inesa394 | 09.02.2012 19:47 | Der Scan mit deinen einstellungen scheint zu hängen
bei "Manual file Scan: Getting folder structure" geht es seit 10 Minuten nicht mehr weiter.
soll ich einen normalen Scan ausführen wie bei OTL beschrieben
jetzt kam die Meldung "out of memory"
otl.txt Code:
OTL logfile created on: 09.02.2012 20:05:14 - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\mikelsoft\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,47 Gb Available Physical Memory | 80,97% Memory free
15,99 Gb Paging File | 14,61 Gb Available in Paging File | 91,37% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 56,33 Gb Free Space | 50,39% Space Free | Partition Type: NTFS
Drive D: | 465,66 Gb Total Space | 95,81 Gb Free Space | 20,58% Space Free | Partition Type: NTFS
Drive E: | 138,31 Gb Total Space | 14,18 Gb Free Space | 10,25% Space Free | Partition Type: NTFS
Drive F: | 793,20 Gb Total Space | 395,33 Gb Free Space | 49,84% Space Free | Partition Type: NTFS
Computer Name: ZENTIS | User Name: mikelsoft | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 14 Days
========== Processes (SafeList) ==========
PRC - C:\Users\mikelsoft\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (LMIMaint) -- C:\Program Files\LogMeIn\x64\RaMaint.exe (LogMeIn, Inc.)
SRV:64bit: - (LMIGuardianSvc) -- C:\Program Files\LogMeIn\x64\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV:64bit: - (LogMeIn) -- C:\Program Files\LogMeIn\x64\LogMeIn.exe (LogMeIn, Inc.)
SRV:64bit: - (RichVideo64) -- C:\Program Files\Cyberlink\Shared files\RichVideo64.exe ()
SRV:64bit: - (WinVNC4) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
SRV - (SDUpdateService) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
SRV - (SDScannerService) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (CyberLink PowerDVD 12 Media Server Service) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
SRV - (CLHNServiceForPowerDVD12) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe (CyberLink Corp.)
SRV - (CyberLink PowerDVD 12 Media Server Monitor Service) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (MotoHelper) -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
SRV - (Dyn Updater) -- C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe (Dyn, Inc.)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (wxpSvc) -- C:\Program Files (x86)\wLite\wService.exe (Moonware Studios)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (CLHNServiceForPowerDVD) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe ()
SRV - (CyberLink PowerDVD 11.0 Service) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe (CyberLink)
SRV - (CyberLink PowerDVD 11.0 Monitor Service) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (CyberLink)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (EhttpSrv) -- C:\Programme\ESET\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Programme\ESET\x86\ekrn.exe (ESET)
SRV - (OODefragAgent) -- D:\Programme\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV - (MCSWASVR) -- d:\Programme\Telekom\Mediencenter\WebDAV.AdminService.exe (Deutsche Telekom AG)
SRV - (OS Selector) -- D:\Programme\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (mail) -- D:\Filemon\SysinternalsSuite\winserv.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273) -- C:\Windows\SysNative\drivers\tdrpm273.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (LVUVC64) Logitech HD Webcam C310(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (AODDriver4.01) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (AODDriver4.0) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (BackupReader) -- C:\Windows\SysNative\drivers\BackupReader.sys (Microsoft Corporation)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (LMIRfsDriver) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV:64bit: - (LMIInfo) -- C:\Program Files\LogMeIn\x64\rainfo.sys (LogMeIn, Inc.)
DRV:64bit: - (lmimirr) -- C:\Windows\SysNative\drivers\lmimirr.sys (LogMeIn, Inc.)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (cbfs3) -- C:\Windows\SysNative\drivers\cbfs3.sys (EldoS Corporation)
DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.)
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\drivers\tifsfilt.sys (Acronis)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (motandroidusb) -- C:\Windows\SysNative\drivers\motoandroid.sys (Motorola)
DRV:64bit: - (MEMSWEEP2) -- C:\Windows\SysNative\EDE8.tmp (Sophos Plc)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (vncmirror) -- C:\Windows\SysNative\drivers\vncmirror.sys (RealVNC Ltd.)
DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV:64bit: - (Hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (ntk_PowerDVD12) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys (Cyberlink Corp.)
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl (CyberLink Corp.)
DRV - (ntk_PowerDVD) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys (Cyberlink Corp.)
DRV - (SSPORT) -- C:\Windows\SysWOW64\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.)
DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://uk.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=14597
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B B1 F8 BA 3F 1C CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files (x86)\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files (x86)\AutocompletePro\support@predictad.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.01 21:51:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.11 20:20:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.30 16:06:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Programme\ESET\Mozilla Thunderbird [2011.02.16 20:07:35 | 000,000,000 | ---D | M]
[2011.12.08 18:21:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Extensions
[2009.09.29 11:04:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Extensions\MediaCoder
[2009.12.28 20:44:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Extensions\uploadr@flickr.com
[2012.02.09 16:03:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions
[2011.08.17 14:15:59 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}(149)
[2012.01.11 20:23:00 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.01.27 12:35:37 | 000,000,000 | ---D | M] (TV-Fox) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}
[2011.08.17 14:15:59 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2011.08.17 14:16:00 | 000,000,000 | ---D | M] (Minimap Addon) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}(150)
[2012.01.18 16:55:44 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2011.08.17 14:16:00 | 000,000,000 | ---D | M] (Map+) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{5359A5B3-9AFD-49ee-8C39-0A8F97A2A2D6}
[2011.08.17 14:16:00 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(151)
[2011.08.17 14:16:00 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2011.11.20 15:54:50 | 000,000,000 | ---D | M] (WOT) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.01.27 21:56:51 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2011.12.25 12:33:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.08.17 14:16:00 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(152)
[2011.08.17 14:16:00 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(60)
[2011.08.17 14:15:59 | 000,000,000 | ---D | M] (DT Whois) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\beysim@beysim.net
[2011.08.17 14:15:59 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\firebug@software.joehewitt(63).com
[2011.08.17 14:15:59 | 000,000,000 | ---D | M] (h4ck-y0u Toolbar) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\hackbar@h4ck-y0u.org
[2011.08.17 14:15:59 | 000,000,000 | ---D | M] (Locationbar²) -- C:\Users\mikelsoft\AppData\Roaming\mozilla\Firefox\Profiles\5ggse99m.default\extensions\locationbar2@design-noir.de
[2012.02.01 21:51:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.02.02 20:45:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.01.22 00:44:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2012.01.29 17:12:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.07.29 14:12:26 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.09.29 21:00:15 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012.01.29 15:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.29 14:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 15:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 15:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.19 15:41:57 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012.01.29 15:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 15:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&appid=113&systemid=406&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\mikelsoft\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\mikelsoft\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\mikelsoft\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\mikelsoft\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Orbit Downloader (Enabled) = C:\Users\mikelsoft\AppData\Local\Google\Chrome\Application\plugins\nporbit.dll
CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2012.01.05 16:31:27 | 000,002,749 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Samsung BHO Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - d:\Programme\Samsung AnyWeb Print\W2PBrowser.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Programme\ESET\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [{6C18F224-F804-11DF-A3E9-806E6F6E6963}] C:\Users\mikelsoft\AppData\Roaming\Microsoft\torrent.exe File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Steam] F:\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: &NeoTrace It! - C:\PROGRA~2\NEOTRA~1\NTXcontext.htm ()
O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~2\NEOTRA~1\NTXcontext.htm ()
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - d:\Programme\Samsung AnyWeb Print\W2PBrowser.dll ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: samsungsetup.com ([www] http in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15114/CTPID.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6CCCD374-6BA3-44C0-9C70-801D52F7627B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6CCCD374-6BA3-44C0-9C70-801D52F7627B}: NameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{06b0b34b-f84a-11df-9b38-aaa665e32000}\Shell - "" = AutoRun
O33 - MountPoints2\{06b0b34b-f84a-11df-9b38-aaa665e32000}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{1ed1d896-6326-11df-9de5-001fd0806040}\Shell - "" = AutoRun
