Vielen Dank für die nette Begrüßung, Zitat:
Zitat von Larusso
(Beitrag 906549)
Das sind mir die Liebsten. Wenn ich das Problem nicht lösen kann, wirst du da nicht drum rum kommen! | Tut mir leid das das zu dreißt klang, nunja die meisten Leute brüllen ja immer gleich "Windows Neu-Installieren", wenn jemand ein Problem nennt auf welcher jemand keine Lösung hat. Aber wenn dieser Fall wirklich einträfe müsste ich wohl damit leben. 2/Schritt 1:
Defogger installiert und ausgeführt. Nur auf "Disable" geclickt. Programm beendet und neugestartet. defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:53 on 03/09/2012 (Chris)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Disabled
-=E.O.F=- 2/Schritt 2:
OTL by Oldtimer herunter geladen und einen Quick-Scan ausgeführt mit normalen Settings hier die OTL-Log (Die andere ist im Anhang): Code:
OTL logfile created on: 03.09.2012 14:55:36 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Chris\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,99 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 65,24% Memory free
9,85 Gb Paging File | 8,33 Gb Available in Paging File | 84,56% Paging File free
Paging file location(s): c:\pagefile.sys 6000 6000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 30,12 Gb Free Space | 20,21% Space Free | Partition Type: NTFS
Drive H: | 1863,01 Gb Total Space | 1301,58 Gb Free Space | 69,86% Space Free | Partition Type: NTFS
Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012.09.03 14:55:03 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.17 19:33:35 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.09.15 02:19:54 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe
PRC - [2010.03.23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2010.02.25 05:15:20 | 000,724,992 | ---- | M] () -- C:\Mouse Driver\Tilt.exe
PRC - [2009.05.18 13:29:16 | 003,866,624 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
PRC - [2009.03.27 23:08:14 | 001,431,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
PRC - [2009.02.05 11:51:46 | 005,384,192 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
PRC - [2008.08.15 10:23:20 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
PRC - [2007.06.05 14:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe
========== Modules (No Company Name) ==========
MOD - [2010.02.25 05:15:20 | 000,724,992 | ---- | M] () -- C:\Mouse Driver\Tilt.exe
MOD - [2009.03.27 23:08:14 | 001,431,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
MOD - [2009.02.05 11:51:46 | 005,384,192 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
MOD - [2009.01.19 18:39:02 | 001,298,944 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV\OcProfile.dll
MOD - [2008.12.15 21:01:54 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV\TVOCLIB.DLL
MOD - [2008.12.10 21:27:56 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV\pngio.dll
MOD - [2008.02.25 16:08:54 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.dll
MOD - [2007.01.03 23:25:56 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite\AiNap\vvc.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.08.16 03:03:51 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.09.15 02:19:54 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe -- (mi-raysat_3dsmax2013_64)
SRV:64bit: - [2011.08.12 01:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011.06.13 22:21:14 | 000,343,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - [2009.06.06 01:42:04 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV:64bit: - [2007.02.12 13:45:26 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\Windows\SysNative\StkCSrv.exe -- (StkSSrv)
SRV - [2012.09.01 20:22:50 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.25 11:42:08 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 19:33:35 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.04.05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010.10.06 18:26:46 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010.03.23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.28 16:22:38 | 000,221,184 | ---- | M] (Droppix) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Droppix\DxService.exe -- (Droppix Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.15 10:23:20 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2007.06.05 14:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.08.16 02:20:30 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)
DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.04.13 15:04:38 | 000,045,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.09.21 12:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010.03.23 13:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010.02.08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009.12.21 21:02:56 | 000,058,936 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nchvsc64.sys -- (NCHVSC64)
DRV:64bit: - [2009.11.02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.10.29 20:19:01 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009.10.29 20:19:01 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.06 01:42:04 | 000,475,136 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2009.05.23 01:08:37 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009.05.22 22:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.02.09 04:29:00 | 000,176,680 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv61xx.sys -- (mv61xx)
DRV:64bit: - [2009.01.28 23:29:08 | 000,322,088 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv64xx.sys -- (mv64xx)
DRV:64bit: - [2008.11.16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2008.11.12 08:51:34 | 000,022,568 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mrdd.sys -- (mrdd)
