\142736F627D2240313440333 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\2616D626F6F6 : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\3416665602B4C61647373686 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\44F425D45425F4 : DHCPNameServer = 172.30.3.254
TCP: Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}\75C414E453 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D648904F-7844-46DB-9E63-BE91958D2678} : NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWOW64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [LMPSSDMON] C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\System32\CbFsMntNtf3.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\c49yuloy.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://startpage.com/
FF - prefs.js: keyword.URL - hxxp://searchab.com/?aff=7&uid=c61aca2d-4839-11e2-8e56-e8039ab06a14&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Jazz-Soft\Jazz-Plugin\npJazz.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-12-17 12:24; 50cf00df7b572@50cf00df7b5ab.com; C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\c49yuloy.default\extensions\50cf00df7b572@50cf00df7b5ab.com
FF - ExtSQL: 2012-12-30 12:04; IDGARD@jetpack; C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\c49yuloy.default\extensions\IDGARD@jetpack.xpi
FF - ExtSQL: 2013-01-10 12:01; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\c49yuloy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-01-11 17:32; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 excsd;ExpressCache Storage Filter Driver;C:\windows\System32\drivers\excsd.sys [2012-5-10 80688]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-2-1 16152]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2012-5-10 28992]
R1 cbfs3;cbfs3;C:\windows\System32\drivers\cbfs3.sys [2012-12-8 352144]
R1 excfs;ExpressCache File System Filter Driver;C:\windows\System32\drivers\excfs.sys [2012-5-10 23344]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\System32\drivers\klim6.sys [2012-8-2 28504]
R1 kltdi;kltdi;C:\windows\System32\drivers\kltdi.sys [2012-6-8 54104]
R1 kneps;kneps;C:\windows\System32\drivers\kneps.sys [2012-8-13 178008]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2012-5-10 13824]
R1 Uim_VIM;UIM Virtual Image Plugin;C:\windows\System32\drivers\uim_vimx64.sys [2011-11-17 352816]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r [?]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-19 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-19 1104208]
R2 cjpcsc;cyberJack PC/SC COM Service ;C:\Windows\SysWOW64\cjpcsc.exe [2012-9-16 514128]
R2 CronService;Cron Service for Prey;C:\Program Files (x86)\Prey\platform\windows\cronsvc.exe [2011-2-15 19968]
R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2011-9-23 79664]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-1-23 1858048]
R2 HauppaugeTVServer;HauppaugeTVServer;C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [2012-12-29 577536]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-5-10 31624]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-12-27 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-12-27 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-12-27 168384]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2012-10-10 1021888]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-17 3467768]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-11-29 2401632]
R3 acpials;ALS Sensor Filter;C:\windows\System32\drivers\acpials.sys [2010-11-21 9728]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-19 1304912]
R3 btmaudio;Intel Bluetooth Audio Service;C:\windows\System32\drivers\btmaud.sys [2011-12-13 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-12-13 747008]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-8-17 31216]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2012-5-10 280912]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
R3 ibtfltcoex;ibtfltcoex;C:\windows\System32\drivers\iBtFltCoex.sys [2011-12-14 60416]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-2-6 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-2-1 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-2-1 786200]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-12-20 25496]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\windows\System32\drivers\klkbdflt.sys [2012-5-25 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\System32\drivers\klmouflt.sys [2012-7-25 29528]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-5-10 648808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2011-12-20 42392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
S3 cjusb;REINER SCT cyberJack USB Driver;C:\windows\System32\drivers\cjusb.sys [2012-9-16 34672]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\drivers\ssudbus.sys [2012-11-10 102368]
S3 epmntdrv;epmntdrv;C:\windows\System32\epmntdrv.sys [2012-9-16 16776]
S3 EsgScanner;EsgScanner;C:\windows\System32\drivers\EsgScanner.sys [2013-1-13 22704]
S3 EuGdiDrv;EuGdiDrv;C:\windows\System32\EuGdiDrv.sys [2012-9-16 9096]
S3 hcw95bda;Hauppauge MOD7700 Tuner Driver;C:\windows\System32\drivers\hcw95bda.sys [2012-12-29 658944]
S3 hcw95rc;Hauppauge MOD7700 IR Driver;C:\windows\System32\drivers\hcw95rc.sys [2012-12-29 19840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-12-20 34200]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\drivers\ssudmdm.sys [2012-11-10 203104]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S4 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-5 659968]
S4 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-5 135952]
S4 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-5-10 128280]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-10 161560]
S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S4 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-5-10 363800]
S4 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
.
=============== Created Last 30 ================
.
2013-01-13 09:58:32 22704 ----a-w- C:\windows\System32\drivers\EsgScanner.sys
2013-01-13 09:58:29 110080 ----a-r- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\IconF7A21AF7.exe
2013-01-13 09:58:29 110080 ----a-r- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\IconD7F16134.exe
2013-01-13 09:58:29 110080 ----a-r- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}\Icon1226A4C5.exe
2013-01-13 09:58:28 -------- d-----w- C:\sh4ldr
2013-01-13 09:58:28 -------- d-----w- C:\Program Files\Enigma Software Group
2013-01-13 09:57:37 -------- d-----w- C:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2013-01-13 09:57:33 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-01-12 15:29:28 -------- d-----w- C:\Users\Martin\AppData\Roaming\TeamViewer
2013-01-12 09:44:08 -------- d-----w- C:\Program Files (x86)\Sony
2013-01-11 17:28:59 393576 ----a-w- C:\windows\System32\xactengine2_6.dll
2013-01-11 16:31:16 -------- d-----w- C:\Program Files\DivX
2013-01-11 16:31:07 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2013-01-11 16:27:20 -------- d-----w- C:\Program Files (x86)\DivX
2013-01-11 16:26:24 1892184 ----a-w- C:\windows\SysWow64\D3DX9_42.dll
2013-01-11 16:26:23 2414360 ----a-w- C:\windows\SysWow64\d3dx9_31.dll
2013-01-11 16:25:07 -------- d-----w- C:\Program Files (x86)\Winamp Detect
2013-01-11 16:24:10 -------- d-----w- C:\ProgramData\DivX
2013-01-11 16:24:00 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2013-01-11 16:23:52 -------- d-----w- C:\Users\Martin\AppData\Roaming\OpenCandy
2013-01-10 17:59:20 -------- d-----w- C:\Users\Martin\AppData\Local\Flavio Tordini
2013-01-10 17:58:33 -------- d-----w- C:\Users\Martin\AppData\Local\Musique
2013-01-10 12:52:10 -------- d-----w- C:\Users\Martin\AppData\Local\Xara
2013-01-10 12:42:12 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Shared
2013-01-10 09:40:17 34656 ----a-w- C:\windows\System32\TURegOpt.exe
2013-01-10 09:40:13 25952 ----a-w- C:\windows\System32\authuitu.dll
2013-01-10 09:40:12 21344 ----a-w- C:\windows\SysWow64\authuitu.dll
2013-01-10 09:39:41 -------- d-----w- C:\Users\Martin\AppData\Roaming\TuneUp Software
2013-01-10 09:39:28 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2013
2013-01-10 09:38:37 -------- d-----w- C:\ProgramData\TuneUp Software
2013-01-10 09:38:24 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-01-10 09:38:24 -------- d--h--w- C:\ProgramData\Common Files
2013-01-09 15:15:12 -------- d-----w- C:\Users\Martin\AppData\Roaming\simplitec
2013-01-09 11:13:51 -------- d-----w- C:\Users\Martin\AppData\Roaming\MAGIX
2013-01-09 11:13:08 -------- d-----w- C:\Program Files (x86)\MAGIX
2013-01-09 11:13:01 -------- d-----w- C:\ProgramData\simplitec
2013-01-09 11:12:56 -------- d-----w- C:\ProgramData\MAGIX
2013-01-09 11:12:55 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Services
2013-01-09 11:12:53 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2013-01-09 08:02:56 424448 ----a-w- C:\windows\System32\KernelBase.dll
2013-01-08 20:28:24 -------- d-----w- C:\Users\Martin\AppData\Local\{35879EB4-B502-4EA8-A806-C52FBC551FE8}
2013-01-03 23:29:41 -------- d-----w- C:\Program Files (x86)\Audiograbber
2013-01-02 12:15:18 -------- d-----w- C:\Users\Martin\AppData\Local\Windows Live
2013-01-02 12:14:56 -------- d-----w- C:\Users\Martin\AppData\Local\{9A8FCBE6-6F7C-4010-A61D-9C5C05AF89D3}
2012-12-30 11:15:33 -------- d-----w- C:\Users\Martin\dwhelper
2012-12-29 20:35:43 38672 ----a-w- C:\windows\SysWow64\pcleUtil.dll
2012-12-29 20:35:40 142337 ----a-w- C:\windows\SysWow64\Wait.exe
2012-12-29 20:35:40 -------- d-----w- C:\Program Files (x86)\WinTV
2012-12-29 20:35:39 -------- d-----w- C:\ProgramData\Hauppauge
2012-12-29 20:18:19 831554 ----a-w- C:\windows\SysWow64\hcwtvwnd.dll
2012-12-29 20:18:19 36921 ----a-w- C:\windows\SysWow64\hcwutl32.dll
2012-12-29 20:18:19 323640 ----a-w- C:\windows\SysWow64\hcwpnp32.dll
2012-12-29 20:18:19 118840 ----a-w- C:\windows\SysWow64\hcwi2c32.dll
2012-12-29 20:00:34 658944 ----a-w- C:\windows\System32\drivers\hcw95bda.sys
2012-12-29 20:00:34 19840 ----a-w- C:\windows\System32\hcw95rc.sys
2012-12-29 20:00:34 19840 ----a-w- C:\windows\System32\drivers\hcw95rc.sys
2012-12-29 20:00:31 -------- d-----w- C:\Hauppauge
2012-12-29 17:25:24 -------- d-----w- C:\Users\Martin\.mediathek3
2012-12-29 17:12:22 -------- d-----w- C:\MyVideos
2012-12-29 17:11:54 995383 ----a-w- C:\windows\SysWow64\temp.002
2012-12-29 17:11:54 77878 ----a-w- C:\windows\SysWow64\temp.000
2012-12-29 17:11:54 278581 ----a-w- C:\windows\SysWow64\temp.001
2012-12-27 20:41:11 -------- d-----w- C:\Users\Martin\.VirtualBox
2012-12-27 20:40:02 237992 ----a-w- C:\windows\System32\drivers\VBoxDrv.sys
2012-12-27 20:39:52 120232 ----a-w- C:\windows\System32\drivers\VBoxUSBMon.sys
2012-12-27 20:39:50 -------- d-----w- C:\Program Files\Oracle
2012-12-27 14:49:21 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-12-27 14:49:12 17272 ----a-w- C:\windows\System32\sdnclean64.exe
2012-12-27 14:49:09 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2012-12-25 08:27:18 -------- d-----w- C:\Users\Martin\AppData\Roaming\redsn0w
2012-12-22 02:00:20 46080 ----a-w- C:\windows\System32\atmlib.dll
2012-12-22 02:00:20 367616 ----a-w- C:\windows\System32\atmfd.dll
2012-12-22 02:00:20 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2012-12-22 02:00:20 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2012-12-21 15:40:41 -------- d--h--r- C:\ESD
2012-12-19 13:47:20 204200 ----a-w- C:\windows\System32\VBoxNetFltNobj.dll
2012-12-19 13:47:20 146856 ----a-w- C:\windows\System32\drivers\VBoxNetFlt.sys
2012-12-19 13:47:20 132008 ----a-w- C:\windows\System32\drivers\VBoxNetAdp.sys
2012-12-19 13:06:51 -------- d-----w- C:\Users\Martin\AppData\Local\PDF Writer
2012-12-19 13:02:09 101376 ----a-w- C:\windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2012-12-19 13:00:51 227840 ----a-w- C:\windows\SysWow64\bzFlRdr.dll
2012-12-19 13:00:51 139264 ----a-w- C:\windows\SysWow64\bzpdfc.dll
2012-12-19 13:00:51 103424 ----a-w- C:\windows\SysWow64\bzDCT.dll
2012-12-19 13:00:51 -------- d-----w- C:\Users\Martin\AppData\Roaming\PDF Writer
2012-12-19 13:00:51 -------- d-----w- C:\ProgramData\PDF Writer
2012-12-19 13:00:51 -------- d-----w- C:\Program Files\Common Files\Bullzip
2012-12-19 13:00:48 218624 ----a-w- C:\windows\System32\bzpdf.dll
2012-12-19 13:00:44 -------- d-----w- C:\Program Files\Bullzip
2012-12-19 13:00:12 -------- d-----w- C:\Users\Martin\AppData\Local\Programs
2012-12-17 11:08:58 -------- d-----w- C:\ProgramData\%Installer_PublisherName%
2012-12-17 11:08:50 -------- d-----w- C:\ProgramData\Premium
2012-12-17 11:08:40 -------- d-----w- C:\Program Files (x86)\ZoomEx
2012-12-17 11:07:05 -------- d-----w- C:\ProgramData\Zoomex
2012-12-17 11:06:57 -------- d-----w- C:\ProgramData\InstallMate
2012-12-17 08:29:07 -------- d-----w- C:\Program Files (x86)\TeamViewer
2012-12-16 15:11:13 -------- d-----w- C:\ProgramData\fotobuch.de AG
2012-12-16 15:10:54 -------- d-----w- C:\Users\Martin\AppData\Roaming\fotobuch.de AG
2012-12-16 15:06:35 -------- d-----w- C:\windows\SysWow64\artworks
2012-12-16 15:06:35 -------- d-----w- C:\Program Files (x86)\fotobuch.de
.
==================== Find3M ====================
.
2013-01-13 12:14:31 29 ----a-w- C:\windows\SysWow64\TempWmicBatchFile.bat
2013-01-10 12:52:06 120200 ----a-w- C:\windows\SysWow64\DLLDEV32i.dll
2013-01-10 08:41:48 74248 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-10 08:41:48 697864 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-12-08 15:43:48 95208 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-08 15:43:47 821736 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2012-12-08 15:43:47 746984 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-12-07 13:20:16 441856 ----a-w- C:\windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2012-11-30 04:54:00 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll
2012-11-16 07:10:34 54104 ----a-w- C:\windows\System32\drivers\kltdi.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-11-13 20:29:04 354216 ----a-w- C:\windows\SysWow64\DivXControlPanelApplet.cpl
2012-11-09 05:45:32 750592 ----a-w- C:\windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2012-11-08 10:29:12 1402312 ----a-w- C:\windows\SysWow64\msxml4.dll
2012-11-02 05:59:11 478208 ----a-w- C:\windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\windows\SysWow64\dpnet.dll
2012-11-01 05:43:42 2002432 ----a-w- C:\windows\System32\msxml6.dll
2012-11-01 05:43:42 1882624 ----a-w- C:\windows\System32\msxml3.dll
2012-11-01 04:47:54 1389568 ----a-w- C:\windows\SysWow64\msxml6.dll
2012-11-01 04:47:54 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll
2012-10-16 08:38:37 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\windows\apppatch\AcLayers.dll
2010-08-19 17:22:43 409600 ----a-w- C:\Program Files\rescue2usb.exe
2010-04-01 09:01:34 28160 ----a-w- C:\Program Files\syslinux.exe
2009-10-16 14:43:30 237849 ----a-w- C:\Program Files\grub.exe
2006-05-03 10:06:54 163328 --sha-r- C:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47:16 31232 --sha-r- C:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30:52 216064 --sha-r- C:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00:00 107520 --sha-r- C:\windows\SysWOW64\TAKDSDecoder.dll
.
============= FINISH: 13:19:29,85 ===============
I saved the registry using ERUNT. Unforunately I cannot send the aswMBR logs, since avast antirootkit always crashes, when it scans (see screenshot).
Any help would be very much appreachiated. I'm surprised that I couldn't find any useful information regarding "browse to save" on the internet. Is it a virus, addware, a trojan... anyway, it sucks.
