carpedeli | 23.01.2012 19:34 | hej hej!
Den OTL hier, den EXTRA als Anhang!
Grüße
OTL Logfile: Code:
OTL logfile created on: 23.01.2012 19:11:00 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\chuckyxx\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,93 Gb Total Physical Memory | 5,28 Gb Available Physical Memory | 89,01% Memory free
11,86 Gb Paging File | 11,24 Gb Available in Paging File | 94,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,87 Gb Total Space | 333,52 Gb Free Space | 72,68% Space Free | Partition Type: NTFS
Drive D: | 458,87 Gb Total Space | 374,06 Gb Free Space | 81,52% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive H: | 1,88 Gb Total Space | 1,85 Gb Free Space | 98,05% Space Free | Partition Type: FAT
Computer Name: CHUCKYXX-PC | User Name: chuckyxx | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.01.23 19:04:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\chuckyxx\Desktop\OTL.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.06.15 16:50:10 | 000,823,288 | ---- | M] (Check Point Software Technologies) [Auto | Stopped] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2009.10.19 14:17:42 | 000,202,752 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.10.12 03:01:17 | 000,292,136 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service)
SRV - [2011.10.12 03:01:08 | 000,075,048 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service)
SRV - [2011.09.14 14:48:18 | 000,083,240 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD)
SRV - [2011.07.27 18:30:28 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.11 08:25:17 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.10 14:36:24 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.28 13:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.09 10:24:16 | 000,076,320 | ---- | M] () [Auto | Stopped] -- C:\OEM\USBDECTION\USBS3S4Detection.exe -- (USBS3S4Detection)
SRV - [2009.10.13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2009.09.30 13:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 13:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.09.10 14:42:46 | 000,305,448 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.08.25 19:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.08.13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Stopped] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.18 02:43:46 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2011.10.18 02:43:44 | 000,095,928 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2011.07.27 18:30:30 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.07.27 18:30:30 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.09.22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.05.15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2010.04.19 19:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009.11.18 11:30:56 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.10.19 14:50:12 | 006,098,432 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.10.13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.09.23 10:11:04 | 000,283,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R)
DRV:64bit: - [2009.09.17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.02 12:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.02 12:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.02 12:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2011.09.16 10:36:34 | 000,148,976 | ---- | M] (CyberLink Corp.) [2011/12/22 19:04:51] [Kernel | Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011.09.14 14:48:19 | 000,075,248 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys -- (ntk_PowerDVD)
DRV - [2010.06.15 16:49:48 | 000,033,528 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Stopped] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=173610107107pe478v1k5w45l1u547
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=173610107107pe478v1k5w45l1u547
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=173610107107pe478v1k5w45l1u547