O33 - MountPoints2\{1ed1d896-6326-11df-9de5-001fd0806040}\Shell\AutoRun\command - "" = I:\Setup.exe
O33 - MountPoints2\{1ed1d899-6326-11df-9de5-001fd0806040}\Shell - "" = AutoRun
O33 - MountPoints2\{1ed1d899-6326-11df-9de5-001fd0806040}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{31d30b1f-dd20-11de-92e7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{31d30b1f-dd20-11de-92e7-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe setup
O33 - MountPoints2\{52df5b09-e9b0-11e0-abfd-1c6f654cb52a}\Shell - "" = AutoRun
O33 - MountPoints2\{52df5b09-e9b0-11e0-abfd-1c6f654cb52a}\Shell\AutoRun\command - "" = I:\OriginInstaller.exe
O33 - MountPoints2\{713a542d-18c5-11df-ba84-001fd0806040}\Shell - "" = AutoRun
O33 - MountPoints2\{713a542d-18c5-11df-ba84-001fd0806040}\Shell\AutoRun\command - "" = J:\SetupLauncher.exe
O33 - MountPoints2\{7b0ff70d-0d6f-11e1-bd6a-1c6f654cb52a}\Shell - "" = AutoRun
O33 - MountPoints2\{7b0ff70d-0d6f-11e1-bd6a-1c6f654cb52a}\Shell\AutoRun\command - "" = I:\whsconnectorinstall.exe
O33 - MountPoints2\{c9b764a7-2af5-11e0-81af-1c6f654cb52a}\Shell - "" = AutoRun
O33 - MountPoints2\{c9b764a7-2af5-11e0-81af-1c6f654cb52a}\Shell\AutoRun\command - "" = L:\setup.exe -a
O33 - MountPoints2\{d8860dff-fb11-11df-bfb2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d8860dff-fb11-11df-bfb2-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\setup.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 14 Days ==========
[2582.02.25 10:22:54 | 000,000,000 | ---D | C] -- C:\WinHex.15.0-X_Bullet_X
[2012.02.09 18:07:33 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\mikelsoft\Desktop\OTL.exe
[2012.02.09 17:51:02 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.02.09 15:04:05 | 052,128,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2012.02.09 14:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012.02.09 14:48:53 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2012.02.09 14:48:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2012.02.02 21:34:57 | 000,000,000 | ---D | C] -- C:\Users\mikelsoft\AppData\Roaming\Thunderbird
[2012.02.02 21:34:57 | 000,000,000 | ---D | C] -- C:\Users\mikelsoft\AppData\Local\Thunderbird
[2012.02.02 21:22:10 | 000,000,000 | ---D | C] -- C:\Users\mikelsoft\AppData\Local\{6D5B4C0A-CF20-4F92-BDFD-497ED067F1EA}
[2012.02.02 21:21:46 | 000,000,000 | ---D | C] -- C:\Users\mikelsoft\AppData\Local\{3E9616F1-935F-47C3-9677-97DA4160257F}
[2012.02.02 21:20:22 | 000,000,000 | ---D | C] -- C:\Users\mikelsoft\AppData\Local\{F13720B7-D640-413A-AA0C-0BFED2EEC0CF}
[2012.02.02 20:45:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.02.02 20:45:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.02.02 20:17:38 | 000,000,000 | ---D | C] -- C:\Users\mikelsoft\AppData\Roaming\Ember_Media_Manager
[2012.02.02 18:57:25 | 000,000,000 | ---D | C] -- C:\Users\mikelsoft\AppData\Roaming\MediaRenamer
[2012.02.02 18:49:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XBMC
[2012.02.02 18:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\Media Renamer
[2012.02.01 20:50:54 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll.bak
[2012.02.01 20:50:44 | 002,134,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2012.02.01 20:49:54 | 000,000,000 | ---D | C] -- C:\Users\mikelsoft\AppData\Roaming\Win7codecs
[2012.01.27 18:35:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.01.27 12:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.01.27 00:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.01.27 00:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012.01.26 23:57:43 | 000,054,400 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys
[2011.12.07 19:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2010.05.05 19:59:10 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2010.05.05 19:38:18 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[2010.02.03 23:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
[2009.10.10 18:29:13 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\mikelsoft\AppData\Roaming\pcouffin.sys
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\mikelsoft\Documents\*.tmp files -> C:\Users\mikelsoft\Documents\*.tmp -> ]
[1 C:\Users\mikelsoft\*.tmp files -> C:\Users\mikelsoft\*.tmp -> ]
========== Files - Modified Within 14 Days ==========
[2012.02.09 20:05:29 | 011,796,480 | -HS- | M] () -- C:\Users\mikelsoft\NTUSER.DAT
[2012.02.09 19:33:55 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.09 19:33:55 | 000,696,848 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.09 19:33:55 | 000,652,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.09 19:33:55 | 000,148,144 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.09 19:33:55 | 000,121,098 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.09 19:29:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.09 19:29:31 | 001,335,972 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2012.02.09 19:27:08 | 001,805,838 | -H-- | M] () -- C:\Users\mikelsoft\AppData\Local\IconCache.db
[2012.02.09 19:13:07 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.09 19:13:07 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.09 19:06:14 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.09 19:05:54 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.02.09 19:05:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012.02.09 18:07:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\mikelsoft\Desktop\OTL.exe
