| moinmoin666 | 30.08.2012 11:13 |
Etwas minimiert mich auf den Desktop und das Ladezeichen neben der Maus erscheint
Hallo, ich habe keine Ahnung warum, aber in unregelmäßigen Abständen werde ich aus so gut wie jeder Vollbild-Anwendung geschmissen, besonders ärgerlich beim Guild Wars 2 zocken.
Ob es sich dabei um etwas "bösartiges" handelt kann ich noch nicht sagen. Zumindest kann ich nicht eingrenzen seid wann das Problem besteht , da es mir erst seid vorgestern aufgefallen ist.
Ich habe hier ein Mal ein OTA-Log wie im Thread gewünscht aufgesetzt. HijackThis zeigt mir nix an, zumidnest sind mir alle Prozesse bekannt oder sie sind von der Community als unbedenklich eingestuft. Code:
OTL logfile created on: 30.08.2012 12:05:38 - Run 2
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\***\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,96 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 47,31% Memory free
7,91 Gb Paging File | 5,81 Gb Available in Paging File | 73,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 10,96 Gb Free Space | 18,40% Space Free | Partition Type: NTFS
Drive G: | 931,41 Gb Total Space | 48,09 Gb Free Space | 5,16% Space Free | Partition Type: NTFS
Drive H: | 100,00 Mb Total Space | 71,86 Mb Free Space | 71,87% Space Free | Partition Type: NTFS
Drive J: | 100,01 Gb Total Space | 22,53 Gb Free Space | 22,53% Space Free | Partition Type: NTFS
Drive K: | 200,01 Gb Total Space | 16,94 Gb Free Space | 8,47% Space Free | Partition Type: NTFS
Drive L: | 165,75 Gb Total Space | 13,00 Gb Free Space | 7,84% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\UltraVNC\winvnc.exe (UltraVNC)
PRC - C:\Program Files (x86)\Folding@Home\smpd.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\pysqlite2._sqlite.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32com.shell.shell.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32api.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\_elementtree.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._html2.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\_socket.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._core_.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._controls_.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\windows._cacheinvalidation.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._windows_.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._gdi_.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._misc_.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\_ssl.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\unicodedata.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\pythoncom26.dll ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\_hashlib.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\pyexpat.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._wizard.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32file.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\pywintypes26.dll ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\_ctypes.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32inet.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32process.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32pdh.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32event.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32crypt.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\select.pyd ()
MOD - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\mozjs.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (Intel(R) -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (uvnc_service) -- C:\Program Files (x86)\UltraVNC\winvnc.exe (UltraVNC)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (mpich2_smpd) -- C:\Program Files (x86)\Folding@Home\smpd.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (USBMULCD) -- C:\Windows\SysNative\drivers\CM10664.sys (C-Media Electronics Inc)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (UDTT7049) -- C:\Windows\SysNative\drivers\UDTT7049.sys ()
DRV:64bit: - (UDTT7049HID) -- C:\Windows\SysNative\drivers\UDTT7049HID.sys (DTV-DVB)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (cpudrv64) -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 35 52 97 51 42 80 CD 01 [binary data]
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = hxxp://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\..\SearchScopes\{D57C502F-5A2F-4363-B9CE-94C05E70770F}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google Deutschland"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.tweakpc.de/"
FF - prefs.js..extensions.enabledItems: de_DE@dicts.j3e.de:20111003
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:3.3
FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.6.6
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.1
FF - prefs.js..extensions.enabledItems: {ca8b7b3d-b6e6-438f-b935-601b3de48d66}:1.1.5
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: brief@mozdev.org:1.5.4
FF - prefs.js..extensions.enabledItems: grwatcher@ajnasz.hu:1.6.1
FF - prefs.js..extensions.enabledItems: toolbar@alexa.com:2.14
FF - prefs.js..extensions.enabledItems: {9458ca25-39fd-4ba8-9520-acc5c0d877b6}:1.6
FF - prefs.js..extensions.enabledItems: {acbe8c0e-43df-4a61-a626-171d523e9353}:0.7.4
FF - prefs.js..extensions.enabledItems: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.39