Thank you in advance,
Disneykiller
-
Hi disneykiller, welcome to the forum.
To make cleaning this machine easier- Please do not uninstall/install any programs unless asked to
It is more difficult when files/programs are appearing in/disappearing from the logs. - Please do not run any scans other than those requested
- Please follow all instructions in the order posted
- All logs/reports, etc.. must be posted in Notepad. Please ensure that word wrap is unchecked. In notepad click format, uncheck word wrap if it is checked.
- Do not attach any logs/reports, etc.. unless specifically requested to do so.
- If you have problems with or do not understand the instructions, Please ask before continuing.
- Please stay with this thread until given the All Clear. A absence of symptoms does not mean a clean machine.
Download OTL to your desktop.
- Double click on OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output
- Check the boxes beside LOP Check and Purity Check.
- In the window under Custom Scans/Fixes copy and paste the following
netsvcs
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lîk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%PROGRAMFILES%\Internet Explorer\*.dat
%APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
%USERPROFILE%\..|smtmp;true;true;true /FP
%temp%\smtmp\*.* /s >
/md5start
iexplore.*
explorer.*
winlogon.*
dll
zx.dll
hlp.dat
consrv.dll
services.*
/md5stop
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
-
Thank you for helping me!
Here are the requested logs:
OTL logfile created on: 20.01.2013 00:59:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,79 Gb Total Physical Memory | 5,68 Gb Available Physical Memory | 72,92% Memory free
15,57 Gb Paging File | 12,98 Gb Available in Paging File | 83,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 108,05 Gb Total Space | 19,96 Gb Free Space | 18,47% Space Free | Partition Type: NTFS
Drive D: | 798,17 Gb Total Space | 511,85 Gb Free Space | 64,13% Space Free | Partition Type: NTFS
Drive E: | 7,39 Gb Total Space | 7,39 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive F: | 298,08 Gb Total Space | 213,71 Gb Free Space | 71,70% Space Free | Partition Type: NTFS
Computer Name: DISNEYKILLER | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Martin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe (Samsung Electronics CO., LTD.)
PRC - C:\Windows\SysWOW64\cjpcsc.exe (REINER SCT)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe (Samsung Electronics)
PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (SEC)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
PRC - C:\Program Files (x86)\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
PRC - C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe ()
PRC - C:\Program Files\Lexmark\ErrorApp\lmab1err.exe ( )
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Everything\Everything.exe ()
========== Modules (No Company Name) ==========
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Bamboo Dock\BambooWinTab.dll ()
MOD - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll ()
MOD - C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll ()
MOD - C:\Program Files\Lexmark\Monitor\ACB\LMabDRS.dll ()
MOD - C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe ()
MOD - C:\Program Files\Lexmark\Monitor\ACB\LMabscw.dll ()
MOD - C:\Program Files\Lexmark\Monitor\ACB\LMabcaps.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Everything\Everything.exe ()
MOD - C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (ExpressCache) -- C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe (Diskeeper Corporation)
SRV:64bit: - (TouchServicePen) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
SRV:64bit: - (TabletServicePen) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV:64bit: - (lmab_device) -- C:\Windows\SysNative\lmabcoms.exe ( )
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (SpyHunter 4 Service) -- C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE (Enigma Software Group USA, LLC.)
SRV - (HauppaugeTVServer) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (cjpcsc) -- C:\Windows\SysWOW64\cjpcsc.exe (REINER SCT)
SRV - (SamsungDeviceConfigurationWinService) -- C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe ()
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (CronService) -- C:\Program Files (x86)\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
SRV - (lmab_device) -- C:\Windows\SysWOW64\lmabcoms.exe ( )
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (EsgScanner) -- C:\Windows\SysNative\drivers\EsgScanner.sys ()
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (cbfs3) -- C:\Windows\SysNative\drivers\cbfs3.sys (EldoS Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (btmaudio) -- C:\Windows\SysNative\drivers\btmaud.sys (Intel Corporation)
DRV:64bit: - (hcw95rc) -- C:\Windows\SysNative\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hcw95bda) -- C:\Windows\SysNative\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (Uim_IM) -- C:\Windows\SysNative\drivers\Uim_IMx64.sys (Paragon)
DRV:64bit: - (UimBus) -- C:\Windows\SysNative\drivers\uimx64.sys (Windows (R) 2000 DDK provider)
DRV:64bit: - (Uim_VIM) -- C:\Windows\SysNative\drivers\uim_vimx64.sys (Paragon)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (excsd) -- C:\Windows\SysNative\drivers\excsd.sys (Diskeeper Corporation)
DRV:64bit: - (excfs) -- C:\Windows\SysNative\drivers\excfs.sys (Diskeeper Corporation)
DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys ()
DRV:64bit: - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys ()
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (cjusb) -- C:\Windows\SysNative\drivers\cjusb.sys (REINER SCT)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (acpials) -- C:\Windows\SysNative\drivers\acpials.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (DLPortIO) -- C:\windows\SysWow64\drivers\dlportio.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=c61ac...6-e8039ab06a14
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{5C74A4D5-B8EB-48D7-B3A7-A274701ED6D3}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autocompletepro.com/?si=10214&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.autocompletepro.com/?si=10214&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.autocompletepro.com/?si=10214&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.autocompletepro.com/?si=10214&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=10214&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.autocompletepro.com/?si=10214&bi=400
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchab.com/?aff=7&uid=c61aca2d-4839-11e2-8e56-e8039ab06a14&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.autocompletepro.com/?si=10214&bi=400&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Privitize VPN"
FF - prefs.js..browser.search.defaultenginename: "Privitize VPN"
FF - prefs.js..browser.search.order.1: "Privitize VPN"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://startpage.com/"
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7Bfbfbcf27-b313-47a9-987d-4e1e320afa25%7D:2.0
FF - prefs.js..extensions.enabledAddons: socialfixer%40mattkruse.com:7.321
FF - prefs.js..extensions.enabledAddons: url_advisor%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: virtual_keyboard%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: content_blocker%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: online_banking%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: https-everywhere%40eff.org:3.1.2
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: firejump%40firejump.net:1.0.2.5
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.6
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.4.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - prefs.js..keyword.URL: "http://searchab.com/?aff=7&uid=c61aca2d-4839-11e2-8e56-e8039ab06a14&q="
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@jazz-soft.com/JazzPlugin: C:\Program Files (x86)\Jazz-Soft\Jazz-Plugin\npJazz.dll (Jazz-Soft)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012.12.20 12:09:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012.12.20 12:09:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012.12.20 12:09:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012.12.20 12:09:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012.12.20 12:09:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.01.11 17:32:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.12 12:30:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.12 12:30:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.08 21:34:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.12 12:30:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.12 12:30:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.08 21:34:47 | 000,000,000 | ---D | M]
[2012.09.16 10:07:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Extensions
[2013.01.19 13:13:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions
[2013.01.11 08:42:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.12.17 12:09:09 | 000,000,000 | ---D | M] (Zoomex) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\50cf00df7b572@50cf00df7b5ab.com
[2013.01.09 10:21:49 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\firefox@ghostery.com
[2012.09.16 10:55:51 | 000,000,000 | ---D | M] (FireJump) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\firejump@firejump.net
[2013.01.08 09:02:20 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\https-everywhere@eff.org
[2012.10.02 20:23:04 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\support@predictad.com
[2013.01.19 13:13:25 | 000,363,736 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\client@anonymox.net.xpi
[2012.12.30 12:04:41 | 001,014,455 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\IDGARD@jetpack.xpi
[2013.01.16 10:46:16 | 000,389,447 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
[2012.12.11 08:53:36 | 000,160,219 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\socialfixer@mattkruse.com.xpi
[2013.01.19 13:13:27 | 000,533,221 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.08.04 09:17:56 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2013.01.11 08:42:30 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.04.26 17:32:10 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013.01.16 10:46:20 | 000,266,840 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012.04.26 17:31:50 | 000,021,692 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{fbfbcf27-b313-47a9-987d-4e1e320afa25}.xpi
[2012.04.27 15:53:16 | 000,010,345 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\searchplugins\duckduckgo.xml
[2012.12.17 12:06:43 | 000,002,090 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\searchplugins\Searchab.xml
[2013.01.16 23:00:59 | 000,005,492 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\searchplugins\startpage-https---deutsch.xml
[2013.01.12 12:30:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.01.11 17:32:38 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>
-- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.12.20 12:09:16 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM
[2012.12.20 12:09:16 | 000,000,000 | ---D | M] (Content Blocker) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\CONTENT_BLOCKER@KASPERSKY.COM
[2012.12.20 12:09:16 | 000,000,000 | ---D | M] (Safe Money) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ONLINE_BANKING@KASPERSKY.COM
[2012.12.20 12:09:16 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\URL_ADVISOR@KASPERSKY.COM
[2012.12.20 12:09:16 | 000,000,000 | ---D | M] (Virtual Keyboard) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\VIRTUAL_KEYBOARD@KASPERSKY.COM
[2013.01.12 12:30:56 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.10.02 20:23:04 | 000,003,189 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\acpro.xml
[2012.10.12 08:04:02 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.12 08:04:02 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.12 08:04:02 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.12 08:04:02 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.12 08:04:02 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.12 08:04:02 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [LMPSSDMON] C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [Everything] C:\Program Files (x86)\Everything\Everything.exe ()
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe File not found
O4 - HKCU..\Run: [LMab1err] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe ( )
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk = C:\Users\Martin\AppData\Roaming\Wuala\Wuala.exe (LaCie)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 24
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DelayedDesktopSwitchTimeout = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - Reg Error: Value error. File not found
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D648904F-7844-46DB-9E63-BE91958D2678}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\itunes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\spyhunter4.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\wuala.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\itunes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\spyhunter4.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\wuala.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.01.13 10:58:42 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{90305345-000b-11e2-a4e7-c48508129624}\Shell - "" = AutoRun
O33 - MountPoints2\{90305345-000b-11e2-a4e7-c48508129624}\Shell\AutoRun\command - "" = F:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Rest of log in next reply
-
========== Files/Folders - Created Within 30 Days ==========
[2013.01.19 09:52:44 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2013.01.19 09:52:39 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Wacom
[2013.01.19 09:52:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Wacom
[2013.01.19 09:52:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock
[2013.01.19 09:52:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013.01.19 09:52:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Dock
[2013.01.19 09:49:38 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\WTablet
[2013.01.19 09:49:37 | 001,326,456 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysNative\Pen_Touch_Tablet.dll
[2013.01.19 09:49:37 | 001,107,832 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysWow64\Pen_Touch_Tablet.dll
[2013.01.19 09:49:29 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo
[2013.01.19 09:49:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins
[2013.01.19 09:49:25 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\windows\SysNative\drivers\wacommousefilter.sys
[2013.01.19 09:49:14 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\windows\SysNative\drivers\wacomvhid.sys
[2013.01.19 09:49:12 | 001,665,400 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysNative\Pen_Tablet.dll
[2013.01.19 09:49:12 | 001,401,208 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysNative\Wintab32.dll
[2013.01.19 09:49:12 | 001,391,992 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysNative\WacomMT.dll
[2013.01.19 09:49:12 | 001,369,464 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysWow64\Pen_Tablet.dll
[2013.01.19 09:49:12 | 001,156,472 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysWow64\Wintab32.dll
[2013.01.19 09:49:12 | 001,152,888 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysWow64\WacomMT.dll
[2013.01.19 09:49:10 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet
[2013.01.16 08:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.01.15 10:37:16 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
[2013.01.15 10:37:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Everything
[2013.01.13 13:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013.01.13 13:16:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013.01.13 10:58:29 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013.01.13 10:58:28 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013.01.13 10:58:28 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.01.13 10:57:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.01.12 16:29:28 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\TeamViewer
[2013.01.12 12:30:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.12 10:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013.01.12 10:44:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013.01.12 10:23:01 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Content Management Utility
[2013.01.11 19:40:18 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Sony Corporation
[2013.01.11 18:29:22 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_41.dll
[2013.01.11 18:29:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_41.dll
[2013.01.11 18:29:22 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_41.dll
[2013.01.11 18:29:22 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_4.dll
[2013.01.11 18:29:22 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_41.dll
[2013.01.11 18:29:22 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_4.dll
[2013.01.11 18:29:22 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_3.dll
[2013.01.11 18:29:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_4.dll
[2013.01.11 18:29:21 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_4.dll
[2013.01.11 18:29:21 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_6.dll
[2013.01.11 18:29:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_6.dll
[2013.01.11 18:29:20 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_40.dll
[2013.01.11 18:29:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_40.dll
[2013.01.11 18:29:20 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_40.dll
[2013.01.11 18:29:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_40.dll
[2013.01.11 18:29:20 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_40.dll
[2013.01.11 18:29:20 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_3.dll
[2013.01.11 18:29:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_3.dll
[2013.01.11 18:29:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_40.dll
[2013.01.11 18:29:20 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_2.dll
[2013.01.11 18:29:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_2.dll
[2013.01.11 18:29:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_3.dll
[2013.01.11 18:29:19 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_3.dll
[2013.01.11 18:29:17 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_2.dll
[2013.01.11 18:29:17 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_2.dll
[2013.01.11 18:29:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_2.dll
[2013.01.11 18:29:17 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_2.dll
[2013.01.11 18:29:17 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_1.dll
[2013.01.11 18:29:17 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_1.dll
[2013.01.11 18:29:17 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_5.dll
[2013.01.11 18:29:17 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_5.dll
[2013.01.11 18:29:16 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_39.dll
[2013.01.11 18:29:16 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_39.dll