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=173610107107pe478v1k5w45l1u547
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=173610107107pe478v1k5w45l1u547
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 200.251.201.1:8080
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm-Sicherheit Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: player@portalarium.com:1.51
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.http: "200.251.201.1"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\chuckyxx\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\chuckyxx\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\chuckyxx\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.03 20:56:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.17 06:31:17 | 000,000,000 | ---D | M]
[2011.12.13 18:13:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\chuckyxx\AppData\Roaming\mozilla\Extensions
[2012.01.07 12:04:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\chuckyxx\AppData\Roaming\mozilla\Firefox\Profiles\kovgqfc6.default\extensions
[2012.01.07 12:04:10 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\chuckyxx\AppData\Roaming\mozilla\Firefox\Profiles\kovgqfc6.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.12.27 22:51:20 | 000,000,933 | ---- | M] () -- C:\Users\chuckyxx\AppData\Roaming\Mozilla\Firefox\Profiles\kovgqfc6.default\searchplugins\11-suche.xml
[2011.12.27 22:51:20 | 000,002,419 | ---- | M] () -- C:\Users\chuckyxx\AppData\Roaming\Mozilla\Firefox\Profiles\kovgqfc6.default\searchplugins\englische-ergebnisse.xml
[2011.12.27 22:51:20 | 000,010,525 | ---- | M] () -- C:\Users\chuckyxx\AppData\Roaming\Mozilla\Firefox\Profiles\kovgqfc6.default\searchplugins\gmx-suche.xml
[2011.12.27 22:51:20 | 000,002,457 | ---- | M] () -- C:\Users\chuckyxx\AppData\Roaming\Mozilla\Firefox\Profiles\kovgqfc6.default\searchplugins\lastminute.xml
[2011.11.20 10:47:13 | 000,002,497 | ---- | M] () -- C:\Users\chuckyxx\AppData\Roaming\Mozilla\Firefox\Profiles\kovgqfc6.default\searchplugins\SearchResults.xml
[2011.12.27 22:51:20 | 000,005,508 | ---- | M] () -- C:\Users\chuckyxx\AppData\Roaming\Mozilla\Firefox\Profiles\kovgqfc6.default\searchplugins\webde-suche.xml
[2011.12.13 18:13:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\CHUCKYXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KOVGQFC6.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.01.03 20:56:28 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.03.19 09:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll
[2011.03.22 19:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.10.02 03:49:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.02 03:49:13 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.02 03:49:13 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.02.10 21:01:17 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src
[2011.10.02 03:49:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.20 10:47:13 | 000,002,497 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2011.10.02 03:49:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.02 03:49:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\chuckyxx\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\chuckyxx\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\chuckyxx\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Gutscheinmieze-Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\chuckyxx\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\chuckyxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google-Suche = C:\Users\chuckyxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Google Mail = C:\Users\chuckyxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011.01.10 14:38:58 | 000,000,887 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Facebook Update] C:\Users\chuckyxx\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Firefox helper] C:\Users\chuckyxx\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\chuckyxx\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\chuckyxx\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97BE0667-DBCC-4EAC-A640-06F8D729292C}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2012.01.23 19:07:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\chuckyxx\Desktop\OTL.exe