FF - prefs.js..network.proxy.http: "193.27.209.200"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.10.27 18:40:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.18 17:17:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\components [2012.08.25 22:48:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\plugins [2012.08.25 22:47:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.18 20:47:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.17 12:35:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.0.12\extensions\\Components: C:\Program Files (x86)\SeaMonkey\components [2011.04.26 17:07:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.0.12\extensions\\Plugins: C:\Program Files (x86)\SeaMonkey\plugins [2012.08.17 12:35:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.10.27 18:40:40 | 000,000,000 | ---D | M]
[2011.03.08 16:58:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.03.08 16:58:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2012.08.15 19:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions
[2011.12.18 20:47:34 | 000,000,000 | ---D | M] (OPML Support) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\{9458ca25-39fd-4ba8-9520-acc5c0d877b6}
[2011.05.13 20:11:36 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2012.08.13 18:04:29 | 000,000,000 | ---D | M] (Wörterbuch Deutsch (de-DE), Hunspell-unterstützt) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\de_DE@dicts.j3e.de
[2012.05.23 22:13:13 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\foxyproxy@eric.h.jung
[2010.11.01 22:52:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\nostmp
[2010.10.19 21:01:31 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\vshare@toolbar
[2011.03.08 16:58:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\SeaMonkey\Profiles\pb14f0n5.default\extensions
[2012.08.27 22:58:00 | 000,002,400 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\helmljrs.default\searchplugins\google-deutschland---nicht-personalisiert.xml
[2010.09.25 15:45:37 | 000,001,583 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\helmljrs.default\searchplugins\web-search.xml
[2011.05.14 23:17:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.05.14 15:17:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.05.14 02:27:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011.12.18 17:17:05 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.08.13 18:04:29 | 000,488,027 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\{ACBE8C0E-43DF-4A61-A626-171D523E9353}.XPI
[2012.08.15 19:32:23 | 001,136,465 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI
[2012.05.30 11:16:41 | 000,068,479 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\{D57C9FF1-6389-48FC-B770-F78BD89B6E8A}.XPI
[2012.08.13 18:04:29 | 000,014,586 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\ADDON@SNIP-ME.DE.XPI
[2012.05.13 15:15:26 | 000,157,911 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\GRWATCHER@AJNASZ.HU.XPI
[2012.08.13 18:04:29 | 000,184,864 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
[2012.03.23 00:14:01 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012.04.20 11:09:38 | 000,344,888 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\TOOLBAR@ALEXA.COM.XPI
[2011.05.14 02:27:37 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.23 12:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
O1 HOSTS File: ([2012.02.12 22:38:10 | 000,001,045 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com # alcohol 120%
O1 - Hosts: 127.0.0.1 alcohol-soft.com # alcohol 120%
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com # alcohol 120%
O1 - Hosts: 127.0.0.1 mermaidconsulting.dk # alcohol 120%
O1 - Hosts: 127.0.0.1 195.137.236.101
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O3 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O4:64bit: - HKLM..\Run: [Cm106Sound] C:\Windows\Syswow64\cm106.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler File not found
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1010..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1010..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UltraVNC Server.lnk = C:\Program Files (x86)\UltraVNC\winvnc.exe (UltraVNC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutorun_kl_notset = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06B9693C-6501-4126-AC5A-4030662D35DA}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0759967D-EFF6-42AE-867D-EE54FBD2C7F8}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D31217D-8B40-4FEA-B8A1-6F6BAE57D3CB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{601BBACB-68EF-48CB-A2C1-1B3C003EA639}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B2B4DAB-8197-474B-AEB1-6BBA43F03610}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3139496-1FE6-4357-A14B-02AE57FA9F6D}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA1EF694-E7D2-4431-AB44-952DA0181990}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CED74F0D-711F-4865-AB37-B8D46484349A}: DhcpNameServer = 131.234.137.24 131.234.137.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E1CC2593-9CBF-4CBB-A534-D12B7A566E7C}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F97654EA-87FD-4358-8108-1FF3D0C8D407}: NameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vsharechrome - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O33 - MountPoints2\{39cbe666-bcf7-11df-ba8c-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{39cbe666-bcf7-11df-ba8c-005056c00008}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{39cbe675-bcf7-11df-ba8c-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{39cbe675-bcf7-11df-ba8c-005056c00008}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{6b386cf6-22fe-11e0-9971-001fd0aeb263}\Shell - "" = AutoRun
O33 - MountPoints2\{6b386cf6-22fe-11e0-9971-001fd0aeb263}\Shell\AutoRun\command - "" = H:\preinst.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\SETUP.EXE
O33 - MountPoints2\I\Shell\configure\command - "" = I:\SETUP.EXE