[2013.01.11 18:29:16 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_39.dll
[2013.01.11 18:29:16 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_39.dll
[2013.01.11 18:29:14 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_39.dll
[2013.01.11 18:29:14 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_39.dll
[2013.01.11 18:29:14 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_1.dll
[2013.01.11 18:29:14 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_1.dll
[2013.01.11 18:29:14 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_0.dll
[2013.01.11 18:29:14 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_0.dll
[2013.01.11 18:29:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_1.dll
[2013.01.11 18:29:13 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_1.dll
[2013.01.11 18:29:13 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_4.dll
[2013.01.11 18:29:13 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_4.dll
[2013.01.11 18:29:12 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_38.dll
[2013.01.11 18:29:12 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_38.dll
[2013.01.11 18:29:12 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_38.dll
[2013.01.11 18:29:12 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_38.dll
[2013.01.11 18:29:10 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_38.dll
[2013.01.11 18:29:10 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_38.dll
[2013.01.11 18:29:09 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_0.dll
[2013.01.11 18:29:09 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_0.dll
[2013.01.11 18:29:08 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_0.dll
[2013.01.11 18:29:08 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_0.dll
[2013.01.11 18:29:08 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_3.dll
[2013.01.11 18:29:08 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_3.dll
[2013.01.11 18:29:07 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_37.dll
[2013.01.11 18:29:07 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_37.dll
[2013.01.11 18:29:07 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_37.dll
[2013.01.11 18:29:07 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_37.dll
[2013.01.11 18:29:04 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_37.dll
[2013.01.11 18:29:04 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_37.dll
[2013.01.11 18:29:04 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll
[2013.01.11 18:29:04 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll
[2013.01.11 18:29:04 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll
[2013.01.11 18:29:04 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll
[2013.01.11 18:29:04 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll
[2013.01.11 18:29:04 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll
[2013.01.11 18:29:03 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll
[2013.01.11 18:29:03 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll
[2013.01.11 18:29:02 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
[2013.01.11 18:29:02 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll
[2013.01.11 18:29:02 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
[2013.01.11 18:29:02 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
[2013.01.11 18:29:02 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
[2013.01.11 18:29:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
[2013.01.11 18:29:02 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
[2013.01.11 18:29:02 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
[2013.01.11 18:29:02 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
[2013.01.11 18:29:02 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
[2013.01.11 18:29:02 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll
[2013.01.11 18:29:02 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll
[2013.01.11 18:29:01 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
[2013.01.11 18:29:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
[2013.01.11 18:29:01 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
[2013.01.11 18:29:01 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
[2013.01.11 18:29:01 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
[2013.01.11 18:29:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
[2013.01.11 18:29:00 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
[2013.01.11 18:29:00 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2013.01.11 18:29:00 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
[2013.01.11 18:29:00 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
[2013.01.11 18:29:00 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
[2013.01.11 18:29:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
[2013.01.11 18:29:00 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
[2013.01.11 18:29:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
[2013.01.11 18:29:00 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
[2013.01.11 18:29:00 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
[2013.01.11 18:28:59 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
[2013.01.11 18:28:59 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
[2013.01.11 18:28:58 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2013.01.11 18:28:58 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2013.01.11 18:28:58 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2013.01.11 18:28:58 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2013.01.11 18:28:57 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_32.dll
[2013.01.11 18:28:57 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_32.dll
[2013.01.11 18:28:56 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
[2013.01.11 18:28:56 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2013.01.11 18:28:56 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2013.01.11 18:28:56 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
[2013.01.11 18:28:56 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
[2013.01.11 18:28:55 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
[2013.01.11 18:28:55 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
[2013.01.11 18:28:55 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
[2013.01.11 18:28:55 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
[2013.01.11 18:28:55 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
[2013.01.11 18:28:55 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
[2013.01.11 18:28:55 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
[2013.01.11 18:28:55 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
[2013.01.11 18:28:54 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
[2013.01.11 18:28:54 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
[2013.01.11 18:28:51 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
[2013.01.11 18:28:51 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
[2013.01.11 18:28:50 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
[2013.01.11 18:28:50 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2013.01.11 18:28:50 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2013.01.11 18:28:50 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2013.01.11 18:28:50 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
[2013.01.11 18:28:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
[2013.01.11 18:28:50 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
[2013.01.11 18:28:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
[2013.01.11 18:28:49 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2013.01.11 18:28:49 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2013.01.11 18:28:49 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2013.01.11 18:28:49 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2013.01.11 18:28:49 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2013.01.11 18:28:49 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2013.01.11 18:28:48 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2013.01.11 18:28:48 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2013.01.11 17:31:54 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\DivX
[2013.01.11 17:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2013.01.11 17:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.01.11 17:31:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2013.01.11 17:27:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013.01.11 17:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2013.01.11 17:26:24 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_42.dll
[2013.01.11 17:26:23 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
[2013.01.11 17:25:07 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
[2013.01.11 17:25:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2013.01.11 17:24:10 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.01.11 17:24:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013.01.11 17:23:52 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\OpenCandy
[2013.01.11 17:23:51 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Winamp
[2013.01.11 17:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2013.01.10 18:59:20 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Flavio Tordini
[2013.01.10 18:58:36 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Musique
[2013.01.10 18:58:33 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Musique
[2013.01.10 13:52:12 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\MAGIX_MusicEditor
[2013.01.10 13:52:10 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Xara
[2013.01.10 13:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared
[2013.01.10 10:40:17 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\TURegOpt.exe
[2013.01.10 10:40:13 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\authuitu.dll
[2013.01.10 10:40:12 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\windows\SysWow64\authuitu.dll
[2013.01.10 10:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.01.10 10:39:41 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\TuneUp Software
[2013.01.10 10:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.01.10 10:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.01.10 10:38:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.01.10 10:38:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.01.09 23:06:31 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\MAGIX Downloads
[2013.01.09 23:06:30 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\MAGIX
[2013.01.09 16:15:12 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\simplitec
[2013.01.09 12:15:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX
[2013.01.09 12:13:51 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\MAGIX
[2013.01.09 12:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2013.01.09 12:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2013.01.09 12:13:01 | 000,000,000 | ---D | C] -- C:\ProgramData\simplitec
[2013.01.09 12:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2013.01.09 12:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2013.01.09 12:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013.01.09 09:03:29 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013.01.09 09:03:28 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2013.01.09 09:03:19 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2013.01.09 09:03:19 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2013.01.09 09:03:15 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2013.01.09 09:03:15 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2013.01.09 09:03:15 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll
[2013.01.09 09:03:15 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
[2013.01.09 09:03:15 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
[2013.01.09 09:03:15 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs
[2013.01.09 09:03:15 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
[2013.01.09 09:03:15 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs
[2013.01.09 09:03:15 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
[2013.01.09 09:03:15 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs
[2013.01.09 09:03:15 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
[2013.01.09 09:03:15 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs
[2013.01.09 09:03:15 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
[2013.01.09 09:03:15 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs
[2013.01.09 09:03:15 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
[2013.01.09 09:03:15 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs
[2013.01.09 09:03:15 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
[2013.01.09 09:03:15 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs
[2013.01.09 09:03:15 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
[2013.01.09 09:03:15 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs
[2013.01.09 09:03:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
[2013.01.09 09:03:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs
[2013.01.09 09:03:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs
[2013.01.09 09:03:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
[2013.01.09 09:03:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs
[2013.01.09 09:03:15 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
[2013.01.09 09:03:15 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs
[2013.01.09 09:03:14 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
[2013.01.09 09:03:14 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs
[2013.01.09 09:03:14 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
[2013.01.09 09:03:14 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs
[2013.01.09 09:03:14 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
[2013.01.09 09:02:56 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013.01.09 09:02:56 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013.01.09 09:02:55 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2013.01.09 09:02:55 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013.01.09 09:02:55 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013.01.09 09:02:55 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013.01.09 09:02:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013.01.09 09:02:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2013.01.09 09:02:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013.01.09 09:02:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2013.01.09 09:02:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013.01.09 09:02:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 09:02:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 09:02:55 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 09:02:55 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 09:02:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013.01.09 09:02:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 09:02:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013.01.09 09:02:39 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2013.01.08 21:34:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.01.08 21:28:24 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{35879EB4-B502-4EA8-A806-C52FBC551FE8}
[2013.01.04 00:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
[2013.01.04 00:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audiograbber
[2013.01.02 13:15:18 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Windows Live
[2013.01.02 13:14:56 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{9A8FCBE6-6F7C-4010-A61D-9C5C05AF89D3}
[2013.01.01 17:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
[2012.12.30 14:39:24 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\shexview-x64
[2012.12.30 12:15:33 | 000,000,000 | ---D | C] -- C:\Users\Martin\dwhelper
[2012.12.29 21:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV
[2012.12.29 21:35:43 | 000,038,672 | ---- | C] (PCTV Systems S.à r.l.) -- C:\windows\SysWow64\pcleUtil.dll
[2012.12.29 21:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinTV
[2012.12.29 21:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Hauppauge
[2012.12.29 21:18:19 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\windows\SysWow64\hcwtvwnd.dll
[2012.12.29 21:18:19 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\windows\SysWow64\hcwpnp32.dll
[2012.12.29 21:18:19 | 000,118,840 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\windows\SysWow64\hcwi2c32.dll
[2012.12.29 21:18:19 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\windows\SysWow64\hcwutl32.dll
[2012.12.29 21:00:34 | 000,658,944 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\windows\SysNative\drivers\hcw95bda.sys
[2012.12.29 21:00:34 | 000,019,840 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\windows\SysNative\hcw95rc.sys
[2012.12.29 21:00:34 | 000,019,840 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\windows\SysNative\drivers\hcw95rc.sys
[2012.12.29 21:00:31 | 000,000,000 | ---D | C] -- C:\Hauppauge
[2012.12.29 18:25:24 | 000,000,000 | ---D | C] -- C:\Users\Martin\.mediathek3
[2012.12.29 18:13:46 | 002,179,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc71d.dll
[2012.12.29 18:13:46 | 000,765,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp71d.dll
[2012.12.29 18:13:46 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr71d.dll
[2012.12.29 18:13:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IviSDK
[2012.12.29 18:13:00 | 001,409,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.007
[2012.12.29 18:13:00 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSComCt2.ocx
[2012.12.29 18:13:00 | 000,598,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.003
[2012.12.29 18:13:00 | 000,204,800 | ---- | C] (Hauppauge Computer Works) -- C:\windows\SysWow64\Mdcustoms.ocx
[2012.12.29 18:13:00 | 000,164,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.004
[2012.12.29 18:13:00 | 000,147,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.005
[2012.12.29 18:13:00 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Msinet.ocx
[2012.12.29 18:13:00 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSSTDFMT.DLL
[2012.12.29 18:13:00 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSCAL.OCX
[2012.12.29 18:13:00 | 000,069,632 | ---- | C] (Hauppauge Computer Works ) -- C:\windows\SysWow64\3DES.dll
[2012.12.29 18:13:00 | 000,053,248 | ---- | C] (Hauppauge) -- C:\windows\SysWow64\MDCustomPanels.ocx
[2012.12.29 18:13:00 | 000,022,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.008
[2012.12.29 18:13:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.006
[2012.12.29 18:12:22 | 000,000,000 | ---D | C] -- C:\MyVideos
[2012.12.29 18:11:54 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.002
[2012.12.29 18:11:54 | 000,278,581 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.001
[2012.12.29 18:11:54 | 000,077,878 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.000
[2012.12.27 21:41:11 | 000,000,000 | ---D | C] -- C:\Users\Martin\.VirtualBox
[2012.12.27 21:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2012.12.27 21:39:50 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.12.27 15:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.12.27 15:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012.12.27 15:49:12 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\windows\SysNative\sdnclean64.exe