[2012.01.21 16:41:55 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\Desktop\t cell neu
[2012.01.17 21:33:39 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\Desktop\2011
[2012.01.17 21:33:05 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\Desktop\2012
[2012.01.13 17:26:05 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\AppData\Local\{0E48ADB5-726B-49A7-B671-B16A0967C905}
[2012.01.13 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\AppData\Local\{E77690A4-5A53-435C-9A92-0D911CFBFE4A}
[2012.01.11 21:08:56 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\AppData\Local\{70653899-974E-4F4C-827C-91218D14FC40}
[2012.01.11 21:08:34 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\AppData\Local\{13ED7BD5-611E-4DAD-B2A1-D03025DAABD7}
[2012.01.11 20:33:15 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\AppData\Local\{A60AB505-5A64-4741-9427-F6BEABBEC7CD}
[2012.01.11 20:32:53 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\AppData\Local\{D0D0E6D8-33FB-4B56-ADE8-941ADE084B83}
[2012.01.04 14:05:59 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\AppData\Local\{561CEC6D-08F9-48E3-B944-63CC2D267484}
[2012.01.04 14:05:37 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\AppData\Local\{415332D5-953D-4ECC-9BED-6AFA202295EF}
[2012.01.03 21:20:24 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\AppData\Local\{D1903421-50E8-41AF-B8C1-36D6CF81987E}
[2012.01.03 21:20:01 | 000,000,000 | ---D | C] -- C:\Users\chuckyxx\AppData\Local\{BF165AC2-1A7E-44A9-817D-595CA771857E}
[2009.11.26 18:31:51 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Users\chuckyxx\2011-10-18-1193335477_04-RG.PDF
[2012.01.23 19:06:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.23 19:06:00 | 479,535,103 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.23 19:04:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\chuckyxx\Desktop\OTL.exe
[2012.01.23 18:57:31 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.23 18:57:31 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.23 18:50:55 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.23 18:28:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.23 17:40:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1316531324-2911879387-1025736777-1001UA.job
[2012.01.23 16:45:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1316531324-2911879387-1025736777-1001UA.job
[2012.01.22 14:40:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1316531324-2911879387-1025736777-1001Core.job
[2012.01.21 10:45:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1316531324-2911879387-1025736777-1001Core.job
[2012.01.15 11:34:34 | 003,364,489 | ---- | M] () -- C:\Users\chuckyxx\2012-01-15 11.34.34.jpg
[2012.01.15 11:32:26 | 003,038,233 | ---- | M] () -- C:\Users\chuckyxx\2012-01-15 11.32.26.jpg
[2012.01.15 00:35:12 | 002,043,944 | ---- | M] () -- C:\Users\chuckyxx\2012-01-15 00.35.13.jpg
[2012.01.15 00:33:14 | 001,393,347 | ---- | M] () -- C:\Users\chuckyxx\2012-01-15 00.33.15.jpg
[2012.01.13 21:17:10 | 002,569,409 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 23.17.10.jpg
[2012.01.13 21:17:04 | 002,752,033 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 23.17.05.jpg
[2012.01.13 21:16:58 | 002,597,988 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 23.16.59.jpg
[2012.01.13 20:35:00 | 002,696,591 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.35.00.jpg
[2012.01.13 20:34:40 | 002,606,666 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.34.41.jpg
[2012.01.13 20:33:56 | 002,447,924 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.33.57.jpg
[2012.01.13 20:33:50 | 002,738,466 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.33.51.jpg