DRV:64bit: - [2008.10.03 19:17:30 | 000,184,320 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2007.07.13 06:48:52 | 000,125,824 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aeaudio.sys -- (AEAudio)
DRV:64bit: - [2007.06.28 13:45:26 | 000,632,704 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StkCMini.sys -- (StkCMini)
DRV:64bit: - [2006.10.31 17:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2010.09.16 21:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2002.07.17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (ASPI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 36 03 29 0F 0B CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{F71548B9-8311-4D5F-8918-5A35DA9E5D1F}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: messagestyle-blackened@addons.instantbird.org:0.9
FF - prefs.js..extensions.enabledItems: default-palette@celtx.com:1.0
FF - prefs.js..extensions.enabledItems: messagestyle-depth@addons.instantbird.org:1.1
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.0
FF - prefs.js..extensions.enabledItems: messagestyle-minimal20@addons.instantbird.org:1.5
FF - prefs.js..extensions.enabledItems: emoticons-msn-smileys@m513901.de:0.1
FF - prefs.js..extensions.enabledItems: calendar-timezones@mozilla.org:0.1.2008d
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
[2010.08.08 18:20:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2010.08.08 18:20:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions\celtx@celtx.com
[2009.12.13 16:25:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010.08.08 18:20:22 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\CALENDAR-TIMEZONES@MOZILLA.ORG
[2010.08.08 18:20:22 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\DEFAULT-PALETTE@CELTX.COM
[2010.08.08 18:20:22 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\EMOTICONS-MSN-SMILEYS@M513901.DE
[2010.08.08 18:20:22 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\INSPECTOR@MOZILLA.ORG
[2010.08.08 18:20:22 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-BLACKENED@ADDONS.INSTANTBIRD.ORG
[2010.08.08 18:20:22 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-DEPTH@ADDONS.INSTANTBIRD.ORG
[2010.08.08 18:20:22 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-MINIMAL20@ADDONS.INSTANTBIRD.ORG
========== Chrome ==========
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: From Dust = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj\0.0.0.23_0\
CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2010.11.29 19:56:21 | 000,000,764 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WebSpeechBHO Class) - {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} - C:\Program Files (x86)\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Ai Nap] C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [Inno Tilt] C:\Mouse Driver\Tilt.exe ()
O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe ()
O4 - HKLM..\Run: [TurboV] C:\Program Files (x86)\ASUS\TurboV\TurboV.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O9 - Extra Button: WebSpeech - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Program Files (x86)\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
O9 - Extra 'Tools' menuitem : Seite/Markierung vorlesen (WebSpeech) - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Program Files (x86)\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: microsoft.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] * in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]* in Vertrauenswürdige Sites)
O16:64bit: - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2A95407-4013-49F7-AB25-6D40377BBDB7}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5752BBE-EA28-4F19-B9BE-3F841FBE5C44}: DhcpNameServer = 192.168.0.254 192.168.0.254 213.33.99.70
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~3\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.09 16:02:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0893b992-e3fc-11de-8943-90e6ba0d5ead}\Shell - "" = AutoRun
O33 - MountPoints2\{0893b992-e3fc-11de-8943-90e6ba0d5ead}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\setup.hta
O33 - MountPoints2\{1d50977c-d35f-11e1-8549-90e6ba0d5d49}\Shell - "" = AutoRun
O33 - MountPoints2\{1d50977c-d35f-11e1-8549-90e6ba0d5d49}\Shell\AutoRun\command - "" = E:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{1d50996a-d35f-11e1-8549-90e6ba0d5d49}\Shell - "" = AutoRun
O33 - MountPoints2\{1d50996a-d35f-11e1-8549-90e6ba0d5d49}\Shell\AutoRun\command - "" = E:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{3eae7703-e581-11de-a51d-90e6ba0d5ead}\Shell - "" = AutoRun
O33 - MountPoints2\{3eae7703-e581-11de-a51d-90e6ba0d5ead}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{6a6e877c-3971-11df-bf33-90e6ba0d5ead}\Shell - "" = AutoRun
O33 - MountPoints2\{6a6e877c-3971-11df-bf33-90e6ba0d5ead}\Shell\AutoRun\command - "" = G:\Spark7.exe
O33 - MountPoints2\{87bc7ed6-ece2-11e0-afc4-90e6ba0d5ead}\Shell - "" = AutoRun
O33 - MountPoints2\{87bc7ed6-ece2-11e0-afc4-90e6ba0d5ead}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{95203ab4-daad-11de-975c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{95203ab4-daad-11de-975c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\OblivionLauncher.exe
O33 - MountPoints2\{987452c5-d931-11dd-9724-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{987452c5-d931-11dd-9724-806e6f6e6963}\Shell\AutoRun\command - "" = D:\FalloutLauncher.exe
O33 - MountPoints2\{ba87b21f-e40d-11de-a546-90e6ba0d5ead}\Shell - "" = AutoRun
O33 - MountPoints2\{ba87b21f-e40d-11de-a546-90e6ba0d5ead}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\setup.hta