[2012.12.27 15:49:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2012.12.25 09:27:18 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\redsn0w
[2012.12.22 21:13:45 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\dvdcss
[2012.12.22 03:00:20 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2012.12.22 03:00:20 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2012.12.22 03:00:20 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2012.12.22 03:00:20 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2012.12.21 16:40:41 | 000,000,000 | RH-D | C] -- C:\ESD
[2012.09.18 20:05:47 | 000,409,600 | ---- | C] (Kaspersky Lab ZAO) -- C:\Program Files\rescue2usb.exe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.20 00:41:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.01.20 00:40:15 | 000,000,029 | ---- | M] () -- C:\windows\SysWow64\TempWmicBatchFile.bat
[2013.01.20 00:17:46 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Foto Manager MX Deluxe.lnk
[2013.01.20 00:12:12 | 000,015,421 | ---- | M] () -- C:\Users\Martin\Desktop\WSfS-Arbeit.ods
[2013.01.20 00:06:55 | 001,507,170 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.01.20 00:06:55 | 000,657,676 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.01.20 00:06:55 | 000,618,912 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.01.20 00:06:55 | 000,131,016 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.01.20 00:06:55 | 000,107,232 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.01.19 23:07:59 | 000,045,083 | ---- | M] () -- C:\Users\Martin\Desktop\CA-Planung.ods
[2013.01.19 16:45:20 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013.01.19 16:45:19 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.01.19 13:47:44 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.19 13:47:44 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.19 13:39:05 | 000,000,280 | ---- | M] () -- C:\windows\tasks\AbelssoftPreloader.job
[2013.01.19 13:38:56 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013.01.19 13:38:30 | 4065,890,303 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.19 09:52:30 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\Bamboo Dock.lnk
[2013.01.19 09:35:53 | 000,677,816 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.01.18 14:39:36 | 000,053,381 | ---- | M] () -- C:\Users\Martin\Desktop\whoa.zip
[2013.01.16 08:36:32 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.01.16 08:17:01 | 000,001,054 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.01.15 17:22:30 | 000,021,573 | ---- | M] () -- C:\Users\Martin\Desktop\organigramm 11 2012.pdf
[2013.01.14 12:00:16 | 000,022,660 | ---- | M] () -- C:\Users\Martin\Desktop\Maja Muster.pdf
[2013.01.13 23:06:05 | 000,133,938 | ---- | M] () -- C:\Users\Martin\Desktop\wsfs-alt.jpg
[2013.01.13 22:43:41 | 000,143,547 | ---- | M] () -- C:\Users\Martin\Desktop\256026_473359232685334_1795865310_o.jpg
[2013.01.13 15:46:24 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013.01.13 15:12:30 | 000,046,890 | ---- | M] () -- C:\Users\Martin\Desktop\magix.jpg
[2013.01.13 13:54:32 | 000,002,926 | ---- | M] () -- C:\Users\Martin\Desktop\attach.zip
[2013.01.13 13:42:53 | 000,350,559 | ---- | M] () -- C:\Users\Martin\Desktop\avast_antirootkit.jpg
[2013.01.13 13:16:18 | 000,000,865 | ---- | M] () -- C:\Users\Martin\Desktop\ERUNT.lnk
[2013.01.13 10:58:42 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.01.13 10:58:29 | 000,002,256 | ---- | M] () -- C:\Users\Martin\Desktop\SpyHunter.lnk
[2013.01.12 10:44:35 | 000,001,347 | ---- | M] () -- C:\Users\Public\Desktop\Content Management Utility.lnk
[2013.01.11 18:07:11 | 008,057,590 | ---- | M] () -- C:\Users\Martin\Desktop\Sony NEX-FS700EK.pdf
[2013.01.11 17:32:41 | 000,001,614 | ---- | M] () -- C:\Users\Martin\Desktop\DivX Movies.lnk
[2013.01.11 17:32:08 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.01.11 17:31:35 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.01.10 13:52:06 | 000,120,200 | ---- | M] () -- C:\windows\SysWow64\DLLDEV32i.dll
[2013.01.10 13:51:38 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Plus.lnk
[2013.01.10 10:40:08 | 000,002,169 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.01.10 09:41:48 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.01.10 09:41:48 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.09 12:13:46 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Slideshow Maker 2.lnk
[2013.01.04 00:37:09 | 000,000,486 | ---- | M] () -- C:\windows\cdplayer.ini
[2013.01.04 00:30:11 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\Audiograbber.lnk
[2013.01.01 17:43:57 | 000,000,939 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2012.12.30 02:32:00 | 000,000,927 | ---- | M] () -- C:\Users\Martin\Desktop\MediathekView.exe - Verknüpfung.lnk
[2012.12.30 00:07:16 | 324,011,604 | ---- | M] () -- C:\Users\Martin\Rockpalast-Skunk_Anansie__Rocknacht_Special_2009_-rocknacht_special09_skunk_anansie.flv
[2012.12.29 23:55:51 | 680,228,746 | ---- | M] () -- C:\Users\Martin\Rockpalast-Me_First_&_The_Gimme_Gimmes__Area4_2012_-area4_12_me_first_n_the_gimme_gimmes_web_l.mp4.flv
[2012.12.29 23:48:37 | 740,226,961 | ---- | M] () -- C:\Users\Martin\Rockpalast-Red_Hot_Chili_Peppers__Rock_im_Pott_2012_-120924_rockpalast_chilli_peppers_web_l.mp4.flv
[2012.12.29 23:02:59 | 582,069,925 | ---- | M] () -- C:\Users\Martin\Rockpalast-LaBrassBanda_-_ein_musikalischer_Heimatfilm__2012_-labrassbanda_ein_musikalischer_heimatfilm_web_l.mp4.flv
[2012.12.29 22:49:15 | 1375,369,246 | ---- | M] () -- C:\Users\Martin\Tatort-Wunsch-Tatort__Die_Ballade_von_Cenk_und_...-format354323.mp4.flv
[2012.12.29 21:41:57 | 130,667,052 | ---- | M] () -- C:\Users\Martin\Rockpalast-LaBrassBanda__Reeperbahn_Festival_2010_-reeperbahn_festival10_labrassbanda.mp4.flv
[2012.12.29 21:37:04 | 000,001,082 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk
[2012.12.29 21:37:04 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\WinTV 7.lnk
[2012.12.29 21:36:57 | 000,000,209 | ---- | M] () -- C:\windows\ODBCINST.INI
[2012.12.29 21:36:57 | 000,000,135 | ---- | M] () -- C:\windows\ODBC.INI
[2012.12.29 21:36:25 | 000,037,639 | ---- | M] () -- C:\windows\Irremote.ini
[2012.12.29 21:36:25 | 000,000,960 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
[2012.12.29 21:35:06 | 000,007,188 | ---- | M] () -- C:\windows\HCWPNP.INI
[2012.12.29 21:21:28 | 933,834,752 | ---- | M] () -- C:\Users\Martin\Tatort-Wunsch-Tatort__Kinderland__FSK___ab_20_Uhr_-format354248.mp4.flv
[2012.12.29 21:21:06 | 021,880,832 | ---- | M] () -- C:\Users\Martin\Rockpalast-LaBrassBanda__Haldern_Pop_2011_-haldern11_labrassbanda.mp4.flv
[2012.12.27 21:40:02 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.12.27 16:08:10 | 000,000,285 | ---- | M] () -- C:\windows\wininit.ini
[2012.12.27 15:49:16 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012.12.24 13:09:16 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2012.12.22 13:52:41 | 000,001,403 | ---- | M] () -- C:\Users\Martin\Desktop\Windows installieren.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.19 09:52:30 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\Bamboo Dock.lnk
[2013.01.19 09:49:10 | 000,000,488 | ---- | C] () -- C:\windows\SysNative\PenTouchTabletUserDefaults.xml
[2013.01.19 09:49:10 | 000,000,488 | ---- | C] () -- C:\windows\SysNative\PenTabletUserDefaults.xml
[2013.01.18 14:39:36 | 000,053,381 | ---- | C] () -- C:\Users\Martin\Desktop\whoa.zip
[2013.01.17 14:38:06 | 000,045,083 | ---- | C] () -- C:\Users\Martin\Desktop\CA-Planung.ods
[2013.01.16 08:36:32 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.01.15 17:22:30 | 000,021,573 | ---- | C] () -- C:\Users\Martin\Desktop\organigramm 11 2012.pdf
[2013.01.15 09:20:26 | 000,015,421 | ---- | C] () -- C:\Users\Martin\Desktop\WSfS-Arbeit.ods
[2013.01.14 12:00:17 | 000,022,660 | ---- | C] () -- C:\Users\Martin\Desktop\Maja Muster.pdf
[2013.01.13 22:58:14 | 000,133,938 | ---- | C] () -- C:\Users\Martin\Desktop\wsfs-alt.jpg
[2013.01.13 22:43:36 | 000,143,547 | ---- | C] () -- C:\Users\Martin\Desktop\256026_473359232685334_1795865310_o.jpg
[2013.01.13 15:12:25 | 000,046,890 | ---- | C] () -- C:\Users\Martin\Desktop\magix.jpg
[2013.01.13 13:54:32 | 000,002,926 | ---- | C] () -- C:\Users\Martin\Desktop\attach.zip
[2013.01.13 13:42:51 | 000,350,559 | ---- | C] () -- C:\Users\Martin\Desktop\avast_antirootkit.jpg
[2013.01.13 13:16:18 | 000,000,865 | ---- | C] () -- C:\Users\Martin\Desktop\ERUNT.lnk
[2013.01.13 10:58:42 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.01.13 10:58:32 | 000,022,704 | ---- | C] () -- C:\windows\SysNative\drivers\EsgScanner.sys
[2013.01.13 10:58:29 | 000,002,256 | ---- | C] () -- C:\Users\Martin\Desktop\SpyHunter.lnk
[2013.01.12 10:44:35 | 000,001,347 | ---- | C] () -- C:\Users\Public\Desktop\Content Management Utility.lnk
[2013.01.11 18:07:11 | 008,057,590 | ---- | C] () -- C:\Users\Martin\Desktop\Sony NEX-FS700EK.pdf
[2013.01.11 17:32:41 | 000,001,614 | ---- | C] () -- C:\Users\Martin\Desktop\DivX Movies.lnk
[2013.01.11 17:32:08 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.01.11 17:31:35 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.01.11 17:26:29 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013.01.10 13:51:38 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Plus.lnk
[2013.01.10 10:40:08 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.01.10 10:40:07 | 000,002,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.01.09 12:15:23 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Foto Manager MX Deluxe.lnk
[2013.01.09 12:13:46 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Slideshow Maker 2.lnk
[2013.01.04 00:30:11 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\Audiograbber.lnk
[2012.12.30 02:32:00 | 000,000,927 | ---- | C] () -- C:\Users\Martin\Desktop\MediathekView.exe - Verknüpfung.lnk
[2012.12.29 23:48:41 | 324,011,604 | ---- | C] () -- C:\Users\Martin\Rockpalast-Skunk_Anansie__Rocknacht_Special_2009_-rocknacht_special09_skunk_anansie.flv
[2012.12.29 23:03:03 | 680,228,746 | ---- | C] () -- C:\Users\Martin\Rockpalast-Me_First_&_The_Gimme_Gimmes__Area4_2012_-area4_12_me_first_n_the_gimme_gimmes_web_l.mp4.flv
[2012.12.29 22:49:19 | 740,226,961 | ---- | C] () -- C:\Users\Martin\Rockpalast-Red_Hot_Chili_Peppers__Rock_im_Pott_2012_-120924_rockpalast_chilli_peppers_web_l.mp4.flv
[2012.12.29 21:42:01 | 582,069,925 | ---- | C] () -- C:\Users\Martin\Rockpalast-LaBrassBanda_-_ein_musikalischer_Heimatfilm__2012_-labrassbanda_ein_musikalischer_heimatfilm_web_l.mp4.flv
[2012.12.29 21:37:04 | 000,001,082 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk
[2012.12.29 21:37:04 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\WinTV 7.lnk
[2012.12.29 21:36:25 | 000,000,960 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
[2012.12.29 21:35:40 | 000,142,337 | ---- | C] () -- C:\windows\SysWow64\Wait.exe
[2012.12.29 21:34:58 | 000,007,188 | ---- | C] () -- C:\windows\HCWPNP.INI
[2012.12.29 21:30:28 | 130,667,052 | ---- | C] () -- C:\Users\Martin\Rockpalast-LaBrassBanda__Reeperbahn_Festival_2010_-reeperbahn_festival10_labrassbanda.mp4.flv
[2012.12.29 21:30:18 | 1375,369,246 | ---- | C] () -- C:\Users\Martin\Tatort-Wunsch-Tatort__Die_Ballade_von_Cenk_und_...-format354323.mp4.flv
[2012.12.29 21:18:59 | 021,880,832 | ---- | C] () -- C:\Users\Martin\Rockpalast-LaBrassBanda__Haldern_Pop_2011_-haldern11_labrassbanda.mp4.flv
[2012.12.29 20:40:59 | 933,834,752 | ---- | C] () -- C:\Users\Martin\Tatort-Wunsch-Tatort__Kinderland__FSK___ab_20_Uhr_-format354248.mp4.flv
[2012.12.29 18:13:46 | 000,149,504 | ---- | C] () -- C:\windows\SysWow64\UNWISE.EXE
[2012.12.29 18:13:11 | 000,037,639 | ---- | C] () -- C:\windows\Irremote.ini
[2012.12.29 18:13:00 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\dmcrypto.dll
[2012.12.29 18:12:22 | 000,000,209 | ---- | C] () -- C:\windows\ODBCINST.INI
[2012.12.29 18:12:22 | 000,000,135 | ---- | C] () -- C:\windows\ODBC.INI
[2012.12.27 21:40:02 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.12.27 16:08:10 | 000,000,285 | ---- | C] () -- C:\windows\wininit.ini
[2012.12.27 15:49:16 | 000,002,145 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012.12.27 15:49:16 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012.12.22 13:52:41 | 000,001,403 | ---- | C] () -- C:\Users\Martin\Desktop\Windows installieren.lnk
[2012.11.26 00:30:01 | 000,032,256 | ---- | C] () -- C:\windows\SysWow64\AVSredirect.dll
[2012.11.26 00:27:28 | 000,107,520 | RHS- | C] () -- C:\windows\SysWow64\TAKDSDecoder.dll
[2012.11.08 08:25:03 | 001,526,948 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012.10.13 14:34:22 | 000,340,480 | ---- | C] () -- C:\windows\SysWow64\K8062e.exe
[2012.10.13 14:34:22 | 000,322,048 | ---- | C] () -- C:\windows\SysWow64\Easylase.dll
[2012.10.13 14:34:22 | 000,301,056 | ---- | C] () -- C:\windows\SysWow64\usbdmxfs.dll
[2012.10.13 14:34:22 | 000,110,592 | ---- | C] () -- C:\windows\SysWow64\usb_dll.dll
[2012.10.13 14:34:22 | 000,084,992 | ---- | C] () -- C:\windows\SysWow64\DMX510Vb.dll
[2012.10.13 14:34:22 | 000,049,152 | ---- | C] () -- C:\windows\SysWow64\EspionDll.dll
[2012.10.13 14:34:22 | 000,042,496 | ---- | C] () -- C:\windows\SysWow64\K8062D.dll
[2012.10.13 14:34:22 | 000,037,888 | ---- | C] () -- C:\windows\SysWow64\LPT_dmx.dll
[2012.10.13 14:34:22 | 000,032,768 | ---- | C] () -- C:\windows\SysWow64\MPUSBAPI.DLL
[2012.10.13 14:34:22 | 000,017,920 | ---- | C] () -- C:\windows\SysWow64\usbdmxsi.dll
[2012.10.13 14:34:22 | 000,016,384 | ---- | C] () -- C:\windows\SysWow64\FASTTime32.dll
[2012.10.13 14:34:22 | 000,003,584 | ---- | C] () -- C:\windows\SysWow64\drivers\dlportio.sys
[2012.10.13 14:34:21 | 000,077,824 | ---- | C] () -- C:\windows\SysWow64\dashardvb.dll
[2012.10.13 14:34:21 | 000,044,544 | ---- | C] () -- C:\windows\SysWow64\dmx60.dll
[2012.10.13 14:34:21 | 000,044,544 | ---- | C] () -- C:\windows\SysWow64\dmx120.dll
[2012.10.13 14:34:21 | 000,036,864 | ---- | C] () -- C:\windows\SysWow64\USB.dll
[2012.10.13 14:34:21 | 000,032,768 | ---- | C] () -- C:\windows\SysWow64\inpout32.dll
[2012.09.26 12:36:22 | 000,017,408 | ---- | C] () -- C:\Users\Martin\AppData\Local\WebpageIcons.db
[2012.09.22 23:14:19 | 000,000,486 | ---- | C] () -- C:\windows\cdplayer.ini
[2012.09.18 20:05:48 | 000,028,160 | ---- | C] () -- C:\Program Files\syslinux.exe
[2012.09.18 20:05:48 | 000,000,237 | ---- | C] () -- C:\Program Files\syslinux.cfg
[2012.09.18 20:05:47 | 000,237,849 | ---- | C] () -- C:\Program Files\grub.exe
[2012.09.17 10:30:01 | 001,044,480 | ---- | C] ( ) -- C:\windows\SysWow64\lmabserv.dll
[2012.09.17 10:30:01 | 000,802,816 | ---- | C] ( ) -- C:\windows\SysWow64\lmabcomc.dll
[2012.09.17 10:30:01 | 000,593,920 | ---- | C] ( ) -- C:\windows\SysWow64\lmabcoms.exe
[2012.09.17 10:30:01 | 000,376,832 | ---- | C] ( ) -- C:\windows\SysWow64\lmabcomm.dll
[2012.09.17 10:30:01 | 000,356,352 | ---- | C] ( ) -- C:\windows\SysWow64\lmabhcp.dll
[2012.09.16 17:11:50 | 000,000,396 | ---- | C] () -- C:\windows\hbcikrnl.ini
[2012.09.16 17:11:46 | 000,167,936 | ---- | C] () -- C:\windows\SysWow64\SerialXP.dll
[2012.09.16 17:11:46 | 000,027,648 | ---- | C] () -- C:\windows\SysWow64\win32com.dll
[2012.09.16 08:23:56 | 002,469,760 | ---- | C] () -- C:\windows\SysWow64\BootMan.exe
[2012.09.16 08:23:56 | 000,086,408 | ---- | C] () -- C:\windows\SysWow64\setupempdrv03.exe
[2012.09.16 08:23:56 | 000,019,840 | ---- | C] () -- C:\windows\SysWow64\EuEpmGdi.dll
[2012.09.16 08:23:56 | 000,014,216 | ---- | C] () -- C:\windows\SysWow64\epmntdrv.sys
[2012.09.16 08:23:56 | 000,008,456 | ---- | C] () -- C:\windows\SysWow64\EuGdiDrv.sys
[2012.05.10 21:17:42 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2012.05.10 19:48:20 | 000,003,226 | ---- | C] () -- C:\windows\HotFixList.ini
[2012.02.06 05:42:56 | 000,734,772 | ---- | C] () -- C:\windows\SysWow64\igkrng700.bin
[2012.02.06 05:42:55 | 000,557,476 | ---- | C] () -- C:\windows\SysWow64\igfcg700m.bin
[2012.02.06 05:42:53 | 000,058,880 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012.02.06 05:42:52 | 012,978,688 | ---- | C] () -- C:\windows\SysWow64\ig7icd32.dll
[2012.02.02 14:08:26 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
[2011.05.20 10:16:50 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2011.05.20 10:16:50 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2011.05.20 10:16:50 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2011.05.20 10:16:50 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.15 19:21:33 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Abelssoft
[2012.11.24 10:41:18 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Amazon
[2013.01.04 00:22:19 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Audacity
[2012.09.16 17:14:26 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Buhl Data Service
[2012.09.24 12:51:19 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Buhl Data Service GmbH
[2012.09.16 17:25:54 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DataDesign
[2013.01.19 23:39:40 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Dropbox
[2012.11.12 00:02:32 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DVDVideoSoft
[2012.12.16 16:11:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\fotobuch.de AG
[2012.09.16 17:42:55 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\IrfanView
[2012.10.09 08:49:41 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Juan M. Aguirregabiria
[2012.09.16 16:39:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\LibreOffice
[2013.01.10 13:54:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\MAGIX
[2012.11.07 11:42:55 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Media Mushroom Limited
[2012.12.09 16:28:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\MOBILedit
[2013.01.04 02:44:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mp3tag
[2013.01.11 17:24:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\OpenCandy
[2012.12.19 14:00:51 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PDF Writer
[2012.12.25 09:27:18 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\redsn0w
[2012.11.15 18:59:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Samsung
[2013.01.09 16:15:12 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\simplitec
[2013.01.12 12:02:04 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Spotify
[2013.01.12 17:05:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TeamViewer
[2012.09.16 10:58:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Thunderbird
[2013.01.11 10:15:27 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TuneUp Software
[2013.01.19 09:52:39 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Wacom
[2013.01.19 09:52:44 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2012.12.08 17:00:46 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Wuala
[2012.11.12 09:58:09 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\XMedia Recode
========== Purity Check ==========
< End of report >
extras.txt in next reply
-
OTL Extras logfile created on: 20.01.2013 00:59:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,79 Gb Total Physical Memory | 5,68 Gb Available Physical Memory | 72,92% Memory free
15,57 Gb Paging File | 12,98 Gb Available in Paging File | 83,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 108,05 Gb Total Space | 19,96 Gb Free Space | 18,47% Space Free | Partition Type: NTFS