[2012.02.09 16:12:57 | 000,001,172 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update ESET's license.lnk
[2012.02.09 16:12:57 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Update ESET's license.lnk
[2012.02.09 15:50:05 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.09 15:35:03 | 000,001,241 | ---- | M] () -- C:\Users\mikelsoft\Desktop\taskmgr.exe - Verknüpfung.lnk
[2012.02.09 15:32:54 | 000,001,089 | ---- | M] () -- C:\Users\mikelsoft\Desktop\explorer.lnk
[2012.02.09 14:48:57 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012.02.09 12:45:16 | 000,000,058 | ---- | M] () -- C:\Users\mikelsoft\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2012.02.08 16:47:57 | 000,000,600 | ---- | M] () -- C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
[2012.02.08 16:47:52 | 000,000,600 | ---- | M] () -- C:\Users\mikelsoft\AppData\Local\PUTTY.RND
[2012.02.07 14:52:03 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2012.02.04 20:13:08 | 005,815,523 | ---- | M] () -- C:\Users\mikelsoft\Documents\IMG_0943.JPG
[2012.02.02 20:45:56 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.02.01 22:53:31 | 000,002,188 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 12.lnk
[2012.02.01 21:51:03 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.02.01 20:49:19 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\Media Player Classic - Home Cinema x64.lnk
[2012.02.01 10:14:14 | 000,092,160 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll
[2012.02.01 10:13:20 | 000,053,760 | ---- | M] () -- C:\Windows\SysNative\ff_acm.acm
[2012.01.28 12:12:40 | 000,079,360 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.01.28 12:10:56 | 000,048,128 | ---- | M] () -- C:\Windows\SysWow64\ff_acm.acm
[2012.01.27 18:35:58 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.01.27 00:02:42 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\mikelsoft\Documents\*.tmp files -> C:\Users\mikelsoft\Documents\*.tmp -> ]
[1 C:\Users\mikelsoft\*.tmp files -> C:\Users\mikelsoft\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.02.09 19:27:08 | 001,805,838 | -H-- | C] () -- C:\Users\mikelsoft\AppData\Local\IconCache.db
[2012.02.09 16:12:57 | 000,001,172 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update ESET's license.lnk
[2012.02.09 16:12:57 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Update ESET's license.lnk
[2012.02.09 15:35:03 | 000,001,241 | ---- | C] () -- C:\Users\mikelsoft\Desktop\taskmgr.exe - Verknüpfung.lnk
[2012.02.09 15:32:54 | 000,001,089 | ---- | C] () -- C:\Users\mikelsoft\Desktop\explorer.lnk
[2012.02.09 14:48:57 | 000,002,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012.02.09 14:48:57 | 000,002,173 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012.02.04 20:10:07 | 005,815,523 | ---- | C] () -- C:\Users\mikelsoft\Documents\IMG_0943.JPG
[2012.02.01 22:53:31 | 000,002,188 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 12.lnk
[2012.01.28 12:12:40 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.01.28 12:10:56 | 000,048,128 | ---- | C] () -- C:\Windows\SysWow64\ff_acm.acm
[2012.01.27 18:35:58 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.01.27 00:02:42 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.01.24 14:18:04 | 004,794,880 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2012.01.23 21:14:34 | 000,000,600 | ---- | C] () -- C:\Users\mikelsoft\AppData\Local\PUTTY.RND
[2011.12.12 15:27:19 | 000,000,131 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.12.05 22:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.05 22:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.12.05 13:11:09 | 001,641,646 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.03 17:32:15 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2011.11.10 03:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.11.10 03:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.19 09:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011.08.19 09:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011.08.19 09:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.06.07 16:25:55 | 001,456,640 | ---- | C] () -- C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.19 10:06:02 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.03.19 10:04:28 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.02.24 15:16:48 | 000,000,058 | ---- | C] () -- C:\Users\mikelsoft\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011.01.04 13:28:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.11.29 18:29:25 | 000,000,079 | ---- | C] () -- C:\Users\mikelsoft\AppData\Local\CrystalDiskMark30.ini
[2010.11.28 17:14:53 | 000,000,169 | ---- | C] () -- C:\Windows\Bench32.INI
[2010.11.24 21:02:42 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.11.24 21:02:42 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.10.11 16:49:57 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.10.11 15:38:56 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2010.09.21 22:36:38 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2010.09.21 20:19:57 | 000,000,132 | ---- | C] () -- C:\Users\mikelsoft\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010.05.05 20:37:52 | 000,021,204 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010.05.05 19:56:46 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2010.05.05 19:46:30 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2010.05.05 19:46:30 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2010.05.05 19:38:22 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2010.03.24 18:44:07 | 000,000,000 | ---- | C] () -- C:\ProgramData\CLDShowX.ini