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Spark7.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.03 14:55:02 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2012.09.02 16:00:04 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{C68EAB66-E759-48B1-B31C-8D23A9BA9287}
[2012.09.02 15:58:31 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\uploadY
[2012.09.01 20:49:21 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Schule
[2012.09.01 20:33:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012.09.01 20:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012.09.01 20:28:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.09.01 20:15:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.09.01 20:15:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.09.01 20:15:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.09.01 20:15:11 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012.09.01 20:15:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.09.01 20:14:43 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.08.27 14:15:26 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Kleider
[2012.08.25 14:13:58 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\FalloutNV
[2012.08.24 13:59:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\Pictures\Documents\FFOutput
[2012.08.22 20:38:10 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.08.20 12:35:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Force-Studio
[2012.08.19 18:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.08.19 18:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.08.19 18:17:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.08.19 13:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\VS
[2012.08.19 11:41:46 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\FixItCenter
[2012.08.19 11:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2012.08.19 11:35:35 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2012.08.19 10:58:34 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Opera
[2012.08.19 09:16:14 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft Antimalware
[2012.08.16 22:35:12 | 000,000,000 | R--D | C] -- C:\Users\Chris\Pictures\Documents\Scanned Documents
[2012.08.16 22:35:11 | 000,000,000 | ---D | C] -- C:\Users\Chris\Pictures\Documents\Fax
[2012.08.16 15:03:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.16 15:03:21 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.16 15:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.16 03:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2012.08.16 03:14:27 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Autodesk
[2012.08.16 03:11:42 | 000,000,000 | ---D | C] -- C:\Users\Chris\Pictures\Documents\Inventor Server x64 3dsMax
[2012.08.16 03:10:29 | 000,000,000 | ---D | C] -- C:\Users\Chris\Pictures\Documents\Inventor Server x64 Direct Connect
[2012.08.16 03:07:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2012.08.16 03:03:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012.08.16 03:03:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2012.08.16 02:51:56 | 000,000,000 | ---D | C] -- C:\Users\Chris\Pictures\Documents\3dsMax
[2012.08.16 02:50:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2012.08.16 02:50:27 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2012.08.16 02:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2012.08.16 02:40:41 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Autodesk
[2012.08.16 02:40:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2012.08.16 02:20:29 | 000,270,912 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.08.14 21:48:44 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\forum
[2012.08.14 12:38:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\Pictures\Documents\Drakensang
[2012.08.13 17:03:55 | 000,000,000 | ---D | C] -- C:\Mouse Driver
[2012.08.11 22:55:41 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\xsecva
[2012.08.09 23:02:23 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Day 1 Studios
[2012.08.08 17:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakensang
[2012.08.08 16:39:48 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Captain Morgane
[2012.08.08 16:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\JustAdventure
[2012.08.08 16:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrickForce
[2012.08.08 16:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Z-Software
[2012.08.08 16:22:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rettungswagen Simulator 2012
[2012.08.07 18:42:02 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\SIX_Projects
[2012.08.04 17:04:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Subversion
[2012.08.04 17:03:15 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Subcommander
[2012.08.04 17:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subcommander Beta
[2012.08.04 17:03:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Subcommander Beta
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Chris\AppData\Roaming\*.tmp files -> C:\Users\Chris\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.03 14:59:00 | 000,016,432 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.03 14:59:00 | 000,016,432 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.03 14:58:46 | 000,001,404 | ---- | M] () -- C:\Users\Chris\Desktop\Text.rtf
[2012.09.03 14:55:03 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2012.09.03 14:53:09 | 000,000,020 | ---- | M] () -- C:\Users\Chris\defogger_reenable