[2012.01.13 20:33:44 | 002,548,792 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.33.45.jpg
[2012.01.13 20:33:34 | 002,591,029 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.33.34.jpg
[2012.01.13 20:30:22 | 002,700,279 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.30.22.jpg
[2012.01.11 06:15:30 | 001,519,118 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.11 06:15:30 | 000,653,982 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.11 06:15:30 | 000,615,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.11 06:15:30 | 000,129,854 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.11 06:15:30 | 000,106,244 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.10 21:43:48 | 003,525,140 | ---- | M] () -- C:\Users\chuckyxx\2012-01-10 21.43.48.jpg
[2012.01.10 21:43:34 | 003,399,298 | ---- | M] () -- C:\Users\chuckyxx\2012-01-10 21.43.35.jpg
[2012.01.08 00:24:22 | 002,643,849 | ---- | M] () -- C:\Users\chuckyxx\2011-12-04 05.32.37.jpg
[2012.01.08 00:24:21 | 002,753,557 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 22.31.58.jpg
[2012.01.08 00:24:21 | 002,325,421 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 21.39.59.jpg
[2012.01.08 00:24:21 | 002,095,429 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 22.11.10.jpg
[2012.01.08 00:24:21 | 001,834,291 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 22.11.26.jpg
[2012.01.08 00:24:20 | 002,689,305 | ---- | M] () -- C:\Users\chuckyxx\2011-12-04 05.32.50.jpg
[2012.01.08 00:24:09 | 002,787,367 | ---- | M] () -- C:\Users\chuckyxx\2011-11-11 20.48.50.jpg
[2012.01.08 00:24:06 | 002,683,002 | ---- | M] () -- C:\Users\chuckyxx\2011-11-11 20.49.10.jpg
[2012.01.08 00:21:06 | 002,606,792 | ---- | M] () -- C:\Users\chuckyxx\2011-12-19 13.02.02.jpg
[2012.01.06 09:34:13 | 000,309,104 | ---- | M] () -- C:\Users\chuckyxx\Rauchen.odt
[2012.01.06 09:29:48 | 000,011,549 | ---- | M] () -- C:\Users\chuckyxx\Garderobe.odt
[2012.01.06 08:50:06 | 000,141,427 | ---- | M] () -- C:\Users\chuckyxx\Getränke Schnee 2.odt
[2012.01.03 15:35:56 | 000,046,473 | ---- | M] () -- C:\Users\chuckyxx\schneegestöber 2.0_2 copy_600x600_100KB.jpg
[2012.01.01 12:52:30 | 000,475,146 | ---- | M] () -- C:\Users\chuckyxx\2012-01-01 12.52.30.jpg
[2011.12.29 17:16:01 | 002,753,534 | ---- | M] () -- C:\Users\chuckyxx\2011-12-29 17.14.27.jpg
[2011.12.28 09:56:16 | 000,250,421 | ---- | M] () -- C:\Users\chuckyxx\RKH_72_FP_2012_1.pdf
[2011.12.28 09:52:14 | 000,087,106 | ---- | M] () -- C:\Users\chuckyxx\TFP_75_2.pdf
[2011.12.27 09:26:58 | 000,113,482 | ---- | M] () -- C:\Users\chuckyxx\sp-studio.jpg
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.01.16 19:59:57 | 003,364,489 | ---- | C] () -- C:\Users\chuckyxx\2012-01-15 11.34.34.jpg
[2012.01.16 19:59:57 | 003,038,233 | ---- | C] () -- C:\Users\chuckyxx\2012-01-15 11.32.26.jpg
[2012.01.16 19:59:57 | 002,043,944 | ---- | C] () -- C:\Users\chuckyxx\2012-01-15 00.35.13.jpg
[2012.01.16 19:59:57 | 001,393,347 | ---- | C] () -- C:\Users\chuckyxx\2012-01-15 00.33.15.jpg
[2012.01.16 19:59:56 | 002,752,033 | ---- | C] () -- C:\Users\chuckyxx\2012-01-13 23.17.05.jpg
[2012.01.16 19:59:56 | 002,597,988 | ---- | C] () -- C:\Users\chuckyxx\2012-01-13 23.16.59.jpg
[2012.01.16 19:59:56 | 002,569,409 | ---- | C] () -- C:\Users\chuckyxx\2012-01-13 23.17.10.jpg
[2012.01.16 19:59:55 | 002,738,466 | ---- | C] () -- C:\Users\chuckyxx\2012-01-13 22.33.51.jpg
[2012.01.16 19:59:55 | 002,696,591 | ---- | C] () -- C:\Users\chuckyxx\2012-01-13 22.35.00.jpg
[2012.01.16 19:59:55 | 002,606,666 | ---- | C] () -- C:\Users\chuckyxx\2012-01-13 22.34.41.jpg
[2012.01.16 19:59:55 | 002,447,924 | ---- | C] () -- C:\Users\chuckyxx\2012-01-13 22.33.57.jpg
[2012.01.16 19:59:54 | 002,700,279 | ---- | C] () -- C:\Users\chuckyxx\2012-01-13 22.30.22.jpg
[2012.01.16 19:59:54 | 002,591,029 | ---- | C] () -- C:\Users\chuckyxx\2012-01-13 22.33.34.jpg
[2012.01.16 19:59:54 | 002,548,792 | ---- | C] () -- C:\Users\chuckyxx\2012-01-13 22.33.45.jpg
[2012.01.16 19:59:52 | 003,525,140 | ---- | C] () -- C:\Users\chuckyxx\2012-01-10 21.43.48.jpg