[2010.02.17 14:29:33 | 000,000,600 | ---- | C] () -- C:\Users\mikelsoft\AppData\Roaming\winscp.rnd
[2010.02.14 19:55:19 | 000,000,918 | ---- | C] () -- C:\Users\mikelsoft\AppData\Roaming\coreavc.ini
[2010.02.10 20:01:48 | 000,000,132 | ---- | C] () -- C:\Users\mikelsoft\AppData\Roaming\x264_x64.ini
[2010.01.17 20:33:51 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2010.01.16 14:58:37 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\libpng13.dll
[2010.01.16 14:58:37 | 000,052,836 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2010.01.16 14:58:36 | 000,394,752 | ---- | C] () -- C:\Windows\SysWow64\cygwinb19.dll
[2010.01.16 14:58:34 | 000,709,719 | ---- | C] () -- C:\Windows\unins000.exe
[2010.01.16 14:58:34 | 000,006,581 | ---- | C] () -- C:\Windows\unins000.dat
[2009.12.15 20:07:59 | 000,917,504 | ---- | C] () -- C:\Windows\SysWow64\dtsdecoderdll.dll
[2009.11.06 16:38:03 | 000,001,992 | ---- | C] () -- C:\Windows\aopr.ini
[2009.10.23 18:22:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.10.12 17:32:36 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2009.10.10 18:29:13 | 000,099,384 | ---- | C] () -- C:\Users\mikelsoft\AppData\Roaming\inst.exe
[2009.10.10 18:29:13 | 000,007,859 | ---- | C] () -- C:\Users\mikelsoft\AppData\Roaming\pcouffin.cat
[2009.10.10 18:29:13 | 000,001,167 | ---- | C] () -- C:\Users\mikelsoft\AppData\Roaming\pcouffin.inf
[2009.10.04 12:30:08 | 000,000,017 | ---- | C] () -- C:\Users\mikelsoft\AppData\Local\resmon.resmoncfg
[2009.10.03 15:18:42 | 000,404,656 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2009.09.19 14:06:31 | 000,004,096 | -H-- | C] () -- C:\Users\mikelsoft\AppData\Local\keyfile3.drm
[2009.09.19 13:56:34 | 000,029,696 | ---- | C] () -- C:\Users\mikelsoft\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.16 21:22:16 | 000,000,035 | ---- | C] () -- C:\Windows\SysWow64\everest_cpl.ini
[2009.08.15 20:19:01 | 000,001,057 | ---- | C] () -- C:\Users\mikelsoft\AppData\Roaming\vso_ts_preview.xml
[2009.08.13 20:23:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.13 19:06:40 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL
[2009.08.13 18:58:55 | 000,115,280 | ---- | C] () -- C:\Users\mikelsoft\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.08.13 16:02:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009.07.14 03:34:57 | 000,000,478 | ---- | C] () -- C:\Windows\win.ini
[2009.07.14 03:34:57 | 000,000,269 | ---- | C] () -- C:\Windows\system.ini
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.04 00:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2009.05.27 08:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2008.11.15 19:02:26 | 001,866,670 | ---- | C] () -- C:\Windows\SysWow64\libfftw3f-3.dll
[2008.04.05 18:53:24 | 000,140,288 | ---- | C] () -- C:\Windows\SysWow64\avsfilter.dll
[2007.02.05 16:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2005.09.13 04:09:34 | 000,004,608 | ---- | C] () -- C:\Windows\SysWow64\AvsRecursion.dll
[2004.01.24 03:35:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\avisynth_c.dll
========== LOP Check ==========
[2009.09.19 13:12:17 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\ACD Systems
[2009.08.13 21:49:41 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Acronis
[2011.02.27 20:34:18 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Ashampoo
[2009.08.15 18:38:30 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\avidemux
[2009.09.27 12:37:25 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\BDREBUILDER
[2011.09.09 15:57:05 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\BluRip
[2010.01.22 18:29:51 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\BOM
[2011.05.10 22:52:00 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\BPK
[2011.10.17 15:15:27 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Broad Intelligence
[2010.09.21 22:36:44 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\CAD-KAS
[2011.11.22 15:12:17 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\calibre
[2010.01.30 11:46:19 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Canneverbe Limited
[2009.11.10 18:47:48 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Canon
[2012.01.26 21:19:17 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\DAEMON Tools Lite
[2011.09.09 15:36:49 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\dcunningham.net
[2011.02.11 17:44:16 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\DiskAid
[2011.02.24 15:16:48 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\DonationCoder
[2010.02.10 20:04:42 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\DVDFab
[2011.05.24 15:57:48 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\EAC
[2012.02.02 20:17:38 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Ember_Media_Manager
[2012.02.09 16:08:33 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\FileZilla
[2009.12.28 20:44:22 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Flickr
[2011.12.03 19:22:19 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\foobar2000
[2011.05.26 11:58:31 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Foxit Software
[2011.10.17 15:11:40 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\FreeFileSync