[2012.09.03 14:51:45 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.03 14:51:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.03 14:51:16 | 3214,237,696 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.03 14:46:01 | 1199,083,791 | ---- | M] () -- C:\Users\Chris\Desktop\Autodesk_Maya_2013_English_Japanese_SimplifiedChinese_Win_64bit.exe
[2012.09.03 14:39:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-548999410-3667077559-1671350329-1000UA.job
[2012.09.03 14:30:15 | 000,001,734 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk Mudbox 2013 64-bit.lnk
[2012.09.03 14:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.03 14:20:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.03 13:16:12 | 381,518,327 | ---- | M] () -- C:\Users\Chris\Desktop\Autodesk_Mudbox_2013_EFGJ_Win_64bit.exe
[2012.09.02 20:39:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-548999410-3667077559-1671350329-1000Core.job
[2012.09.02 11:03:01 | 001,651,022 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.02 11:03:01 | 000,710,036 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.02 11:03:01 | 000,663,632 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.02 11:03:01 | 000,154,422 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.02 11:03:01 | 000,126,618 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.01 20:40:46 | 000,318,369 | ---- | M] () -- C:\Users\Chris\Desktop\HiJackThis.zip
[2012.09.01 20:34:37 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.09.01 20:34:01 | 001,672,608 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.24 12:37:33 | 000,402,963 | ---- | M] () -- C:\Users\Chris\Desktop\Projekt.jpg
[2012.08.24 12:08:51 | 000,043,655 | ---- | M] () -- C:\Users\Chris\.recently-used.xbel
[2012.08.23 17:01:52 | 001,102,128 | ---- | M] () -- C:\Users\Chris\Desktop\ProcessMonitor.zip
[2012.08.22 20:38:14 | 000,002,364 | ---- | M] () -- C:\Users\Chris\Desktop\Google Chrome.lnk
[2012.08.19 11:35:35 | 000,000,938 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
[2012.08.19 11:05:10 | 000,455,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.16 02:20:30 | 000,270,912 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.08.15 17:17:19 | 000,479,552 | ---- | M] () -- C:\Windows\za_mv_raid.ev
[2012.08.15 17:17:19 | 000,000,096 | ---- | M] () -- C:\Windows\za_mv_seqnum.ev
[2012.08.15 17:17:16 | 000,000,359 | ---- | M] () -- C:\Windows\SysWow64\mvcli.xml
[2012.08.15 00:18:32 | 000,692,255 | ---- | M] () -- C:\Users\Chris\Desktop\Mutant.jpg
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Chris\AppData\Roaming\*.tmp files -> C:\Users\Chris\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.03 14:53:09 | 000,000,020 | ---- | C] () -- C:\Users\Chris\defogger_reenable
[2012.09.03 14:44:35 | 000,001,404 | ---- | C] () -- C:\Users\Chris\Desktop\Text.rtf
[2012.09.03 14:30:15 | 000,001,734 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk Mudbox 2013 64-bit.lnk
[2012.09.03 12:04:38 | 381,518,327 | ---- | C] () -- C:\Users\Chris\Desktop\Autodesk_Mudbox_2013_EFGJ_Win_64bit.exe
[2012.09.03 12:03:13 | 1199,083,791 | ---- | C] () -- C:\Users\Chris\Desktop\Autodesk_Maya_2013_English_Japanese_SimplifiedChinese_Win_64bit.exe
[2012.09.01 20:40:36 | 000,318,369 | ---- | C] () -- C:\Users\Chris\Desktop\HiJackThis.zip
[2012.09.01 20:34:37 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012.09.01 20:34:14 | 000,001,922 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.09.01 20:15:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.09.01 20:15:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.09.01 20:15:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.09.01 20:15:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.09.01 20:15:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.08.24 12:37:32 | 000,402,963 | ---- | C] () -- C:\Users\Chris\Desktop\Projekt.jpg
[2012.08.24 12:08:51 | 000,043,655 | ---- | C] () -- C:\Users\Chris\.recently-used.xbel
[2012.08.23 17:01:49 | 001,102,128 | ---- | C] () -- C:\Users\Chris\Desktop\ProcessMonitor.zip
[2012.08.22 20:38:14 | 000,002,364 | ---- | C] () -- C:\Users\Chris\Desktop\Google Chrome.lnk
[2012.08.22 20:34:54 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-548999410-3667077559-1671350329-1000UA.job
[2012.08.22 20:34:52 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-548999410-3667077559-1671350329-1000Core.job
[2012.08.19 11:35:35 | 000,000,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk
[2012.08.19 11:35:35 | 000,000,938 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
[2012.08.19 10:58:12 | 000,001,866 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012.08.15 00:18:32 | 000,692,255 | ---- | C] () -- C:\Users\Chris\Desktop\Mutant.jpg
[2012.08.11 22:56:25 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{a42ddcab-8e79-0f32-96b9-20235462b3ad}\L\00000004.@
[2012.05.19 00:15:21 | 000,000,160 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\blckdom.res
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.01.11 12:25:03 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{a42ddcab-8e79-0f32-96b9-20235462b3ad}\@
[2012.01.11 12:25:03 | 000,002,048 | -HS- | C] () -- C:\Users\Chris\AppData\Local\{a42ddcab-8e79-0f32-96b9-20235462b3ad}\@
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.01.05 17:46:53 | 000,057,344 | ---- | C] () -- C:\Windows\StkUnist.exe
[2010.11.11 15:03:12 | 000,000,032 | ---- | C] () -- C:\ProgramData\io.ini
[2010.10.16 18:09:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.13 19:45:55 | 000,002,481 | ---- | C] () -- C:\Users\Chris\Setup.cfg
[2010.10.04 21:29:07 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\psfind.dll
[2010.09.03 18:39:20 | 000,000,020 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\hngmfc.dat
[2010.04.25 11:21:22 | 000,000,093 | ---- | C] () -- C:\Users\Chris\AppData\Local\fusioncache.dat