[2012.01.16 19:59:52 | 003,399,298 | ---- | C] () -- C:\Users\chuckyxx\2012-01-10 21.43.35.jpg
[2012.01.16 19:59:52 | 000,475,146 | ---- | C] () -- C:\Users\chuckyxx\2012-01-01 12.52.30.jpg
[2012.01.08 12:33:27 | 000,250,421 | ---- | C] () -- C:\Users\chuckyxx\RKH_72_FP_2012_1.pdf
[2012.01.08 12:33:27 | 000,087,106 | ---- | C] () -- C:\Users\chuckyxx\TFP_75_2.pdf
[2012.01.08 00:08:33 | 029,868,696 | ---- | C] () -- C:\Users\chuckyxx\video-2011-09-18-03-19-08.mp4
[2012.01.08 00:04:33 | 002,689,305 | ---- | C] () -- C:\Users\chuckyxx\2011-12-04 05.32.50.jpg
[2012.01.08 00:04:33 | 002,643,849 | ---- | C] () -- C:\Users\chuckyxx\2011-12-04 05.32.37.jpg
[2012.01.08 00:04:31 | 003,041,655 | ---- | C] () -- C:\Users\chuckyxx\2011-11-29 20.57.47.jpg
[2012.01.08 00:04:31 | 002,551,673 | ---- | C] () -- C:\Users\chuckyxx\2011-11-28 13.52.27.jpg
[2012.01.08 00:04:30 | 002,753,557 | ---- | C] () -- C:\Users\chuckyxx\2011-11-19 22.31.58.jpg
[2012.01.08 00:04:30 | 001,931,078 | ---- | C] () -- C:\Users\chuckyxx\2011-11-19 23.23.11.jpg
[2012.01.08 00:04:30 | 001,834,291 | ---- | C] () -- C:\Users\chuckyxx\2011-11-19 22.11.26.jpg
[2012.01.08 00:04:30 | 001,806,197 | ---- | C] () -- C:\Users\chuckyxx\2011-11-19 22.18.56.jpg
[2012.01.08 00:04:30 | 000,495,477 | ---- | C] () -- C:\Users\chuckyxx\2011-11-19 22.12.00.jpg
[2012.01.08 00:04:30 | 000,346,350 | ---- | C] () -- C:\Users\chuckyxx\2011-11-19 22.19.02.jpg
[2012.01.08 00:04:30 | 000,298,346 | ---- | C] () -- C:\Users\chuckyxx\2011-11-19 22.31.31.jpg
[2012.01.08 00:04:29 | 002,325,421 | ---- | C] () -- C:\Users\chuckyxx\2011-11-19 21.39.59.jpg
[2012.01.08 00:04:29 | 002,095,429 | ---- | C] () -- C:\Users\chuckyxx\2011-11-19 22.11.10.jpg
[2012.01.08 00:04:28 | 002,683,002 | ---- | C] () -- C:\Users\chuckyxx\2011-11-11 20.49.10.jpg
[2012.01.08 00:04:27 | 002,787,367 | ---- | C] () -- C:\Users\chuckyxx\2011-11-11 20.48.50.jpg
[2012.01.06 09:34:11 | 000,309,104 | ---- | C] () -- C:\Users\chuckyxx\Rauchen.odt
[2012.01.06 09:29:46 | 000,011,549 | ---- | C] () -- C:\Users\chuckyxx\Garderobe.odt
[2012.01.04 13:36:53 | 000,141,427 | ---- | C] () -- C:\Users\chuckyxx\Getränke Schnee 2.odt
[2012.01.03 15:35:56 | 000,046,473 | ---- | C] () -- C:\Users\chuckyxx\schneegestöber 2.0_2 copy_600x600_100KB.jpg
[2011.12.29 17:15:50 | 002,753,534 | ---- | C] () -- C:\Users\chuckyxx\2011-12-29 17.14.27.jpg
[2011.12.29 17:15:45 | 002,606,792 | ---- | C] () -- C:\Users\chuckyxx\2011-12-19 13.02.02.jpg
[2011.12.27 09:26:58 | 000,113,482 | ---- | C] () -- C:\Users\chuckyxx\sp-studio.jpg
[2011.12.14 14:28:00 | 000,000,000 | ---- | C] () -- C:\Users\chuckyxx\AppData\Local\{FC49E560-E1AD-4E26-9909-78382EB0274D}
[2011.09.16 10:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.09.16 10:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.09.16 10:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.09.16 10:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.09.16 10:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.01.03 11:58:26 | 000,121,856 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.10.31 13:19:12 | 000,004,608 | ---- | C] () -- C:\Users\chuckyxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.04 13:05:56 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.10.02 22:41:08 | 000,000,000 | ---- | C] () -- C:\Users\chuckyxx\AppData\Roaming\wklnhst.dat
[2010.10.02 10:50:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.10.10 12:07:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== LOP Check ==========
[2011.11.20 10:47:12 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\Bandoo
[2011.01.08 09:51:17 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\Canneverbe Limited
[2010.12.01 10:05:16 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\CheckPoint
[2011.01.28 20:35:06 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.09 08:38:29 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\gtk-2.0
[2011.10.09 16:04:31 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\Gutscheinmieze