Drive D: | 798,17 Gb Total Space | 511,85 Gb Free Space | 64,13% Space Free | Partition Type: NTFS
Drive E: | 7,39 Gb Total Space | 7,39 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive F: | 298,08 Gb Total Space | 213,71 Gb Free Space | 71,70% Space Free | Partition Type: NTFS
Computer Name: DISNEYKILLER | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe" = C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe:*:Designer.exe -- ()
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe" = C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe:*:Designer.exe -- ()
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04257622-9EDB-47D2-829B-37493E4C2F31}" = lport=8743 | protocol=6 | dir=in | name=allshareframeworkdms action tcp port |
"{1205D80F-7F42-4D75-9CB7-0F5230177C66}" = rport=445 | protocol=6 | dir=out | app=system |
"{121725CE-0EC3-4189-91DD-45296C57AF40}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{12305FC4-DD35-48C2-8724-C9F1C8065333}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{131C3E00-3B0F-47C5-8C92-123E4273E209}" = lport=7679 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port2 |
"{16D08B96-712F-4131-9FCD-1D8A9D9371B1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1C5A1573-3132-4B3E-9F2B-150225182637}" = rport=138 | protocol=17 | dir=out | app=system |
"{340A9344-5F8B-4945-8359-22C836B5D11E}" = lport=24234 | protocol=6 | dir=in | name=allshareframework dms service udp port1 |
"{3C4BA87A-1836-4E6E-9B89-595EE41D7914}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{42A1EBB3-CD66-49D9-B3B4-52082257D1F3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4527CB4C-E925-4B94-A86D-CC2EC09AB2A9}" = rport=139 | protocol=6 | dir=out | app=system |
"{456D14DF-B935-4C00-B608-3D9183F2F4B8}" = lport=7676 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port1 |
"{584D06F1-0F6B-4952-9BC9-DED11223CF44}" = lport=8643 | protocol=6 | dir=in | name=allshareframeworkdms event tcp port |
"{5D636C61-1321-4EF2-A8D0-6199F5A03326}" = lport=137 | protocol=17 | dir=in | app=system |
"{5DB286CC-C3FE-43F3-BFE0-7AC30AF1D410}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{61566690-D377-4914-BC00-9A9D9CC8A6D5}" = lport=1900 | protocol=6 | dir=in | name=upnp multicast port |
"{6342E97B-AD2C-45E6-9129-5C960755B373}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{87E6E57B-C4D5-4E78-A35B-0010BDD6808D}" = lport=139 | protocol=6 | dir=in | app=system |
"{924033F5-16DD-4B06-B516-65E476ADD8C0}" = lport=138 | protocol=17 | dir=in | app=system |
"{934F749E-57D5-45A9-9D73-C4624713BE4E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{95EAD124-6FCA-4E3E-92B7-EC8B9A72EF8F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{991D2B28-401C-4005-953C-550457C8532C}" = lport=445 | protocol=6 | dir=in | app=system |
"{9F774D36-3662-4AEF-8838-8C5E2C7F53D9}" = rport=137 | protocol=17 | dir=out | app=system |
"{A8A260B0-BC74-45C5-A289-8FD913029BB2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B80F9D3F-A75A-46F0-9E90-FF1EECEBC199}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C5D84890-FCD9-4EC4-B3F2-01AD9B7C78BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CA55A144-49B8-4957-9B9F-0622FBC67C69}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4147F32-FC73-4418-8AA6-537021AEF6B6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E0BE1F69-3B64-4224-8CAC-A10ED2D82474}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E1D20178-62C9-4ADE-BC8E-FAAF0ECBD95C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{F9057DCF-1949-4B77-A334-930C65F52736}" = lport=7900 | protocol=6 | dir=in | name=allshareframework dms service udp port2 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033358F3-0EA2-415B-A142-CC018A1AC944}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{044E2122-9032-4D7B-8E16-4E22371E386B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{059EFD2B-AEA8-49C5-9652-BE55ED6A0E29}" = protocol=6 | dir=out | app=system |
"{0E734584-7657-4846-9F59-AA8229C0110C}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{0FBA0223-86DF-4281-86B9-DC146161864E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{19390803-B17D-4C2F-AAF9-A29091722299}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1D8D41D3-D41C-4560-9CD3-E22A0BA9EBD8}" = protocol=6 | dir=in | app=c:\program files (x86)\wintv\wintv7\wintv7.exe |
"{1F477350-FDAA-4ADB-AAC5-B6FA8BA47EBF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{21BF75FA-4422-4428-9209-0CCC8353A561}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2D2ECA4E-02C7-47E7-9DF4-BE9E63A41DBD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3142B7E8-5AA3-4DB7-8EF7-BD259F0182A9}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{38A53788-AD34-4429-A585-67AA556F0D2A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{3E663F84-DD83-4B13-AC35-B50C49904FDB}" = dir=in | app=c:\program files (x86)\cyberlink\media+player10\media+player10.exe |
"{3FCCB8CA-E73F-4F5E-9069-52A8DD4420E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{524C92BE-5526-4B04-AAF0-6408176E137A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{53A8AC6F-66B1-4D94-9A21-B90E7DCB0272}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{557D447B-F941-462A-9D70-45E7CDD465DE}" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{5A53D20D-28F1-4374-B6FF-BA081C22440B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{6E2F4858-28B5-4AE1-97F3-09B3F4A8C0ED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{795E824C-598E-45A8-BD74-0DBBA98B3311}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{798271F5-9108-42F6-806A-F6A4A11E75AC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{84633B20-5FCD-4683-9A7F-1DAA0DFF13ED}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8519E2D9-4704-4148-841A-8390CCF2349B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86B7B9FB-8F00-428B-A7E9-137EF2F4FCA1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8881502E-9C34-47BE-8CDB-5F8F276F013E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{8BE7CF0D-2FF9-4FB1-A04D-4FB02BF44FB5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8FD27511-5C34-437C-AE9F-637284B27320}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{92224EFF-069C-4B5D-B907-C306410D060E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{93BDCBA2-AEC2-4A6C-82F7-961F3C72DC41}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{93EA3BAD-EEFA-4FBC-ACB5-472030B88BB5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{99BC93C8-32F5-4503-B48F-9BAD79985F2C}" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{9B955495-B9BF-4C07-97C9-41AF0B24A60F}" = dir=in | app=c:\windows\system32\lmabcoms.exe |
"{9E39FB90-9DC2-4128-9A6F-D92413686B30}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A069EB67-EC2F-4B8C-8150-C05347AE75E2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A48DAFCF-C3B6-49FE-B3EF-8423322C134F}" = protocol=6 | dir=in | app=c:\program files (x86)\wintv\wintv7\wintv7.exe |
"{AB555186-74B6-467F-AFC2-C0D076E256D2}" = protocol=17 | dir=in | app=c:\program files (x86)\wintv\wintv7\wintv7.exe |
"{ACDE1488-87AD-462A-B092-518B86EE0A82}" = protocol=17 | dir=in | app=c:\program files (x86)\wintv\wintv7\wintv7.exe |
"{B5EAE3BD-4187-4EF6-AE7A-8C834B55963B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BCDC3B11-2B58-4EFE-A19D-9900A27CA398}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{C5411234-FD79-4F07-BB96-7539753FF7C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C697FA02-EF61-4A1D-8CAE-073D9DE33F19}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D3EEC4A8-9419-4A65-808E-42AE4B5197FB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D88A6B85-C8A8-4E63-8846-15B11C907FA4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DDCAF19C-B3FE-4000-B852-8DBA62E6B457}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DE913019-A8E8-47B2-9934-D5716AE6A18F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DF269529-CEA7-4BE0-9446-965923844368}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E1C530BB-394C-4314-A6ED-F42834FE7CA8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{142211B0-761F-419C-ABBA-1AF0B68B30F0}C:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{1CF5D5EE-B230-47B5-8D7C-8B21606AF6FF}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{9D3513DE-5DB1-4391-AB71-B91CC0F988C0}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{F86DDF63-05BE-4983-A8F8-37C78D7B5D2D}C:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}" = Easy Support Center
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}" = MAGIX Video deluxe 2013 Plus
"{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
"{3C48BC2C-D2A2-4881-AFF7-7D7EDB2C87EC}" = MAGIX Foto Manager MX Deluxe Update
"{3DCF00F5-04A5-4543-A088-705480811206}_is1" = Compiled Driver Disk (Samsung) 1.0
"{3DCF00F5-04A5-4543-A088-70548081120D}_is1" = Compiled Driver Disk (Apple) 1.0
"{48897B17-3DD2-4BAA-A81D-4E4EA8E9FD51}" = MAGIX Slideshow Maker 2
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E6FF6CD-9CF3-4434-BB5D-24943FD54FFC}" = MAGIX Foto Manager MX Deluxe
"{6EBA183A-EFD3-4FF4-BC00-9A9B97EA7A10}" = MAGIX Speed burnR (MSI)
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{759A91E8-0024-45F3-A8F3-CDC5E13B4425}_is1" = Compiled Driver Disk (Android) 1.0
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83B952C7-F8F3-4CA3-B4C5-33C85B24E478}" = SpyHunter
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A7E72ECA-AE71-1865-FA8E-E6537C040C3C}" = ZoomEx
"{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}" = Oracle VM VirtualBox 4.2.6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 295.55
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 295.55
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.1111
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1" = Phone Drivers Downloader 1.1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF7756DD-656A-45C3-BA71-74673E8259A9}" = Intel® PROSet/Wireless WiFi Software
"{F0932859-AA60-459E-B843-0BDECA34E2C7}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F9EB0DDE-931C-4E89-96B2-DE8286EDFA6C}" = ExpressCache
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 9.3.0.1516
"Elantech" = ETDWare PS/2-X64 10.7.16.1_WHQL
"Lexmark_HostCD" = Lexmark Software deinstallieren
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Pen Tablet Driver" = Bamboo
"ProInst" = Intel PROSet Wireless
"VLC media player" = VLC media player 2.0.2
"ZoomEx" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{119B7882-19D7-4BE7-A417-29BB479D3ABE}" = Multimedia POP
"{12F81925-F3C1-40DB-91F7-777817974319}" = Easy File Share
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Settings
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries
"{1C92BD87-DC1B-4C4E-BFB4-2C79E88FA752}" = Jazz-Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}" = Firebird SQL Server - MAGIX Edition
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1" = MOBILedit! ver. 6.9.0.2848
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53820F89-063F-10D7-7457-06C201F4CBF0}" =
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{5D8EDA13-0DF8-49C7-B8D0-1EF16B29C2BC}" = Content Management Utility
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66C26636-3B68-4B60-B2CB-5CDB89E16DD7}" = Easy Phone Sync
"{6E0C3C3D-CF8A-4AEC-AD6C-B4486A96BE8E}" = Bamboo Tablets Tutorial
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{833F99E1-D2A5-49EA-A71D-1D5924110708}_is1" = BC Manager 2.4.0
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F311E92-C29F-4DF9-8259-B739A1831669}_is1" = SUPER © v2012.build.54 (Nov 18, 2012) Version v2012.build.54
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90DFD61B-8224-00C6-3D69-A983B60A394E}" = Bamboo Dock
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93F34C5C-ACAA-48F3-9B26-70359A117F12}" = Intel(R) WiDi
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B750B5C2-CC17-4967-905B-29F4EB986131}" = Software Launcher
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery™ 2012 Free
"{C2F438B6-7010-453B-93EC-B2FC053AA97B}" = LibreOffice 3.6
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{DAC580DB-6629-43B9-98DD-8BABA515B958}" = WISO Mein Geld 2013 Professional
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode Version 3.1.3.0
"{DE256D8B-D971-456D-BC02-CB64DA24F115}" = Easy Software Manager
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EDE7A262-DB20-4432-A630-2ACEE186C416}" = Easy Migration
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}" = E-POP
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{FC338210-F594-11D3-BA24-00001C3AB4DF}" = cyberJack Base Components
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"7-Zip" = 7-Zip 9.22beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3-Plugin (64 bit)
"AutocompletePro3_is1" = AutocompletePro
"Bamboo Dock" = Bamboo Dock
"Designer 2.0_is1" = Designer 2.0
"Directory Compare_is1" = Directory Compare
"DivX Setup" = DivX-Setup
"DramaQueen" = DramaQueen
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"ERUNT_is1" = ERUNT 1.1j
"Everything" = Everything 1.2.1.371
"Free WAV to MP3 Converter" = Free WAV to MP3 Converter
"FreeStyler_is1" = FreeStyler
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.3.0 (Basic)
"LAME_is1" = LAME v3.99.3 (for Windows)
"MAGIX_{2B9CA7F6-64A9-4346-9238-CDC3604A8D66}" = MAGIX Video deluxe 2013 Plus
"MAGIX_{48897B17-3DD2-4BAA-A81D-4E4EA8E9FD51}" = MAGIX Slideshow Maker 2
"MAGIX_{6E6FF6CD-9CF3-4434-BB5D-24943FD54FFC}" = MAGIX Foto Manager MX Deluxe
"MAGIX_{6EBA183A-EFD3-4FF4-BC00-9A9B97EA7A10}" = MAGIX Speed burnR (MSI)
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 18.0 (x86 de)" = Mozilla Firefox 18.0 (x86 de)
"Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.54
"Office14.SingleImage" = Microsoft Office Professional 2010
"Picasa 3" = Picasa 3
"SP_5dec30d7" =
"TeamViewer 8" = TeamViewer 8
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VLC media player" = VLC media player 2.0.5
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WashAndGo_is1" = WashAndGo
"Winamp" = Winamp
"WISO Mein Geld 2013 Professional" = WISO Mein Geld 2013 Professional
"Wuala CBFS" = Wuala CBFS
"Wuala OverlayIcons" = Wuala OverlayIcons
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Musique" = Musique
"Spotify" = Spotify
"Winamp Detect" = Winamp Erkennungs-Plug-in
"Wuala" = Wuala
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.01.2013 03:38:17 | Computer Name = disneykiller | Source = WinMgmt | ID = 10
Description =
Error - 18.01.2013 04:46:35 | Computer Name = disneykiller | Source = WinMgmt | ID = 10
Description =
Error - 18.01.2013 04:46:36 | Computer Name = disneykiller | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TuneUpUtilitiesService64.exe, Version:
13.0.3000.132, Zeitstempel: 0x50b779bd Name des fehlerhaften Moduls: TuneUpUtilitiesService64.exe,
Version: 13.0.3000.132, Zeitstempel: 0x50b779bd Ausnahmecode: 0xc0000005 Fehleroffset:
0x000000000001cbe6 ID des fehlerhaften Prozesses: 0x9b4 Startzeit der fehlerhaften
Anwendung: 0x01cdf5584c77e21f Pfad der fehlerhaften Anwendung: C:\Program Files
(x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe Berichtskennung:
90d54230-614b-11e2-9743-08002700ac0b
Error - 19.01.2013 04:36:04 | Computer Name = disneykiller | Source = WinMgmt | ID = 10
Description =
Error - 19.01.2013 08:16:33 | Computer Name = disneykiller | Source = WinMgmt | ID = 10
Description =
Error - 19.01.2013 08:38:52 | Computer Name = disneykiller | Source = WinMgmt | ID = 10
Description =
Error - 19.01.2013 18:37:44 | Computer Name = disneykiller | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: shlxthdl_x64.dll, Version:
3.6.1.2, Zeitstempel: 0x5034bc94 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000001b1bf
ID
des fehlerhaften Prozesses: 0x1244 Startzeit der fehlerhaften Anwendung: 0x01cdf641f1c115ad
Pfad
der fehlerhaften Anwendung: C:\windows\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl_x64.dll Berichtskennung:
d6d4806b-6288-11e2-bc21-08002700ac0b
Error - 19.01.2013 18:39:35 | Computer Name = disneykiller | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: shlxthdl_x64.dll, Version:
3.6.1.2, Zeitstempel: 0x5034bc94 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000001b1bf
ID
des fehlerhaften Prozesses: 0x1ac0 Startzeit der fehlerhaften Anwendung: 0x01cdf6959d040f05
Pfad
der fehlerhaften Anwendung: C:\windows\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl_x64.dll Berichtskennung:
18e90793-6289-11e2-bc21-08002700ac0b
Error - 19.01.2013 18:39:54 | Computer Name = disneykiller | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: shlxthdl_x64.dll, Version:
3.6.1.2, Zeitstempel: 0x5034bc94 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000001b1bf
ID
des fehlerhaften Prozesses: 0x1e34 Startzeit der fehlerhaften Anwendung: 0x01cdf695df95b579
Pfad
der fehlerhaften Anwendung: C:\windows\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl_x64.dll Berichtskennung:
247852e6-6289-11e2-bc21-08002700ac0b
Error - 19.01.2013 18:41:58 | Computer Name = disneykiller | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567,
Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: shlxthdl_x64.dll, Version:
3.6.1.2, Zeitstempel: 0x5034bc94 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000001b1bf
ID
des fehlerhaften Prozesses: 0x226c Startzeit der fehlerhaften Anwendung: 0x01cdf695e9d6d5ce
Pfad
der fehlerhaften Anwendung: C:\windows\explorer.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl_x64.dll Berichtskennung:
6e260b7b-6289-11e2-bc21-08002700ac0b
[ Spybot - Search and Destroy Events ]
Error - 27.12.2012 11:08:11 | Computer Name = disneykiller | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 30.12.2012 09:57:23 | Computer Name = disneykiller | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 13.01.2013 06:50:34 | Computer Name = disneykiller | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
[ System Events ]
Error - 19.01.2013 04:35:56 | Computer Name = disneykiller | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DriverLINX Port I/O Driver" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1275
Error - 19.01.2013 04:37:04 | Computer Name = disneykiller | Source = DCOM | ID = 10016
Description =
Error - 19.01.2013 08:16:21 | Computer Name = disneykiller | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\DLPortIO.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 19.01.2013 08:16:21 | Computer Name = disneykiller | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DriverLINX Port I/O Driver" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1275
Error - 19.01.2013 08:17:33 | Computer Name = disneykiller | Source = DCOM | ID = 10016
Description =
Error - 19.01.2013 08:38:39 | Computer Name = disneykiller | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\DLPortIO.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 19.01.2013 08:38:39 | Computer Name = disneykiller | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DriverLINX Port I/O Driver" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1275
Error - 19.01.2013 08:39:52 | Computer Name = disneykiller | Source = DCOM | ID = 10016
Description =
Error - 19.01.2013 08:42:12 | Computer Name = disneykiller | Source = DCOM | ID = 10010
Description =
Error - 19.01.2013 19:12:43 | Computer Name = disneykiller | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
< End of report >
-
Hi disneykiller,
What do you know about Privitize VPN?