O33 - MountPoints2\I\Shell\install\command - "" = I:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.30 11:56:41 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.08.29 16:21:25 | 000,000,000 | ---D | C] -- C:\Intel
[2012.08.29 16:15:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.08.29 16:15:11 | 006,198,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.08.29 16:15:11 | 003,266,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.08.29 16:15:11 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.08.29 16:15:11 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.08.29 16:15:11 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.08.29 16:14:57 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.08.29 16:14:57 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.08.29 16:14:57 | 000,000,000 | ---D | C] -- C:\temp
[2012.08.29 16:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.08.29 16:14:01 | 026,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.08.29 16:14:01 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.08.29 16:14:01 | 019,828,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.08.29 16:14:01 | 018,229,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.08.29 16:14:01 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.08.29 16:14:01 | 015,291,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.08.29 16:14:01 | 014,879,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.08.29 16:14:01 | 012,465,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.08.29 16:14:01 | 009,066,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.08.29 16:14:01 | 007,626,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.08.29 16:14:01 | 007,387,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012.08.29 16:14:01 | 006,100,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012.08.29 16:14:01 | 002,745,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.08.29 16:14:01 | 002,725,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.08.29 16:14:01 | 002,573,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.08.29 16:14:01 | 002,422,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.08.29 16:14:01 | 002,216,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.08.29 16:14:01 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.08.29 16:14:01 | 001,763,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.08.29 16:14:01 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.08.28 15:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012.08.28 15:06:04 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Guild Wars 2
[2012.08.28 01:12:03 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Breaking.Bad.S05E07.PROPER.HDTV.XviD-AFG
[2012.08.26 23:09:43 | 002,582,320 | ---- | C] (CPUID) -- C:\Users\***\Desktop\cpuz_x64.exe
[2012.08.26 21:27:37 | 000,189,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IPROSetMonitor.exe
[2012.08.26 21:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.08.26 21:27:26 | 000,336,728 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\PROUnstl.exe
[2012.08.26 21:25:48 | 000,358,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\e1c62x64.sys
[2012.08.26 21:25:48 | 000,098,496 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicInstC.dll
[2012.08.26 21:25:48 | 000,068,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\e1cmsg.dll
[2012.08.26 21:25:48 | 000,036,472 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicCo36.dll
[2012.08.25 22:47:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1
[2012.08.23 11:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.08.23 11:13:19 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.08.22 12:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2012.08.22 10:58:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinHTTrack
[2012.08.22 10:10:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Nuance
[2012.08.22 10:06:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\FLEXnet
[2012.08.22 10:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2012.08.22 10:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance
[2012.08.16 13:33:17 | 000,000,000 | --SD | C] -- C:\Users\***\Google Drive
[2012.08.15 17:17:30 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.15 17:17:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.15 17:17:30 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.15 17:17:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.15 17:17:29 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.15 17:17:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.15 17:17:29 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.15 17:17:28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.15 17:17:28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.15 17:17:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.15 17:17:27 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.15 17:17:27 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.15 17:17:26 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.15 14:05:44 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.15 14:05:42 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.15 14:05:42 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.15 14:05:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 14:05:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.15 14:05:42 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 14:05:41 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 14:05:40 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.13 18:45:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.08.13 18:45:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.08.13 18:45:38 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.08.13 18:45:37 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.08.13 