[2010.01.31 16:01:38 | 000,022,528 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.22 20:33:51 | 000,000,101 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\default.pls
[2009.12.08 17:35:56 | 000,001,024 | ---- | C] () -- C:\Users\Chris\.rnd
[2009.11.21 00:10:52 | 000,007,607 | ---- | C] () -- C:\Users\Chris\AppData\Local\resmon.resmoncfg
[2009.10.29 22:32:55 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
========== LOP Check ==========
[2010.10.06 18:07:02 | 000,000,000 | -HSD | M] -- C:\Users\Chris\AppData\Roaming\.#
[2012.07.06 16:23:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\.minecraft
[2011.10.17 21:14:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AnvSoft
[2012.08.24 15:08:04 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Audacity
[2012.08.16 03:22:47 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Autodesk
[2012.02.29 01:21:44 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Babylon
[2011.09.30 22:14:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Blender Foundation
[2010.10.01 21:09:10 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.03.26 08:09:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Dacoq
[2009.10.29 21:42:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DAEMON Tools
[2012.05.24 17:15:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DAEMON Tools Lite
[2012.08.09 23:02:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Day 1 Studios
[2012.04.17 17:32:15 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Droppix
[2012.05.24 19:09:47 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DVDVideoSoft
[2012.05.24 19:08:27 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.25 08:34:16 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\EasySetup
[2010.02.19 17:34:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Engelmann Media
[2012.08.27 15:09:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FileZilla
[2011.04.25 08:38:14 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FMZilla
[2012.01.30 14:19:02 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Free iPad Video Converter
[2010.11.01 16:39:04 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FreeFLVConverter
[2012.05.18 17:59:47 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Garmin
[2010.10.23 18:27:59 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\GetRightToGo
[2010.05.16 22:58:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\GoldWaveCDDB
[2010.08.08 18:20:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Greyfirst
[2012.08.16 18:42:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\gtk-2.0
[2011.03.22 12:55:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Hoqo
[2012.07.21 21:04:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\HTC
[2012.07.21 21:10:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.09.03 11:08:42 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ICQ
[2009.10.29 21:43:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\InterTrust
[2009.12.07 12:06:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\IrfanView
[2012.05.19 00:15:10 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\kock
[2011.08.31 22:59:32 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\LibreOffice
[2011.12.31 10:59:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\M8 Software
[2011.10.26 13:36:19 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Minecraft Backup Tool
[2010.02.26 10:13:38 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\NCH Swift Sound
[2012.05.24 19:09:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenCandy
[2012.08.19 10:58:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Opera
[2011.10.28 14:50:21 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Origin
[2010.09.28 16:59:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\REAPER
[2012.01.30 11:59:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\redsn0w
[2012.08.22 20:32:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\six-updater
[2012.07.29 23:26:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\six-zsync
[2012.05.12 17:18:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Software Informer
[2012.08.04 17:12:38 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Subcommander
[2012.08.04 17:04:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Subversion
[2011.09.16 10:21:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\svBuilder
[2011.04.13 17:29:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TeamViewer
[2012.07.12 01:00:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\The Creative Assembly
[2012.05.24 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TuneUp Software
[2012.05.20 22:57:15 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\UAs
[2012.06.27 21:52:44 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Ubisoft
[2011.10.02 12:51:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent
[2010.11.13 23:18:50 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Windows Live Writer
[2011.09.20 19:45:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\www.shadowexplorer.com
[2012.05.20 22:57:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\xmldm
[2012.08.13 15:03:18 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\xsecva
[2012.08.20 12:32:19 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 48 bytes -> C:\Windows:30822996520E741C
@Alternate Data Stream - 353 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:A1EDB939
< End of report > 2/Schritt 3:
Da ich ein 64 Bit-Windows habe übersprungen.
Kleinen Hinweis noch den ich oben vergessen habe:
Ich habe eine Externe-Festplatte die dauerhaft angesteckt ist. Vielen Dank für deine Hilfe! |