- Please download AdwCleaner by Xplode onto your desktop.
- Close all open programs and internet browsers.
- Right click on AdwCleaner.exe and click "Run as Administrator" to run the tool.
- Click on Delete.
- Once done it will ask to reboot, allow the reboot
- On reboot a log will be produced, please attach the content of the log to your next reply
Any better?
Last edited by oldman960; 2013-01-20 at 19:26.
-
Hi, here's the Adwcleaner-log.
Privatize VPN seems to be a virtual private network. Google says it comes from piratebay?
Here's one answer I found:
"Hate to tell you this but "Privitize VPN" is Malware, your computer is INFECTED. Just by visiting the site, a Trojan is downloaded. From there, no telling what all else is installed.
Suggested removal tools:
Malwarebytes' Antimalware(FREE)"
I dont trust that. Is it on my pc? How can I get rid of it?
Don't know by now it its any better now. Browse to saves only comes up now and then. But I'm pretty excited. Thank you for your help!
-
Hi disneykiller,
If you had to google it it's unlikely you knowingly installed it. It does seem to go hand in hand with some of the adware you had on your computer. We can take care of it.
Let's see what's left.
- Double click on OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output
- Check the box beside "scan all users"
- Check the boxes beside LOP Check and Purity Check.
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open a notepad window, OTL.Txt, no Extras.Txt this time.
-
new otl-file
Here we go: part 1
OTL logfile created on: 21.01.2013 12:22:11 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,79 Gb Total Physical Memory | 5,72 Gb Available Physical Memory | 73,41% Memory free
15,57 Gb Paging File | 12,97 Gb Available in Paging File | 83,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 108,05 Gb Total Space | 19,73 Gb Free Space | 18,26% Space Free | Partition Type: NTFS
Drive D: | 798,17 Gb Total Space | 511,66 Gb Free Space | 64,10% Space Free | Partition Type: NTFS
Drive E: | 7,39 Gb Total Space | 6,83 Gb Free Space | 92,32% Space Free | Partition Type: FAT32
Computer Name: DISNEYKILLER | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\Martin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
PRC - C:\Program Files\Tablet\Pen\WacomHost.exe (Wacom Technology)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe (Samsung Electronics CO., LTD.)
PRC - C:\Windows\SysWOW64\cjpcsc.exe (REINER SCT)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe (Samsung Electronics)
PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (SEC)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
PRC - C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe ()
PRC - C:\Program Files\Lexmark\ErrorApp\lmab1err.exe ( )
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Everything\Everything.exe ()
========== Modules (No Company Name) ==========
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Bamboo Dock\BambooWinTab.dll ()
MOD - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll ()
MOD - C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll ()
MOD - C:\Program Files\Lexmark\Monitor\ACB\LMabDRS.dll ()
MOD - C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe ()
MOD - C:\Program Files\Lexmark\Monitor\ACB\LMabscw.dll ()
MOD - C:\Program Files\Lexmark\Monitor\ACB\LMabcaps.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Everything\Everything.exe ()
MOD - C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (WTabletServiceCon) -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (Wacom Technology, Corp.)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (ExpressCache) -- C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe (Diskeeper Corporation)
SRV:64bit: - (lmab_device) -- C:\Windows\SysNative\lmabcoms.exe ( )
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (SpyHunter 4 Service) -- C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE (Enigma Software Group USA, LLC.)
SRV - (HauppaugeTVServer) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (cjpcsc) -- C:\Windows\SysWOW64\cjpcsc.exe (REINER SCT)
SRV - (SamsungDeviceConfigurationWinService) -- C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe ()
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (CronService) -- C:\Program Files (x86)\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
SRV - (lmab_device) -- C:\Windows\SysWOW64\lmabcoms.exe ( )
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (wacomrouterfilter) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys (Wacom Technology)
DRV:64bit: - (WacHidRouter) -- C:\Windows\SysNative\drivers\wachidrouter.sys (Wacom Technology)
DRV:64bit: - (hidkmdf) -- C:\Windows\SysNative\drivers\hidkmdf.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (EsgScanner) -- C:\Windows\SysNative\drivers\EsgScanner.sys ()
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (cbfs3) -- C:\Windows\SysNative\drivers\cbfs3.sys (EldoS Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (btmaudio) -- C:\Windows\SysNative\drivers\btmaud.sys (Intel Corporation)
DRV:64bit: - (hcw95rc) -- C:\Windows\SysNative\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hcw95bda) -- C:\Windows\SysNative\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (Uim_IM) -- C:\Windows\SysNative\drivers\Uim_IMx64.sys (Paragon)
DRV:64bit: - (UimBus) -- C:\Windows\SysNative\drivers\uimx64.sys (Windows (R) 2000 DDK provider)
DRV:64bit: - (Uim_VIM) -- C:\Windows\SysNative\drivers\uim_vimx64.sys (Paragon)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (excsd) -- C:\Windows\SysNative\drivers\excsd.sys (Diskeeper Corporation)
DRV:64bit: - (excfs) -- C:\Windows\SysNative\drivers\excfs.sys (Diskeeper Corporation)
DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys ()
DRV:64bit: - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys ()
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (cjusb) -- C:\Windows\SysNative\drivers\cjusb.sys (REINER SCT)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (acpials) -- C:\Windows\SysNative\drivers\acpials.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (DLPortIO) -- C:\windows\SysWow64\drivers\dlportio.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{5C74A4D5-B8EB-48D7-B3A7-A274701ED6D3}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchab.com/?aff=7&uid=c61aca2d-4839-11e2-8e56-e8039ab06a14&q={searchTerms}
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Privitize VPN"
FF - prefs.js..browser.search.defaultenginename: "Privitize VPN"
FF - prefs.js..browser.search.order.1: "Privitize VPN"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://startpage.com/"
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7Bfbfbcf27-b313-47a9-987d-4e1e320afa25%7D:2.0
FF - prefs.js..extensions.enabledAddons: socialfixer%40mattkruse.com:7.321
FF - prefs.js..extensions.enabledAddons: url_advisor%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: virtual_keyboard%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: content_blocker%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: online_banking%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: https-everywhere%40eff.org:3.1.2
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: firejump%40firejump.net:1.0.2.5
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.6
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.4.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@jazz-soft.com/JazzPlugin: C:\Program Files (x86)\Jazz-Soft\Jazz-Plugin\npJazz.dll (Jazz-Soft)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012.12.20 12:09:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012.12.20 12:09:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012.12.20 12:09:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012.12.20 12:09:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012.12.20 12:09:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.01.11 17:32:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.20 01:20:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.20 01:20:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.08 21:34:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.20 01:20:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.20 01:20:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.08 21:34:47 | 000,000,000 | ---D | M]
[2012.09.16 10:07:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Extensions
[2013.01.20 23:29:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions
[2013.01.11 08:42:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.12.17 12:09:09 | 000,000,000 | ---D | M] (Zoomex) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\50cf00df7b572@50cf00df7b5ab.com
[2013.01.09 10:21:49 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\firefox@ghostery.com
[2012.09.16 10:55:51 | 000,000,000 | ---D | M] (FireJump) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\firejump@firejump.net
[2013.01.08 09:02:20 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\https-everywhere@eff.org
[2012.10.02 20:23:04 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\c49yuloy.default\extensions\support@predictad.com
[2013.01.19 13:13:25 | 000,363,736 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\client@anonymox.net.xpi
[2012.12.30 12:04:41 | 001,014,455 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\IDGARD@jetpack.xpi
[2013.01.16 10:46:16 | 000,389,447 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
[2012.12.11 08:53:36 | 000,160,219 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\socialfixer@mattkruse.com.xpi
[2013.01.19 13:13:27 | 000,533,221 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.08.04 09:17:56 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2013.01.11 08:42:30 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.04.26 17:32:10 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013.01.16 10:46:20 | 000,266,840 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012.04.26 17:31:50 | 000,021,692 | ---- | M] () (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\extensions\{fbfbcf27-b313-47a9-987d-4e1e320afa25}.xpi
[2012.04.27 15:53:16 | 000,010,345 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\searchplugins\duckduckgo.xml
[2013.01.20 01:12:52 | 000,005,492 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\c49yuloy.default\searchplugins\startpage-https---deutsch.xml
[2013.01.20 01:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.01.11 17:32:38 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video> -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.12.20 12:09:16 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM
[2012.12.20 12:09:16 | 000,000,000 | ---D | M] (Content Blocker) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\CONTENT_BLOCKER@KASPERSKY.COM
[2012.12.20 12:09:16 | 000,000,000 | ---D | M] (Safe Money) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ONLINE_BANKING@KASPERSKY.COM
[2012.12.20 12:09:16 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\URL_ADVISOR@KASPERSKY.COM
[2012.12.20 12:09:16 | 000,000,000 | ---D | M] (Virtual Keyboard) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\VIRTUAL_KEYBOARD@KASPERSKY.COM
[2013.01.20 01:20:22 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.10.02 20:23:04 | 000,003,189 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\acpro.xml
[2012.10.12 08:04:02 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.12 08:04:02 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.12 08:04:02 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.12 08:04:02 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.12 08:04:02 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.12 08:04:02 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [LMPSSDMON] C:\Program Files\Lexmark\Monitor\ACB\LMabMON.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [Everything] C:\Program Files (x86)\Everything\Everything.exe ()
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4201702909-4008549763-78736917-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4201702909-4008549763-78736917-1001..\Run: [LMab1err] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe ( )
O4 - HKU\S-1-5-21-4201702909-4008549763-78736917-1001..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-4201702909-4008549763-78736917-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk = C:\Users\Martin\AppData\Roaming\Wuala\Wuala.exe (LaCie)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 24
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DelayedDesktopSwitchTimeout = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4201702909-4008549763-78736917-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4201702909-4008549763-78736917-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - Reg Error: Value error. File not found
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E31218D-361B-4872-9F7F-D0C36B9F2B8A}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D648904F-7844-46DB-9E63-BE91958D2678}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O27:64bit: - HKLM IFEO\itunes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\spyhunter4.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\wuala.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\itunes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\spyhunter4.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\wuala.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.01.13 10:58:42 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{90305345-000b-11e2-a4e7-c48508129624}\Shell - "" = AutoRun
O33 - MountPoints2\{90305345-000b-11e2-a4e7-c48508129624}\Shell\AutoRun\command - "" = F:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
to be continued...