18:45:37 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.08.13 18:43:10 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.08.13 18:43:09 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.08.13 18:43:09 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.08.13 18:43:07 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.08.13 18:43:07 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.08.13 18:43:07 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.08.13 18:43:06 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.08.13 18:43:06 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.08.13 18:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.08.13 18:01:24 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2012.08.13 18:01:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.08.13 18:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.08.13 17:45:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.30 12:06:51 | 010,892,808 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.30 12:06:51 | 003,689,698 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.30 12:06:51 | 003,344,560 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.30 12:06:51 | 002,995,858 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.30 12:06:51 | 000,006,872 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.30 12:01:57 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.30 12:01:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.30 12:01:49 | 3185,491,968 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.30 11:56:44 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.08.30 11:46:04 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.30 11:16:06 | 000,023,408 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 11:16:06 | 000,023,408 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 04:08:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.28 23:46:13 | 000,001,705 | ---- | M] () -- C:\Windows\Cm106.ini.imi
[2012.08.28 23:10:33 | 000,001,092 | ---- | M] () -- C:\Users\***\Desktop\TeamSpeak 3 Client.lnk
[2012.08.28 22:34:37 | 007,586,316 | ---- | M] () -- C:\Users\***\Desktop\GW2_Anfaengerguide_201208230117.pdf
[2012.08.28 15:07:37 | 000,000,598 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.08.23 11:16:03 | 000,002,115 | ---- | M] () -- C:\Users\***\AppData\Roaming\SAS7_000.DAT
[2012.08.22 15:46:00 | 026,228,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.08.22 15:46:00 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.08.22 15:46:00 | 019,828,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.08.22 15:46:00 | 018,229,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.08.22 15:46:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.08.22 15:46:00 | 015,291,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.08.22 15:46:00 | 014,879,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.08.22 15:46:00 | 012,465,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.08.22 15:46:00 | 009,066,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.08.22 15:46:00 | 007,626,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.08.22 15:46:00 | 007,387,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012.08.22 15:46:00 | 006,100,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012.08.22 15:46:00 | 002,745,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.08.22 15:46:00 | 002,725,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.08.22 15:46:00 | 002,573,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.08.22 15:46:00 | 002,422,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.08.22 15:46:00 | 002,216,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.08.22 15:46:00 | 001,866,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.08.22 15:46:00 | 001,763,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.08.22 15:46:00 | 001,482,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.08.22 15:46:00 | 000,060,776 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.08.22 15:46:00 | 000,052,584 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.08.22 15:46:00 | 000,016,366 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012.08.22 14:17:28 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.08.22 14:17:28 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.08.22 14:17:27 | 002,557,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.08.22 14:17:14 | 003,266,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.08.22 14:17:11 | 006,198,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.08.22 06:16:24 | 000,429,416 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.08.17 12:35:23 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.08.15 17:20:13 | 000,434,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.15 17:10:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.08.14 21:08:11 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.14 21:08:11 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.13 18:09:03 | 000,000,701 | ---- | M] () -- C:\Users\***\Desktop\Freigabe - Verknüpfung (2).lnk
[2012.08.13 18:06:12 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.13 18:01:30 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012.08.13 17:49:12 | 000,012,326 | ---- | M] () -- C:\Users\***\Desktop\Steam.exe.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.29 16:14:01 | 000,016,366 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.08.28 23:10:33 | 000,001,092 | ---- | C] () -- C:\Users\***\Desktop\TeamSpeak 3 Client.lnk
[2012.08.28 22:34:26 | 007,586,316 | ---- | C] () -- C:\Users\***\Desktop\GW2_Anfaengerguide_201208230117.pdf
[2012.08.28 15:07:37 | 000,000,598 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.08.26 21:27:27 | 000,001,904 | ---- | C] () -- C:\Windows\SysNative\SetupBD.din