[2011.04.22 07:10:10 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\OpenCandy
[2010.11.16 12:02:04 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\OpenOffice.org
[2011.01.02 15:38:48 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\Opera
[2011.07.29 10:16:28 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\PhotoScape
[2011.10.24 18:32:59 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\Samsung
[2011.02.11 10:08:10 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\Sony
[2011.01.09 06:11:45 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\Uniblue
[2010.10.23 11:58:54 | 000,000,000 | ---D | M] -- C:\Users\chuckyxx\AppData\Roaming\Windows Live Writer
[2012.01.21 10:45:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1316531324-2911879387-1025736777-1001Core.job
[2012.01.23 16:45:01 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1316531324-2911879387-1025736777-1001UA.job
[2011.12.20 09:43:51 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2010.10.20 07:00:29 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.11.25 11:30:46 | 000,000,000 | ---D | M] -- C:\326820d7c6687f5b1881da
[2010.12.01 09:33:42 | 000,000,000 | ---D | M] -- C:\ad49ed350594847e840d13bf621e
[2007.10.10 12:08:27 | 000,000,000 | ---D | M] -- C:\book
[2012.01.18 19:46:22 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.10.02 10:20:11 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.11.26 18:17:08 | 000,000,000 | ---D | M] -- C:\Intel
[2009.11.26 18:39:43 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2010.10.02 10:21:14 | 000,000,000 | -H-D | M] -- C:\OEM
[2011.06.06 15:32:54 | 000,000,000 | ---D | M] -- C:\PDF
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.10.09 16:07:20 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.12.13 18:38:17 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.12.22 19:04:51 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.10.02 10:20:11 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.10.02 10:20:11 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.01.18 03:00:50 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.10.24 18:36:47 | 000,000,000 | ---D | M] -- C:\Temp
[2010.12.01 10:04:46 | 000,000,000 | R--D | M] -- C:\Users
[2012.01.23 19:06:00 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: IASTOR.SYS >
[2009.10.13 20:09:36 | 000,331,288 | ---- | M] (Intel Corporation) MD5=0BAA4115DFFFD6A6D809A89D65E1281A -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009.10.13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) MD5=BE7D72FCF442C26975942007E0831241 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009.10.13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) MD5=BE7D72FCF442C26975942007E0831241 -- C:\Windows\SysNative\drivers\iaStor.sys
[2009.10.13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) MD5=BE7D72FCF442C26975942007E0831241 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_6fca727099cdabf1\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %USERPROFILE%\*.* >
[2011.05.02 12:38:48 | 000,808,137 | ---- | M] () -- C:\Users\chuckyxx\02052011537.JPG
[2011.12.24 01:51:59 | 000,047,868 | ---- | M] () -- C:\Users\chuckyxx\1306_schablone.jpg
[2011.07.07 04:54:24 | 002,087,621 | ---- | M] () -- C:\Users\chuckyxx\2011-07-07 05.54.25.jpg
[2011.07.07 04:54:54 | 002,301,575 | ---- | M] () -- C:\Users\chuckyxx\2011-07-07 05.54.55.jpg
[2011.10.05 11:33:29 | 001,505,451 | ---- | M] () -- C:\Users\chuckyxx\2011-07-30 13.52.47.jpg
[2011.08.16 05:08:28 | 001,977,755 | ---- | M] () -- C:\Users\chuckyxx\2011-08-16 06.08.28.jpg
File not found -- C:\Users\chuckyxx\2011-10-18-1193335477_04-RG.PDF
[2011.10.21 07:26:06 | 001,797,537 | ---- | M] () -- C:\Users\chuckyxx\2011-10-21 06.26.07.jpg
[2011.10.29 15:49:23 | 003,042,041 | ---- | M] () -- C:\Users\chuckyxx\2011-10-29 16.44.50.jpg
[2012.01.08 00:24:09 | 002,787,367 | ---- | M] () -- C:\Users\chuckyxx\2011-11-11 20.48.50.jpg
