Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Etwas minimiert mich auf den Desktop und das Ladezeichen neben der Maus erscheint

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 30.08.2012, 11:13   #1
moinmoin666
 
Etwas minimiert mich auf den Desktop und das Ladezeichen neben der Maus erscheint - Standard

Etwas minimiert mich auf den Desktop und das Ladezeichen neben der Maus erscheint



Hallo, ich habe keine Ahnung warum, aber in unregelmäßigen Abständen werde ich aus so gut wie jeder Vollbild-Anwendung geschmissen, besonders ärgerlich beim Guild Wars 2 zocken.


Ob es sich dabei um etwas "bösartiges" handelt kann ich noch nicht sagen. Zumindest kann ich nicht eingrenzen seid wann das Problem besteht , da es mir erst seid vorgestern aufgefallen ist.

Ich habe hier ein Mal ein OTA-Log wie im Thread gewünscht aufgesetzt. HijackThis zeigt mir nix an, zumidnest sind mir alle Prozesse bekannt oder sie sind von der Community als unbedenklich eingestuft.

Code:
ATTFilter
OTL logfile created on: 30.08.2012 12:05:38 - Run 2
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\***\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,96 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 47,31% Memory free
7,91 Gb Paging File | 5,81 Gb Available in Paging File | 73,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 10,96 Gb Free Space | 18,40% Space Free | Partition Type: NTFS
Drive G: | 931,41 Gb Total Space | 48,09 Gb Free Space | 5,16% Space Free | Partition Type: NTFS
Drive H: | 100,00 Mb Total Space | 71,86 Mb Free Space | 71,87% Space Free | Partition Type: NTFS
Drive J: | 100,01 Gb Total Space | 22,53 Gb Free Space | 22,53% Space Free | Partition Type: NTFS
Drive K: | 200,01 Gb Total Space | 16,94 Gb Free Space | 8,47% Space Free | Partition Type: NTFS
Drive L: | 165,75 Gb Total Space | 13,00 Gb Free Space | 7,84% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\UltraVNC\winvnc.exe (UltraVNC)
PRC - C:\Program Files (x86)\Folding@Home\smpd.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\pysqlite2._sqlite.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32com.shell.shell.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32api.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\_elementtree.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._html2.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\_socket.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._core_.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._controls_.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\windows._cacheinvalidation.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._windows_.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._gdi_.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._misc_.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\_ssl.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\unicodedata.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\pythoncom26.dll ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\_hashlib.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\pyexpat.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\wx._wizard.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32file.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\pywintypes26.dll ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\_ctypes.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32inet.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32process.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32pdh.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32event.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\win32crypt.pyd ()
MOD - C:\Users\MOTHER~1\AppData\Local\Temp\_MEI34762\select.pyd ()
MOD - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\mozjs.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (Intel(R) -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (uvnc_service) -- C:\Program Files (x86)\UltraVNC\winvnc.exe (UltraVNC)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (mpich2_smpd) -- C:\Program Files (x86)\Folding@Home\smpd.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (USBMULCD) -- C:\Windows\SysNative\drivers\CM10664.sys (C-Media Electronics Inc)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (UDTT7049) -- C:\Windows\SysNative\drivers\UDTT7049.sys ()
DRV:64bit: - (UDTT7049HID) -- C:\Windows\SysNative\drivers\UDTT7049HID.sys (DTV-DVB)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (cpudrv64) -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 35 52 97 51 42 80 CD 01  [binary data]
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = hxxp://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\..\SearchScopes\{D57C502F-5A2F-4363-B9CE-94C05E70770F}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
IE - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google Deutschland"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.tweakpc.de/"
FF - prefs.js..extensions.enabledItems: de_DE@dicts.j3e.de:20111003
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:3.3
FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.6.6
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.1
FF - prefs.js..extensions.enabledItems: {ca8b7b3d-b6e6-438f-b935-601b3de48d66}:1.1.5
FF - prefs.js..extensions.enabledItems: testpilot@labs.mozilla.com:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: brief@mozdev.org:1.5.4
FF - prefs.js..extensions.enabledItems: grwatcher@ajnasz.hu:1.6.1
FF - prefs.js..extensions.enabledItems: toolbar@alexa.com:2.14
FF - prefs.js..extensions.enabledItems: {9458ca25-39fd-4ba8-9520-acc5c0d877b6}:1.6
FF - prefs.js..extensions.enabledItems: {acbe8c0e-43df-4a61-a626-171d523e9353}:0.7.4
FF - prefs.js..extensions.enabledItems: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.39
FF - prefs.js..network.proxy.http: "193.27.209.200"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.10.27 18:40:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.18 17:17:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\components [2012.08.25 22:48:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\plugins [2012.08.25 22:47:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.18 20:47:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.17 12:35:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.0.12\extensions\\Components: C:\Program Files (x86)\SeaMonkey\components [2011.04.26 17:07:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.0.12\extensions\\Plugins: C:\Program Files (x86)\SeaMonkey\plugins [2012.08.17 12:35:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.10.27 18:40:40 | 000,000,000 | ---D | M]
 