[2010.07.08 14:04:28 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\GHISLER
[2009.11.08 15:36:42 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\gnupg
[2011.07.14 16:03:57 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\go
[2010.11.18 22:03:03 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\GrabPro
[2011.08.31 16:44:56 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\gtk-2.0
[2009.12.28 19:52:52 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Gui4Cli
[2010.02.08 22:20:28 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\HandBrake
[2010.12.02 12:11:09 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\HD Tune Pro
[2011.11.28 14:49:54 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\hybrid
[2009.08.24 17:00:14 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\ImgBurn
[2009.08.13 19:24:54 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\IrfanView
[2011.01.12 19:22:31 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\IsolatedStorage
[2009.08.15 18:13:50 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Leadertech
[2011.02.09 23:07:19 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Local
[2009.12.05 22:55:42 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\MCMPEGEnc
[2012.02.02 19:00:23 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\MediaRenamer
[2011.04.06 13:41:18 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Miranda
[2010.02.14 15:33:30 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\mkvtoolnix
[2011.07.29 20:52:49 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Mobile Atlas Creator
[2011.12.25 17:47:09 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Motorola
[2009.11.08 15:30:48 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\MuldeR
[2012.01.05 17:08:55 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\MySQL
[2012.01.06 18:39:36 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Notepad++
[2010.04.12 12:19:01 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Opera
[2012.01.20 17:30:41 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Orbit
[2011.03.04 19:59:51 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\PACE Anti-Piracy
[2010.01.16 14:13:00 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Passware
[2011.12.10 16:37:40 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\PC Suite
[2011.02.25 13:03:05 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\PhotoScape
[2010.08.30 18:43:16 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\ProgSense
[2011.12.12 17:13:51 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\redsn0w
[2010.09.22 09:38:38 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2012.02.01 20:50:34 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Shark007
[2010.11.02 14:45:21 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Softland
[2011.02.27 20:03:39 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Software4u
[2010.02.05 20:30:25 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\SparVoip
[2011.03.04 19:58:52 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.02.18 15:48:48 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\sx264
[2011.05.10 21:51:43 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\SystemTools
[2011.12.07 19:55:26 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\TeamViewer
[2012.02.09 16:02:40 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\TeraCopy
[2011.12.08 17:50:49 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\The Creative Assembly
[2010.03.10 19:01:35 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Thinstall
[2012.02.02 21:34:58 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Thunderbird
[2012.02.09 16:08:33 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\TS3Client
[2012.01.23 21:10:54 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\ts3overlay
[2010.11.28 00:18:21 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Twan Wintjes
[2012.01.11 19:59:55 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\VidCoder
[2012.02.09 16:08:33 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Vso
[2012.02.01 20:50:46 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Win7codecs
[2009.08.14 11:06:44 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Windows Home Server
[2011.05.05 15:25:52 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Windows Live Writer
[2009.12.02 19:04:24 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Winff
[2011.08.31 15:48:15 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Wireshark
[2012.02.01 22:11:11 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\XBMC
[2012.01.05 15:56:01 | 000,000,000 | ---D | M] -- C:\Users\mikelsoft\AppData\Roaming\Zeon
[2012.02.09 19:05:54 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2011.12.07 18:59:21 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 2560 bytes -> C:\ProgramData\CLDShowX.ini:Update.CL
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:0574215C
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:F8D65F32
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:D95ACC7D
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:E8BE05FA
@Alternate Data Stream - 1232 bytes -> C:\Users\mikelsoft\Lokale Einstellungen:9JFkVmMuWoCaz9UXl0qgvoM
@Alternate Data Stream - 1232 bytes -> C:\Users\mikelsoft\AppData\Local\Anwendungsdaten:9JFkVmMuWoCaz9UXl0qgvoM
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:1493A0EF
< End of report > |