-
and part two:
========== Files/Folders - Created Within 30 Days ==========
[2013.01.21 09:33:12 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Evernote
[2013.01.21 09:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins
[2013.01.21 09:06:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo
[2013.01.21 09:06:31 | 000,015,776 | ---- | C] (Wacom Technology) -- C:\windows\SysNative\drivers\wacomrouterfilter.sys
[2013.01.21 09:06:29 | 000,081,312 | ---- | C] (Wacom Technology) -- C:\windows\SysNative\drivers\wachidrouter.sys
[2013.01.21 09:06:29 | 000,013,728 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\hidkmdf.sys
[2013.01.20 01:20:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.19 09:52:44 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2013.01.19 09:52:39 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Wacom
[2013.01.19 09:52:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Wacom
[2013.01.19 09:52:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock
[2013.01.19 09:52:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013.01.19 09:52:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Dock
[2013.01.19 09:49:38 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\WTablet
[2013.01.19 09:49:37 | 001,974,656 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysNative\Pen_Touch_Tablet.dll
[2013.01.19 09:49:37 | 001,621,888 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysWow64\Pen_Touch_Tablet.dll
[2013.01.19 09:49:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins
[2013.01.19 09:49:25 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\windows\SysNative\drivers\wacommousefilter.sys
[2013.01.19 09:49:14 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\windows\SysNative\drivers\wacomvhid.sys
[2013.01.19 09:49:12 | 001,981,824 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysNative\Pen_Tablet.dll
[2013.01.19 09:49:12 | 001,844,096 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysNative\Wintab32.dll
[2013.01.19 09:49:12 | 001,841,024 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysNative\WacomMT.dll
[2013.01.19 09:49:12 | 001,629,056 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysWow64\Pen_Tablet.dll
[2013.01.19 09:49:12 | 001,510,272 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysWow64\Wintab32.dll
[2013.01.19 09:49:12 | 001,506,176 | ---- | C] (Wacom Technology, Corp.) -- C:\windows\SysWow64\WacomMT.dll
[2013.01.19 09:49:10 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet
[2013.01.16 08:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.01.15 10:37:16 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
[2013.01.15 10:37:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Everything
[2013.01.13 13:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013.01.13 13:16:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013.01.13 10:58:29 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013.01.13 10:58:28 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013.01.13 10:58:28 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.01.13 10:57:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.01.12 16:29:28 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\TeamViewer
[2013.01.12 10:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013.01.12 10:44:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013.01.12 10:23:01 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Content Management Utility
[2013.01.11 19:40:18 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Sony Corporation
[2013.01.11 18:29:22 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_41.dll
[2013.01.11 18:29:22 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_41.dll
[2013.01.11 18:29:22 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_41.dll
[2013.01.11 18:29:22 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_4.dll
[2013.01.11 18:29:22 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_41.dll
[2013.01.11 18:29:22 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_4.dll
[2013.01.11 18:29:22 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_3.dll
[2013.01.11 18:29:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_4.dll
[2013.01.11 18:29:21 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_4.dll
[2013.01.11 18:29:21 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_6.dll
[2013.01.11 18:29:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_6.dll
[2013.01.11 18:29:20 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_40.dll
[2013.01.11 18:29:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_40.dll
[2013.01.11 18:29:20 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_40.dll
[2013.01.11 18:29:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_40.dll
[2013.01.11 18:29:20 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_40.dll
[2013.01.11 18:29:20 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_3.dll
[2013.01.11 18:29:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_3.dll
[2013.01.11 18:29:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_40.dll
[2013.01.11 18:29:20 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_2.dll
[2013.01.11 18:29:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_2.dll
[2013.01.11 18:29:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_3.dll
[2013.01.11 18:29:19 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_3.dll
[2013.01.11 18:29:17 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_2.dll
[2013.01.11 18:29:17 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_2.dll
[2013.01.11 18:29:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_2.dll
[2013.01.11 18:29:17 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_2.dll
[2013.01.11 18:29:17 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_1.dll
[2013.01.11 18:29:17 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_1.dll
[2013.01.11 18:29:17 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_5.dll
[2013.01.11 18:29:17 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_5.dll
[2013.01.11 18:29:16 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_39.dll
[2013.01.11 18:29:16 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_39.dll
[2013.01.11 18:29:16 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_39.dll
[2013.01.11 18:29:16 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_39.dll
[2013.01.11 18:29:14 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_39.dll
[2013.01.11 18:29:14 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_39.dll
[2013.01.11 18:29:14 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_1.dll
[2013.01.11 18:29:14 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_1.dll
[2013.01.11 18:29:14 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_0.dll
[2013.01.11 18:29:14 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_0.dll
[2013.01.11 18:29:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_1.dll
[2013.01.11 18:29:13 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_1.dll
[2013.01.11 18:29:13 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_4.dll
[2013.01.11 18:29:13 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_4.dll
[2013.01.11 18:29:12 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_38.dll
[2013.01.11 18:29:12 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_38.dll
[2013.01.11 18:29:12 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_38.dll
[2013.01.11 18:29:12 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_38.dll
[2013.01.11 18:29:10 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_38.dll
[2013.01.11 18:29:10 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_38.dll
[2013.01.11 18:29:09 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_0.dll
[2013.01.11 18:29:09 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_0.dll
[2013.01.11 18:29:08 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_0.dll
[2013.01.11 18:29:08 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_0.dll
[2013.01.11 18:29:08 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_3.dll
[2013.01.11 18:29:08 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_3.dll
[2013.01.11 18:29:07 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_37.dll
[2013.01.11 18:29:07 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_37.dll
[2013.01.11 18:29:07 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_37.dll
[2013.01.11 18:29:07 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_37.dll
[2013.01.11 18:29:04 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_37.dll
[2013.01.11 18:29:04 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_37.dll
[2013.01.11 18:29:04 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll
[2013.01.11 18:29:04 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll
[2013.01.11 18:29:04 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll
[2013.01.11 18:29:04 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll
[2013.01.11 18:29:04 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll
[2013.01.11 18:29:04 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll
[2013.01.11 18:29:03 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll
[2013.01.11 18:29:03 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll
[2013.01.11 18:29:02 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
[2013.01.11 18:29:02 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll
[2013.01.11 18:29:02 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
[2013.01.11 18:29:02 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
[2013.01.11 18:29:02 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
[2013.01.11 18:29:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
[2013.01.11 18:29:02 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
[2013.01.11 18:29:02 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
[2013.01.11 18:29:02 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
[2013.01.11 18:29:02 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
[2013.01.11 18:29:02 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll
[2013.01.11 18:29:02 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll
[2013.01.11 18:29:01 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
[2013.01.11 18:29:01 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
[2013.01.11 18:29:01 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
[2013.01.11 18:29:01 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
[2013.01.11 18:29:01 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
[2013.01.11 18:29:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
[2013.01.11 18:29:00 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
[2013.01.11 18:29:00 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2013.01.11 18:29:00 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
[2013.01.11 18:29:00 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
[2013.01.11 18:29:00 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
[2013.01.11 18:29:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
[2013.01.11 18:29:00 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
[2013.01.11 18:29:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
[2013.01.11 18:29:00 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
[2013.01.11 18:29:00 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
[2013.01.11 18:28:59 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
[2013.01.11 18:28:59 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
[2013.01.11 18:28:58 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2013.01.11 18:28:58 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2013.01.11 18:28:58 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2013.01.11 18:28:58 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2013.01.11 18:28:57 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_32.dll
[2013.01.11 18:28:57 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_32.dll
[2013.01.11 18:28:56 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
[2013.01.11 18:28:56 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2013.01.11 18:28:56 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2013.01.11 18:28:56 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
[2013.01.11 18:28:56 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
[2013.01.11 18:28:55 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
[2013.01.11 18:28:55 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
[2013.01.11 18:28:55 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
[2013.01.11 18:28:55 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
[2013.01.11 18:28:55 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
[2013.01.11 18:28:55 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
[2013.01.11 18:28:55 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
[2013.01.11 18:28:55 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
[2013.01.11 18:28:54 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
[2013.01.11 18:28:54 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
[2013.01.11 18:28:51 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
[2013.01.11 18:28:51 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
[2013.01.11 18:28:50 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
[2013.01.11 18:28:50 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2013.01.11 18:28:50 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2013.01.11 18:28:50 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2013.01.11 18:28:50 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
[2013.01.11 18:28:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
[2013.01.11 18:28:50 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
[2013.01.11 18:28:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
[2013.01.11 18:28:49 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2013.01.11 18:28:49 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2013.01.11 18:28:49 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2013.01.11 18:28:49 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2013.01.11 18:28:49 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2013.01.11 18:28:49 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2013.01.11 18:28:48 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2013.01.11 18:28:48 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2013.01.11 17:31:54 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\DivX
[2013.01.11 17:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2013.01.11 17:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.01.11 17:31:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2013.01.11 17:27:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013.01.11 17:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2013.01.11 17:26:24 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_42.dll
[2013.01.11 17:26:23 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
[2013.01.11 17:25:07 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
[2013.01.11 17:25:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2013.01.11 17:24:10 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.01.11 17:24:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013.01.11 17:23:51 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Winamp
[2013.01.11 17:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2013.01.10 18:59:20 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Flavio Tordini
[2013.01.10 18:58:36 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Musique
[2013.01.10 18:58:33 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Musique
[2013.01.10 13:52:12 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\MAGIX_MusicEditor
[2013.01.10 13:52:10 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Xara
[2013.01.10 13:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared
[2013.01.10 10:40:17 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\TURegOpt.exe
[2013.01.10 10:40:13 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\authuitu.dll
[2013.01.10 10:40:12 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\windows\SysWow64\authuitu.dll
[2013.01.10 10:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.01.10 10:39:41 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\TuneUp Software
[2013.01.10 10:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.01.10 10:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.01.10 10:38:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.01.10 10:38:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.01.09 23:06:31 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\MAGIX Downloads
[2013.01.09 23:06:30 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\MAGIX
[2013.01.09 16:15:12 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\simplitec
[2013.01.09 12:15:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX
[2013.01.09 12:13:51 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\MAGIX
[2013.01.09 12:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2013.01.09 12:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2013.01.09 12:13:01 | 000,000,000 | ---D | C] -- C:\ProgramData\simplitec
[2013.01.09 12:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2013.01.09 12:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2013.01.09 12:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013.01.09 09:03:29 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013.01.09 09:03:28 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2013.01.09 09:03:19 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2013.01.09 09:03:19 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2013.01.09 09:03:15 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2013.01.09 09:03:15 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2013.01.09 09:03:15 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll
[2013.01.09 09:03:15 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
[2013.01.09 09:03:15 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
[2013.01.09 09:03:15 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs
[2013.01.09 09:03:15 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
[2013.01.09 09:03:15 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs
[2013.01.09 09:03:15 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
[2013.01.09 09:03:15 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs
[2013.01.09 09:03:15 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
[2013.01.09 09:03:15 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs
[2013.01.09 09:03:15 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
[2013.01.09 09:03:15 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs
[2013.01.09 09:03:15 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
[2013.01.09 09:03:15 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs
[2013.01.09 09:03:15 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
[2013.01.09 09:03:15 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs
[2013.01.09 09:03:15 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
[2013.01.09 09:03:15 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs
[2013.01.09 09:03:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
[2013.01.09 09:03:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs
[2013.01.09 09:03:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs
[2013.01.09 09:03:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
[2013.01.09 09:03:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs
[2013.01.09 09:03:15 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
[2013.01.09 09:03:15 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs
[2013.01.09 09:03:14 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
[2013.01.09 09:03:14 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs
[2013.01.09 09:03:14 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
[2013.01.09 09:03:14 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs
[2013.01.09 09:03:14 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
[2013.01.09 09:02:56 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013.01.09 09:02:56 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013.01.09 09:02:55 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2013.01.09 09:02:55 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013.01.09 09:02:55 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013.01.09 09:02:55 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013.01.09 09:02:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013.01.09 09:02:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2013.01.09 09:02:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013.01.09 09:02:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2013.01.09 09:02:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013.01.09 09:02:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 09:02:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 09:02:55 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 09:02:55 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 09:02:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013.01.09 09:02:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 09:02:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 09:02:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 09:02:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013.01.09 09:02:39 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2013.01.08 21:34:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.01.08 21:28:24 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{35879EB4-B502-4EA8-A806-C52FBC551FE8}