[2012.01.08 00:24:06 | 002,683,002 | ---- | M] () -- C:\Users\chuckyxx\2011-11-11 20.49.10.jpg
[2012.01.08 00:24:21 | 002,325,421 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 21.39.59.jpg
[2012.01.08 00:24:21 | 002,095,429 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 22.11.10.jpg
[2012.01.08 00:24:21 | 001,834,291 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 22.11.26.jpg
[2011.11.19 22:12:00 | 000,495,477 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 22.12.00.jpg
[2011.11.19 22:18:56 | 001,806,197 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 22.18.56.jpg
[2011.11.19 22:19:02 | 000,346,350 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 22.19.02.jpg
[2011.11.19 22:31:30 | 000,298,346 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 22.31.31.jpg
[2012.01.08 00:24:21 | 002,753,557 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 22.31.58.jpg
[2011.11.19 23:23:10 | 001,931,078 | ---- | M] () -- C:\Users\chuckyxx\2011-11-19 23.23.11.jpg
[2011.11.28 13:52:26 | 002,551,673 | ---- | M] () -- C:\Users\chuckyxx\2011-11-28 13.52.27.jpg
[2011.11.29 20:57:46 | 003,041,655 | ---- | M] () -- C:\Users\chuckyxx\2011-11-29 20.57.47.jpg
[2012.01.08 00:24:22 | 002,643,849 | ---- | M] () -- C:\Users\chuckyxx\2011-12-04 05.32.37.jpg
[2012.01.08 00:24:20 | 002,689,305 | ---- | M] () -- C:\Users\chuckyxx\2011-12-04 05.32.50.jpg
[2012.01.08 00:21:06 | 002,606,792 | ---- | M] () -- C:\Users\chuckyxx\2011-12-19 13.02.02.jpg
[2011.12.29 17:16:01 | 002,753,534 | ---- | M] () -- C:\Users\chuckyxx\2011-12-29 17.14.27.jpg
[2012.01.01 12:52:30 | 000,475,146 | ---- | M] () -- C:\Users\chuckyxx\2012-01-01 12.52.30.jpg
[2012.01.10 21:43:34 | 003,399,298 | ---- | M] () -- C:\Users\chuckyxx\2012-01-10 21.43.35.jpg
[2012.01.10 21:43:48 | 003,525,140 | ---- | M] () -- C:\Users\chuckyxx\2012-01-10 21.43.48.jpg
[2012.01.13 20:30:22 | 002,700,279 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.30.22.jpg
[2012.01.13 20:33:34 | 002,591,029 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.33.34.jpg
[2012.01.13 20:33:44 | 002,548,792 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.33.45.jpg
[2012.01.13 20:33:50 | 002,738,466 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.33.51.jpg
[2012.01.13 20:33:56 | 002,447,924 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.33.57.jpg
[2012.01.13 20:34:40 | 002,606,666 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.34.41.jpg
[2012.01.13 20:35:00 | 002,696,591 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 22.35.00.jpg
[2012.01.13 21:16:58 | 002,597,988 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 23.16.59.jpg
[2012.01.13 21:17:04 | 002,752,033 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 23.17.05.jpg
[2012.01.13 21:17:10 | 002,569,409 | ---- | M] () -- C:\Users\chuckyxx\2012-01-13 23.17.10.jpg
[2012.01.15 00:33:14 | 001,393,347 | ---- | M] () -- C:\Users\chuckyxx\2012-01-15 00.33.15.jpg
[2012.01.15 00:35:12 | 002,043,944 | ---- | M] () -- C:\Users\chuckyxx\2012-01-15 00.35.13.jpg
[2012.01.15 11:32:26 | 003,038,233 | ---- | M] () -- C:\Users\chuckyxx\2012-01-15 11.32.26.jpg
[2012.01.15 11:34:34 | 003,364,489 | ---- | M] () -- C:\Users\chuckyxx\2012-01-15 11.34.34.jpg
[2008.05.12 01:53:04 | 721,307,648 | ---- | M] () -- C:\Users\chuckyxx\21.avi
[2009.03.07 22:48:48 | 734,175,232 | ---- | M] () -- C:\Users\chuckyxx\96 Hours.avi
[2008.09.29 21:33:36 | 727,676,928 | ---- | M] () -- C:\Users\chuckyxx\Bruegge sehen und sterben.avi
[2008.05.21 14:29:10 | 734,531,584 | ---- | M] () -- C:\Users\chuckyxx\Das beste kommt zum Schluss.avi
[2010.12.31 11:28:11 | 732,979,200 | ---- | M] () -- C:\Users\chuckyxx\district-ub_xvid_a.avi
[2010.12.31 12:21:09 | 734,783,488 | ---- | M] () -- C:\Users\chuckyxx\district-ub_xvid_b.avi
[2008.10.09 20:25:38 | 733,741,056 | ---- | M] () -- C:\Users\chuckyxx\empire-kirschblueten-xvid-cd1.avi
[2008.10.09 20:26:50 | 733,915,136 | ---- | M] () -- C:\Users\chuckyxx\empire-kirschblueten-xvid-cd2.avi
[2012.01.06 09:29:48 | 000,011,549 | ---- | M] () -- C:\Users\chuckyxx\Garderobe.odt