[2012.08.26 21:25:48 | 000,003,114 | ---- | C] () -- C:\Windows\SysNative\e1c62x64.din
[2012.08.22 10:40:24 | 000,002,115 | ---- | C] () -- C:\Users\***\AppData\Roaming\SAS7_000.DAT
[2012.08.22 06:16:24 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.08.15 17:10:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.08.13 18:40:08 | 3185,491,968 | -HS- | C] () -- C:\hiberfil.sys
[2012.08.13 18:09:03 | 000,000,701 | ---- | C] () -- C:\Users\***\Desktop\Freigabe - Verknüpfung (2).lnk
[2012.08.13 17:49:12 | 000,012,326 | ---- | C] () -- C:\Users\***\Desktop\Steam.exe.lnk
[2012.05.08 14:00:44 | 000,010,639 | ---- | C] () -- C:\Users\***\a.r._elster_2048.pfx
[2012.03.30 13:46:43 | 000,000,218 | ---- | C] () -- C:\Users\***\.recently-used.xbel
[2012.02.06 14:24:50 | 000,000,664 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.11.26 16:07:24 | 000,111,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.11.26 16:07:19 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.11.26 16:03:01 | 000,000,535 | ---- | C] () -- C:\Windows\eReg.dat
[2011.08.14 17:27:21 | 000,000,538 | ---- | C] () -- C:\Windows\FICEDULA.INI
[2011.08.09 02:46:54 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.08.09 02:46:54 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.08.09 02:46:51 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.08.09 02:46:51 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.08.09 02:46:51 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.07.24 02:52:54 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011.04.21 23:26:58 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix106.dll
[2011.04.21 23:26:58 | 000,000,611 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2011.04.21 23:26:55 | 000,003,059 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
[2011.04.21 23:26:55 | 000,001,705 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2011.04.21 23:26:55 | 000,000,964 | ---- | C] () -- C:\Windows\cm106.ini
[2011.03.08 15:03:02 | 000,002,660 | ---- | C] () -- C:\Users\***\AppData\Roaming\TS3Client.rar
[2011.02.18 21:08:20 | 000,000,017 | ---- | C] () -- C:\Users\***\AppData\Local\resmon.resmoncfg
[2011.01.02 22:37:26 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2010.12.21 04:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.12.07 02:05:33 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2010.11.17 01:08:26 | 000,029,518 | ---- | C] () -- C:\Users\***\energy-report.html
[2010.10.27 18:38:18 | 000,245,227 | ---- | C] () -- C:\Windows\hpoins19.dat
[2010.10.27 18:38:18 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2010.10.05 00:14:28 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.09.13 22:56:31 | 000,000,136 | ---- | C] () -- C:\Windows\SysWow64\cpuz.ini
[2010.09.10 18:19:04 | 000,000,721 | ---- | C] () -- C:\Users\***\*** - Verknüpfung.lnk
[2010.09.01 21:00:51 | 000,006,838 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== LOP Check ==========
[2012.08.30 11:36:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.purple
[2011.05.14 03:05:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Anywhere Software
[2011.05.02 22:49:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Aqdeez
[2010.10.04 16:02:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\avidemux
[2010.10.17 16:46:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canneverbe Limited
[2012.08.27 11:40:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2012.08.30 12:02:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dropbox
[2011.12.30 03:39:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2012.01.30 20:28:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular
[2010.08.02 15:05:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\enchant
[2012.03.27 22:20:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FahMon
[2011.08.16 16:52:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Feedreader
[2012.01.11 17:15:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2011.02.21 16:42:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\fltk.org
[2010.11.16 22:02:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeArc
[2010.08.18 22:40:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2012.02.09 23:56:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GrabIt
[2012.03.30 12:30:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2011.12.20 18:57:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HD Tune Pro
[2010.09.02 17:51:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HFM
[2011.11.08 20:59:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Iremn
[2012.03.07 19:26:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LOVE
[2011.02.24 12:11:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAXON
[2011.05.19 23:30:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\NetMeter
[2012.08.30 12:05:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\NetSpeedMonitor
[2012.08.22 10:10:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nuance
[2010.08.25 13:04:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2011.07.07 21:27:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony
[2011.05.19 21:22:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TrafficMonitor
[2011.03.08 18:55:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TrueCrypt
[2012.08.29 10:07:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2012.08.30 12:02:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\uTorrent
[2010.12.14 16:11:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\xWeasel
[2012.08.26 22:08:34 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:7FFED16F
< End of report >
Edit: *** mit User-Namen getauscht |