[2013.01.04 00:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
[2013.01.04 00:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audiograbber
[2013.01.02 13:15:18 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Windows Live
[2013.01.02 13:14:56 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\{9A8FCBE6-6F7C-4010-A61D-9C5C05AF89D3}
[2013.01.01 17:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
[2012.12.30 14:39:24 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\shexview-x64
[2012.12.30 12:15:33 | 000,000,000 | ---D | C] -- C:\Users\Martin\dwhelper
[2012.12.29 21:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge WinTV
[2012.12.29 21:35:43 | 000,038,672 | ---- | C] (PCTV Systems S.à r.l.) -- C:\windows\SysWow64\pcleUtil.dll
[2012.12.29 21:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinTV
[2012.12.29 21:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Hauppauge
[2012.12.29 21:18:19 | 000,831,554 | ---- | C] (Hauppauge Computer Works) -- C:\windows\SysWow64\hcwtvwnd.dll
[2012.12.29 21:18:19 | 000,323,640 | ---- | C] (Hauppauge Computer Works) -- C:\windows\SysWow64\hcwpnp32.dll
[2012.12.29 21:18:19 | 000,118,840 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\windows\SysWow64\hcwi2c32.dll
[2012.12.29 21:18:19 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\windows\SysWow64\hcwutl32.dll
[2012.12.29 21:00:34 | 000,658,944 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\windows\SysNative\drivers\hcw95bda.sys
[2012.12.29 21:00:34 | 000,019,840 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\windows\SysNative\hcw95rc.sys
[2012.12.29 21:00:34 | 000,019,840 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\windows\SysNative\drivers\hcw95rc.sys
[2012.12.29 21:00:31 | 000,000,000 | ---D | C] -- C:\Hauppauge
[2012.12.29 18:25:24 | 000,000,000 | ---D | C] -- C:\Users\Martin\.mediathek3
[2012.12.29 18:13:46 | 002,179,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc71d.dll
[2012.12.29 18:13:46 | 000,765,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp71d.dll
[2012.12.29 18:13:46 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr71d.dll
[2012.12.29 18:13:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IviSDK
[2012.12.29 18:13:00 | 001,409,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.007
[2012.12.29 18:13:00 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSComCt2.ocx
[2012.12.29 18:13:00 | 000,598,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.003
[2012.12.29 18:13:00 | 000,204,800 | ---- | C] (Hauppauge Computer Works) -- C:\windows\SysWow64\Mdcustoms.ocx
[2012.12.29 18:13:00 | 000,164,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.004
[2012.12.29 18:13:00 | 000,147,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.005
[2012.12.29 18:13:00 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Msinet.ocx
[2012.12.29 18:13:00 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSSTDFMT.DLL
[2012.12.29 18:13:00 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSCAL.OCX
[2012.12.29 18:13:00 | 000,069,632 | ---- | C] (Hauppauge Computer Works ) -- C:\windows\SysWow64\3DES.dll
[2012.12.29 18:13:00 | 000,053,248 | ---- | C] (Hauppauge) -- C:\windows\SysWow64\MDCustomPanels.ocx
[2012.12.29 18:13:00 | 000,022,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.008
[2012.12.29 18:13:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.006
[2012.12.29 18:12:22 | 000,000,000 | ---D | C] -- C:\MyVideos
[2012.12.29 18:11:54 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.002
[2012.12.29 18:11:54 | 000,278,581 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.001
[2012.12.29 18:11:54 | 000,077,878 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\temp.000
[2012.12.27 21:41:11 | 000,000,000 | ---D | C] -- C:\Users\Martin\.VirtualBox
[2012.12.27 21:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2012.12.27 21:39:50 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.12.27 15:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.12.27 15:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012.12.27 15:49:12 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\windows\SysNative\sdnclean64.exe
[2012.12.27 15:49:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2012.12.25 09:27:18 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\redsn0w
[2012.12.22 21:13:45 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\dvdcss
[2012.09.18 20:05:47 | 000,409,600 | ---- | C] (Kaspersky Lab ZAO) -- C:\Program Files\rescue2usb.exe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.21 12:19:20 | 000,015,473 | ---- | M] () -- C:\Users\Martin\Desktop\WSfS-Arbeit.ods
[2013.01.21 12:06:02 | 000,000,029 | ---- | M] () -- C:\windows\SysWow64\TempWmicBatchFile.bat
[2013.01.21 11:41:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.01.21 11:27:41 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.01.21 10:33:27 | 000,198,876 | ---- | M] () -- C:\Users\Martin\Desktop\f---1083.pdf
[2013.01.21 10:33:16 | 000,067,963 | ---- | M] () -- C:\Users\Martin\Desktop\TI-3031_LP.pdf
[2013.01.21 09:20:58 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf
[2013.01.21 09:20:09 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.21 09:20:09 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.21 09:11:17 | 000,000,280 | ---- | M] () -- C:\windows\tasks\AbelssoftPreloader.job
[2013.01.21 09:11:13 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013.01.21 09:10:45 | 4065,890,303 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.20 23:36:39 | 000,001,054 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.01.20 23:23:24 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013.01.20 00:17:46 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Foto Manager MX Deluxe.lnk
[2013.01.20 00:06:55 | 001,507,170 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.01.20 00:06:55 | 000,657,676 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.01.20 00:06:55 | 000,618,912 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.01.20 00:06:55 | 000,131,016 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.01.20 00:06:55 | 000,107,232 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.01.19 23:07:59 | 000,045,083 | ---- | M] () -- C:\Users\Martin\Desktop\CA-Planung.ods
[2013.01.19 09:52:30 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\Bamboo Dock.lnk
[2013.01.19 09:35:53 | 000,677,816 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.01.18 14:39:36 | 000,053,381 | ---- | M] () -- C:\Users\Martin\Desktop\whoa.zip
[2013.01.16 08:36:32 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.01.15 17:22:30 | 000,021,573 | ---- | M] () -- C:\Users\Martin\Desktop\organigramm 11 2012.pdf
[2013.01.14 12:00:16 | 000,022,660 | ---- | M] () -- C:\Users\Martin\Desktop\Maja Muster.pdf
[2013.01.13 23:06:05 | 000,133,938 | ---- | M] () -- C:\Users\Martin\Desktop\wsfs-alt.jpg
[2013.01.13 22:43:41 | 000,143,547 | ---- | M] () -- C:\Users\Martin\Desktop\256026_473359232685334_1795865310_o.jpg
[2013.01.13 15:46:24 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013.01.13 15:12:30 | 000,046,890 | ---- | M] () -- C:\Users\Martin\Desktop\magix.jpg
[2013.01.13 13:54:32 | 000,002,926 | ---- | M] () -- C:\Users\Martin\Desktop\attach.zip
[2013.01.13 13:42:53 | 000,350,559 | ---- | M] () -- C:\Users\Martin\Desktop\avast_antirootkit.jpg
[2013.01.13 13:16:18 | 000,000,865 | ---- | M] () -- C:\Users\Martin\Desktop\ERUNT.lnk
[2013.01.13 10:58:42 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.01.13 10:58:29 | 000,002,256 | ---- | M] () -- C:\Users\Martin\Desktop\SpyHunter.lnk
[2013.01.12 10:44:35 | 000,001,347 | ---- | M] () -- C:\Users\Public\Desktop\Content Management Utility.lnk
[2013.01.11 18:07:11 | 008,057,590 | ---- | M] () -- C:\Users\Martin\Desktop\Sony NEX-FS700EK.pdf
[2013.01.11 17:32:41 | 000,001,614 | ---- | M] () -- C:\Users\Martin\Desktop\DivX Movies.lnk
[2013.01.11 17:32:08 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.01.11 17:31:35 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.01.10 13:52:06 | 000,120,200 | ---- | M] () -- C:\windows\SysWow64\DLLDEV32i.dll
[2013.01.10 13:51:38 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Plus.lnk
[2013.01.10 10:40:08 | 000,002,169 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.01.10 09:41:48 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.01.10 09:41:48 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.09 12:13:46 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Slideshow Maker 2.lnk
[2013.01.04 00:37:09 | 000,000,486 | ---- | M] () -- C:\windows\cdplayer.ini
[2013.01.04 00:30:11 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\Audiograbber.lnk
[2013.01.01 17:43:57 | 000,000,939 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2012.12.30 02:32:00 | 000,000,927 | ---- | M] () -- C:\Users\Martin\Desktop\MediathekView.exe - Verknüpfung.lnk
[2012.12.30 00:07:16 | 324,011,604 | ---- | M] () -- C:\Users\Martin\Rockpalast-Skunk_Anansie__Rocknacht_Special_2009_-rocknacht_special09_skunk_anansie.flv
[2012.12.29 23:55:51 | 680,228,746 | ---- | M] () -- C:\Users\Martin\Rockpalast-Me_First_&_The_Gimme_Gimmes__Area4_2012_-area4_12_me_first_n_the_gimme_gimmes_web_l.mp4.flv
[2012.12.29 23:48:37 | 740,226,961 | ---- | M] () -- C:\Users\Martin\Rockpalast-Red_Hot_Chili_Peppers__Rock_im_Pott_2012_-120924_rockpalast_chilli_peppers_web_l.mp4.flv
[2012.12.29 23:02:59 | 582,069,925 | ---- | M] () -- C:\Users\Martin\Rockpalast-LaBrassBanda_-_ein_musikalischer_Heimatfilm__2012_-labrassbanda_ein_musikalischer_heimatfilm_web_l.mp4.flv
[2012.12.29 22:49:15 | 1375,369,246 | ---- | M] () -- C:\Users\Martin\Tatort-Wunsch-Tatort__Die_Ballade_von_Cenk_und_...-format354323.mp4.flv
[2012.12.29 21:41:57 | 130,667,052 | ---- | M] () -- C:\Users\Martin\Rockpalast-LaBrassBanda__Reeperbahn_Festival_2010_-reeperbahn_festival10_labrassbanda.mp4.flv
[2012.12.29 21:37:04 | 000,001,082 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk
[2012.12.29 21:37:04 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\WinTV 7.lnk
[2012.12.29 21:36:57 | 000,000,209 | ---- | M] () -- C:\windows\ODBCINST.INI
[2012.12.29 21:36:57 | 000,000,135 | ---- | M] () -- C:\windows\ODBC.INI
[2012.12.29 21:36:25 | 000,037,639 | ---- | M] () -- C:\windows\Irremote.ini
[2012.12.29 21:36:25 | 000,000,960 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
[2012.12.29 21:35:06 | 000,007,188 | ---- | M] () -- C:\windows\HCWPNP.INI
[2012.12.29 21:21:28 | 933,834,752 | ---- | M] () -- C:\Users\Martin\Tatort-Wunsch-Tatort__Kinderland__FSK___ab_20_Uhr_-format354248.mp4.flv
[2012.12.29 21:21:06 | 021,880,832 | ---- | M] () -- C:\Users\Martin\Rockpalast-LaBrassBanda__Haldern_Pop_2011_-haldern11_labrassbanda.mp4.flv
[2012.12.27 21:40:02 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.12.27 16:08:10 | 000,000,285 | ---- | M] () -- C:\windows\wininit.ini
[2012.12.27 15:49:16 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012.12.24 13:09:16 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2012.12.22 13:52:41 | 000,001,403 | ---- | M] () -- C:\Users\Martin\Desktop\Windows installieren.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.21 10:33:27 | 000,198,876 | ---- | C] () -- C:\Users\Martin\Desktop\f---1083.pdf
[2013.01.21 10:33:15 | 000,067,963 | ---- | C] () -- C:\Users\Martin\Desktop\TI-3031_LP.pdf
[2013.01.21 09:20:58 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf
[2013.01.19 09:52:30 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\Bamboo Dock.lnk
[2013.01.18 14:39:36 | 000,053,381 | ---- | C] () -- C:\Users\Martin\Desktop\whoa.zip
[2013.01.17 14:38:06 | 000,045,083 | ---- | C] () -- C:\Users\Martin\Desktop\CA-Planung.ods
[2013.01.16 08:36:32 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.01.15 17:22:30 | 000,021,573 | ---- | C] () -- C:\Users\Martin\Desktop\organigramm 11 2012.pdf
[2013.01.15 09:20:26 | 000,015,473 | ---- | C] () -- C:\Users\Martin\Desktop\WSfS-Arbeit.ods
[2013.01.14 12:00:17 | 000,022,660 | ---- | C] () -- C:\Users\Martin\Desktop\Maja Muster.pdf
[2013.01.13 22:58:14 | 000,133,938 | ---- | C] () -- C:\Users\Martin\Desktop\wsfs-alt.jpg
[2013.01.13 22:43:36 | 000,143,547 | ---- | C] () -- C:\Users\Martin\Desktop\256026_473359232685334_1795865310_o.jpg
[2013.01.13 15:12:25 | 000,046,890 | ---- | C] () -- C:\Users\Martin\Desktop\magix.jpg
[2013.01.13 13:54:32 | 000,002,926 | ---- | C] () -- C:\Users\Martin\Desktop\attach.zip
[2013.01.13 13:42:51 | 000,350,559 | ---- | C] () -- C:\Users\Martin\Desktop\avast_antirootkit.jpg
[2013.01.13 13:16:18 | 000,000,865 | ---- | C] () -- C:\Users\Martin\Desktop\ERUNT.lnk
[2013.01.13 10:58:42 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.01.13 10:58:32 | 000,022,704 | ---- | C] () -- C:\windows\SysNative\drivers\EsgScanner.sys
[2013.01.13 10:58:29 | 000,002,256 | ---- | C] () -- C:\Users\Martin\Desktop\SpyHunter.lnk
[2013.01.12 10:44:35 | 000,001,347 | ---- | C] () -- C:\Users\Public\Desktop\Content Management Utility.lnk
[2013.01.11 18:07:11 | 008,057,590 | ---- | C] () -- C:\Users\Martin\Desktop\Sony NEX-FS700EK.pdf
[2013.01.11 17:32:41 | 000,001,614 | ---- | C] () -- C:\Users\Martin\Desktop\DivX Movies.lnk
[2013.01.11 17:32:08 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.01.11 17:31:35 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.01.11 17:26:29 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013.01.10 13:51:38 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Plus.lnk
[2013.01.10 10:40:08 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.01.10 10:40:07 | 000,002,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.01.09 12:15:23 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Foto Manager MX Deluxe.lnk
[2013.01.09 12:13:46 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Slideshow Maker 2.lnk
[2013.01.04 00:30:11 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\Audiograbber.lnk
[2012.12.30 02:32:00 | 000,000,927 | ---- | C] () -- C:\Users\Martin\Desktop\MediathekView.exe - Verknüpfung.lnk
[2012.12.29 23:48:41 | 324,011,604 | ---- | C] () -- C:\Users\Martin\Rockpalast-Skunk_Anansie__Rocknacht_Special_2009_-rocknacht_special09_skunk_anansie.flv
[2012.12.29 23:03:03 | 680,228,746 | ---- | C] () -- C:\Users\Martin\Rockpalast-Me_First_&_The_Gimme_Gimmes__Area4_2012_-area4_12_me_first_n_the_gimme_gimmes_web_l.mp4.flv
[2012.12.29 22:49:19 | 740,226,961 | ---- | C] () -- C:\Users\Martin\Rockpalast-Red_Hot_Chili_Peppers__Rock_im_Pott_2012_-120924_rockpalast_chilli_peppers_web_l.mp4.flv
[2012.12.29 21:42:01 | 582,069,925 | ---- | C] () -- C:\Users\Martin\Rockpalast-LaBrassBanda_-_ein_musikalischer_Heimatfilm__2012_-labrassbanda_ein_musikalischer_heimatfilm_web_l.mp4.flv
[2012.12.29 21:37:04 | 000,001,082 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk
[2012.12.29 21:37:04 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\WinTV 7.lnk
[2012.12.29 21:36:25 | 000,000,960 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
[2012.12.29 21:35:40 | 000,142,337 | ---- | C] () -- C:\windows\SysWow64\Wait.exe
[2012.12.29 21:34:58 | 000,007,188 | ---- | C] () -- C:\windows\HCWPNP.INI
[2012.12.29 21:30:28 | 130,667,052 | ---- | C] () -- C:\Users\Martin\Rockpalast-LaBrassBanda__Reeperbahn_Festival_2010_-reeperbahn_festival10_labrassbanda.mp4.flv
[2012.12.29 21:30:18 | 1375,369,246 | ---- | C] () -- C:\Users\Martin\Tatort-Wunsch-Tatort__Die_Ballade_von_Cenk_und_...-format354323.mp4.flv
[2012.12.29 21:18:59 | 021,880,832 | ---- | C] () -- C:\Users\Martin\Rockpalast-LaBrassBanda__Haldern_Pop_2011_-haldern11_labrassbanda.mp4.flv
[2012.12.29 20:40:59 | 933,834,752 | ---- | C] () -- C:\Users\Martin\Tatort-Wunsch-Tatort__Kinderland__FSK___ab_20_Uhr_-format354248.mp4.flv
[2012.12.29 18:13:46 | 000,149,504 | ---- | C] () -- C:\windows\SysWow64\UNWISE.EXE
[2012.12.29 18:13:11 | 000,037,639 | ---- | C] () -- C:\windows\Irremote.ini
[2012.12.29 18:13:00 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\dmcrypto.dll
[2012.12.29 18:12:22 | 000,000,209 | ---- | C] () -- C:\windows\ODBCINST.INI
[2012.12.29 18:12:22 | 000,000,135 | ---- | C] () -- C:\windows\ODBC.INI
[2012.12.27 21:40:02 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.12.27 16:08:10 | 000,000,285 | ---- | C] () -- C:\windows\wininit.ini
[2012.12.27 15:49:16 | 000,002,145 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012.12.27 15:49:16 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012.12.22 13:52:41 | 000,001,403 | ---- | C] () -- C:\Users\Martin\Desktop\Windows installieren.lnk
[2012.11.26 00:30:01 | 000,032,256 | ---- | C] () -- C:\windows\SysWow64\AVSredirect.dll
[2012.11.26 00:27:28 | 000,107,520 | RHS- | C] () -- C:\windows\SysWow64\TAKDSDecoder.dll
[2012.11.08 08:25:03 | 001,526,948 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012.10.13 14:34:22 | 000,340,480 | ---- | C] () -- C:\windows\SysWow64\K8062e.exe
[2012.10.13 14:34:22 | 000,322,048 | ---- | C] () -- C:\windows\SysWow64\Easylase.dll
[2012.10.13 14:34:22 | 000,301,056 | ---- | C] () -- C:\windows\SysWow64\usbdmxfs.dll
[2012.10.13 14:34:22 | 000,110,592 | ---- | C] () -- C:\windows\SysWow64\usb_dll.dll
[2012.10.13 14:34:22 | 000,084,992 | ---- | C] () -- C:\windows\SysWow64\DMX510Vb.dll
[2012.10.13 14:34:22 | 000,049,152 | ---- | C] () -- C:\windows\SysWow64\EspionDll.dll
[2012.10.13 14:34:22 | 000,042,496 | ---- | C] () -- C:\windows\SysWow64\K8062D.dll
[2012.10.13 14:34:22 | 000,037,888 | ---- | C] () -- C:\windows\SysWow64\LPT_dmx.dll
[2012.10.13 14:34:22 | 000,032,768 | ---- | C] () -- C:\windows\SysWow64\MPUSBAPI.DLL
[2012.10.13 14:34:22 | 000,017,920 | ---- | C] () -- C:\windows\SysWow64\usbdmxsi.dll
[2012.10.13 14:34:22 | 000,016,384 | ---- | C] () -- C:\windows\SysWow64\FASTTime32.dll
[2012.10.13 14:34:22 | 000,003,584 | ---- | C] () -- C:\windows\SysWow64\drivers\dlportio.sys
[2012.10.13 14:34:21 | 000,077,824 | ---- | C] () -- C:\windows\SysWow64\dashardvb.dll
[2012.10.13 14:34:21 | 000,044,544 | ---- | C] () -- C:\windows\SysWow64\dmx60.dll
[2012.10.13 14:34:21 | 000,044,544 | ---- | C] () -- C:\windows\SysWow64\dmx120.dll
[2012.10.13 14:34:21 | 000,036,864 | ---- | C] () -- C:\windows\SysWow64\USB.dll
[2012.10.13 14:34:21 | 000,032,768 | ---- | C] () -- C:\windows\SysWow64\inpout32.dll
[2012.09.26 12:36:22 | 000,017,408 | ---- | C] () -- C:\Users\Martin\AppData\Local\WebpageIcons.db
[2012.09.22 23:14:19 | 000,000,486 | ---- | C] () -- C:\windows\cdplayer.ini
[2012.09.18 20:05:48 | 000,028,160 | ---- | C] () -- C:\Program Files\syslinux.exe
[2012.09.18 20:05:48 | 000,000,237 | ---- | C] () -- C:\Program Files\syslinux.cfg
[2012.09.18 20:05:47 | 000,237,849 | ---- | C] () -- C:\Program Files\grub.exe
[2012.09.17 10:30:01 | 001,044,480 | ---- | C] ( ) -- C:\windows\SysWow64\lmabserv.dll
[2012.09.17 10:30:01 | 000,802,816 | ---- | C] ( ) -- C:\windows\SysWow64\lmabcomc.dll
[2012.09.17 10:30:01 | 000,593,920 | ---- | C] ( ) -- C:\windows\SysWow64\lmabcoms.exe
[2012.09.17 10:30:01 | 000,376,832 | ---- | C] ( ) -- C:\windows\SysWow64\lmabcomm.dll
[2012.09.17 10:30:01 | 000,356,352 | ---- | C] ( ) -- C:\windows\SysWow64\lmabhcp.dll
[2012.09.16 17:11:50 | 000,000,396 | ---- | C] () -- C:\windows\hbcikrnl.ini
[2012.09.16 17:11:46 | 000,167,936 | ---- | C] () -- C:\windows\SysWow64\SerialXP.dll
[2012.09.16 17:11:46 | 000,027,648 | ---- | C] () -- C:\windows\SysWow64\win32com.dll
[2012.09.16 08:23:56 | 002,469,760 | ---- | C] () -- C:\windows\SysWow64\BootMan.exe
[2012.09.16 08:23:56 | 000,086,408 | ---- | C] () -- C:\windows\SysWow64\setupempdrv03.exe
[2012.09.16 08:23:56 | 000,019,840 | ---- | C] () -- C:\windows\SysWow64\EuEpmGdi.dll
[2012.09.16 08:23:56 | 000,014,216 | ---- | C] () -- C:\windows\SysWow64\epmntdrv.sys
[2012.09.16 08:23:56 | 000,008,456 | ---- | C] () -- C:\windows\SysWow64\EuGdiDrv.sys
[2012.05.10 21:17:42 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2012.05.10 19:48:20 | 000,003,226 | ---- | C] () -- C:\windows\HotFixList.ini
[2012.02.06 05:42:56 | 000,734,772 | ---- | C] () -- C:\windows\SysWow64\igkrng700.bin
[2012.02.06 05:42:55 | 000,557,476 | ---- | C] () -- C:\windows\SysWow64\igfcg700m.bin
[2012.02.06 05:42:53 | 000,058,880 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012.02.06 05:42:52 | 012,978,688 | ---- | C] () -- C:\windows\SysWow64\ig7icd32.dll
[2012.02.02 14:08:26 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
[2011.05.20 10:16:50 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2011.05.20 10:16:50 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2011.05.20 10:16:50 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2011.05.20 10:16:50 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