[2012.01.06 08:50:06 | 000,141,427 | ---- | M] () -- C:\Users\chuckyxx\Getränke Schnee 2.odt
[2011.11.23 11:45:59 | 000,035,810 | ---- | M] () -- C:\Users\chuckyxx\Holstein_060511.pdf
[2011.10.24 10:00:00 | 007,682,128 | ---- | M] () -- C:\Users\chuckyxx\LINGUISTIK Ersti Wegweiser WS 2012 24.10.2011.docx
[2009.04.26 14:37:37 | 1578,205,184 | ---- | M] () -- C:\Users\chuckyxx\Nordwand.German.2008.AC3.5.1.HD2DVDRip.XviD-Ms89.avi
[2011.10.10 09:45:23 | 000,021,430 | ---- | M] () -- C:\Users\chuckyxx\normal_Zodiac_WidderO-Arm.jpg
[2012.01.23 19:21:22 | 002,883,584 | -HS- | M] () -- C:\Users\chuckyxx\ntuser.dat
[2012.01.23 19:21:22 | 000,262,144 | -HS- | M] () -- C:\Users\chuckyxx\ntuser.dat.LOG1
[2010.10.02 10:20:21 | 000,000,000 | -HS- | M] () -- C:\Users\chuckyxx\ntuser.dat.LOG2
[2010.10.02 11:07:42 | 000,065,536 | -HS- | M] () -- C:\Users\chuckyxx\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.10.02 11:07:42 | 000,524,288 | -HS- | M] () -- C:\Users\chuckyxx\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.10.02 11:07:42 | 000,524,288 | -HS- | M] () -- C:\Users\chuckyxx\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2011.06.16 13:32:32 | 000,065,536 | -HS- | M] () -- C:\Users\chuckyxx\ntuser.dat{4843ae32-97e9-11e0-9148-90fba6842013}.TM.blf
[2011.06.16 13:32:32 | 000,524,288 | -HS- | M] () -- C:\Users\chuckyxx\ntuser.dat{4843ae32-97e9-11e0-9148-90fba6842013}.TMContainer00000000000000000001.regtrans-ms
[2011.06.16 13:32:32 | 000,524,288 | -HS- | M] () -- C:\Users\chuckyxx\ntuser.dat{4843ae32-97e9-11e0-9148-90fba6842013}.TMContainer00000000000000000002.regtrans-ms
[2010.12.14 06:44:27 | 000,065,536 | -HS- | M] () -- C:\Users\chuckyxx\ntuser.dat{69f05bd8-0740-11e0-ab26-90fba6842013}.TM.blf
[2010.12.14 06:44:27 | 000,524,288 | -HS- | M] () -- C:\Users\chuckyxx\ntuser.dat{69f05bd8-0740-11e0-ab26-90fba6842013}.TMContainer00000000000000000001.regtrans-ms
[2010.12.14 06:44:27 | 000,524,288 | -HS- | M] () -- C:\Users\chuckyxx\ntuser.dat{69f05bd8-0740-11e0-ab26-90fba6842013}.TMContainer00000000000000000002.regtrans-ms
[2010.11.25 15:45:32 | 000,065,536 | -HS- | M] () -- C:\Users\chuckyxx\NTUSER.DAT{afb5658a-f87f-11df-861f-90fba6842013}.TM.blf
[2010.11.25 15:45:32 | 000,524,288 | -HS- | M] () -- C:\Users\chuckyxx\NTUSER.DAT{afb5658a-f87f-11df-861f-90fba6842013}.TMContainer00000000000000000001.regtrans-ms
[2010.11.25 15:45:32 | 000,524,288 | -HS- | M] () -- C:\Users\chuckyxx\NTUSER.DAT{afb5658a-f87f-11df-861f-90fba6842013}.TMContainer00000000000000000002.regtrans-ms
[2010.10.02 10:20:21 | 000,000,020 | -HS- | M] () -- C:\Users\chuckyxx\ntuser.ini
[2012.01.06 09:34:13 | 000,309,104 | ---- | M] () -- C:\Users\chuckyxx\Rauchen.odt
[2011.12.28 09:56:16 | 000,250,421 | ---- | M] () -- C:\Users\chuckyxx\RKH_72_FP_2012_1.pdf
[2011.10.29 05:21:31 | 000,011,767 | ---- | M] () -- C:\Users\chuckyxx\rücknahme halloween.odt
[2011.11.23 12:34:59 | 001,041,191 | ---- | M] () -- C:\Users\chuckyxx\schneegestöber 2.0_2 copy.jpg
[2012.01.03 15:35:56 | 000,046,473 | ---- | M] () -- C:\Users\chuckyxx\schneegestöber 2.0_2 copy_600x600_100KB.jpg
[2011.06.22 09:08:24 | 000,024,971 | ---- | M] () -- C:\Users\chuckyxx\SOS_2010_Auslagestellen_neu.pdf
[2011.08.07 19:01:42 | 000,022,811 | ---- | M] () -- C:\Users\chuckyxx\SOS_2011_Abrechnung_01.pdf
[2011.12.27 09:26:58 | 000,113,482 | ---- | M] () -- C:\Users\chuckyxx\sp-studio.jpg
[2011.06.03 15:00:56 | 000,012,680 | ---- | M] () -- C:\Users\chuckyxx\sprüche.odt
[2011.12.28 09:52:14 | 000,087,106 | ---- | M] () -- C:\Users\chuckyxx\TFP_75_2.pdf
[2012.01.17 21:30:43 | 011,747,328 | -HS- | M] () -- C:\Users\chuckyxx\Thumbs.db
[2011.11.25 13:13:57 | 000,025,694 | ---- | M] () -- C:\Users\chuckyxx\vertrag sos 2012.pdf
[2011.09.18 02:20:18 | 029,868,696 | ---- | M] () -- C:\Users\chuckyxx\video-2011-09-18-03-19-08.mp4
[2010.12.19 09:19:46 | 000,000,162 | -H-- | M] () -- C:\Users\chuckyxx\~$diendebatte+Telephon.docx
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< End of report > --- --- --- |