[2011.03.08 16:58:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.03.08 16:58:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2012.08.15 19:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions
[2011.12.18 20:47:34 | 000,000,000 | ---D | M] (OPML Support) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\{9458ca25-39fd-4ba8-9520-acc5c0d877b6}
[2011.05.13 20:11:36 | 000,000,000 | ---D | M] (Firefox Throttle) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}
[2012.08.13 18:04:29 | 000,000,000 | ---D | M] (Wörterbuch Deutsch (de-DE), Hunspell-unterstützt) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\de_DE@dicts.j3e.de
[2012.05.23 22:13:13 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\foxyproxy@eric.h.jung
[2010.11.01 22:52:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\nostmp
[2010.10.19 21:01:31 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\helmljrs.default\extensions\vshare@toolbar
[2011.03.08 16:58:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\SeaMonkey\Profiles\pb14f0n5.default\extensions
[2012.08.27 22:58:00 | 000,002,400 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\helmljrs.default\searchplugins\google-deutschland---nicht-personalisiert.xml
[2010.09.25 15:45:37 | 000,001,583 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\helmljrs.default\searchplugins\web-search.xml
[2011.05.14 23:17:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.05.14 15:17:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.05.14 02:27:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011.12.18 17:17:05 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.08.13 18:04:29 | 000,488,027 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\{ACBE8C0E-43DF-4A61-A626-171D523E9353}.XPI
[2012.08.15 19:32:23 | 001,136,465 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI
[2012.05.30 11:16:41 | 000,068,479 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\{D57C9FF1-6389-48FC-B770-F78BD89B6E8A}.XPI
[2012.08.13 18:04:29 | 000,014,586 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\ADDON@SNIP-ME.DE.XPI
[2012.05.13 15:15:26 | 000,157,911 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\GRWATCHER@AJNASZ.HU.XPI
[2012.08.13 18:04:29 | 000,184,864 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
[2012.03.23 00:14:01 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012.04.20 11:09:38 | 000,344,888 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HELMLJRS.DEFAULT\EXTENSIONS\TOOLBAR@ALEXA.COM.XPI
[2011.05.14 02:27:37 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.23 12:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
 
O1 HOSTS File: ([2012.02.12 22:38:10 | 000,001,045 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com # alcohol 120% 
O1 - Hosts: 127.0.0.1 alcohol-soft.com # alcohol 120% 
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com # alcohol 120% 
O1 - Hosts: 127.0.0.1 mermaidconsulting.dk # alcohol 120% 
O1 - Hosts: 127.0.0.1 195.137.236.101
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O3 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O4:64bit: - HKLM..\Run: [Cm106Sound] C:\Windows\Syswow64\cm106.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler File not found
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1010..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1010..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UltraVNC Server.lnk = C:\Program Files (x86)\UltraVNC\winvnc.exe (UltraVNC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutorun_kl_notset = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2334266712-2998036081-3486327829-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06B9693C-6501-4126-AC5A-4030662D35DA}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0759967D-EFF6-42AE-867D-EE54FBD2C7F8}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D31217D-8B40-4FEA-B8A1-6F6BAE57D3CB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{601BBACB-68EF-48CB-A2C1-1B3C003EA639}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B2B4DAB-8197-474B-AEB1-6BBA43F03610}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3139496-1FE6-4357-A14B-02AE57FA9F6D}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA1EF694-E7D2-4431-AB44-952DA0181990}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CED74F0D-711F-4865-AB37-B8D46484349A}: DhcpNameServer = 131.234.137.24 131.234.137.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E1CC2593-9CBF-4CBB-A534-D12B7A566E7C}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F97654EA-87FD-4358-8108-1FF3D0C8D407}: NameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vsharechrome - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O33 - MountPoints2\{39cbe666-bcf7-11df-ba8c-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{39cbe666-bcf7-11df-ba8c-005056c00008}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{39cbe675-bcf7-11df-ba8c-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{39cbe675-bcf7-11df-ba8c-005056c00008}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{6b386cf6-22fe-11e0-9971-001fd0aeb263}\Shell - "" = AutoRun
O33 - MountPoints2\{6b386cf6-22fe-11e0-9971-001fd0aeb263}\Shell\AutoRun\command - "" = H:\preinst.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\SETUP.EXE
O33 - MountPoints2\I\Shell\configure\command - "" = I:\SETUP.EXE
O33 - MountPoints2\I\Shell\install\command - "" = I:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.30 11:56:41 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.08.29 16:21:25 | 000,000,000 | ---D | C] -- C:\Intel
[2012.08.29 16:15:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.08.29 16:15:11 | 006,198,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.08.29 16:15:11 | 003,266,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.08.29 16:15:11 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.08.29 16:15:11 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.08.29 16:15:11 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.08.29 16:14:57 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.08.29 16:14:57 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.08.29 16:14:57 | 000,000,000 | ---D | C] -- C:\temp
[2012.08.29 16:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.08.29 16:14:01 | 026,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.08.29 16:14:01 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.08.29 16:14:01 | 019,828,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.08.29 16:14:01 | 018,229,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.08.29 16:14:01 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.08.29 16:14:01 | 015,291,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.08.29 16:14:01 | 014,879,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.08.29 16:14:01 | 012,465,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.08.29 16:14:01 | 009,066,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.08.29 16:14:01 | 007,626,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.08.29 16:14:01 | 007,387,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012.08.29 16:14:01 | 006,100,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012.08.29 16:14:01 | 002,745,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.08.29 16:14:01 | 002,725,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.08.29 16:14:01 | 002,573,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.08.29 16:14:01 | 002,422,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.08.29 16:14:01 | 002,216,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.08.29 16:14:01 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.08.29 16:14:01 | 001,763,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.08.29 16:14:01 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.08.28 15:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012.08.28 15:06:04 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Guild Wars 2
[2012.08.28 01:12:03 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Breaking.Bad.S05E07.PROPER.HDTV.XviD-AFG
[2012.08.26 23:09:43 | 002,582,320 | ---- | C] (CPUID) -- C:\Users\***\Desktop\cpuz_x64.exe
[2012.08.26 21:27:37 | 000,189,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IPROSetMonitor.exe
[2012.08.26 21:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.08.26 21:27:26 | 000,336,728 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\PROUnstl.exe
[2012.08.26 21:25:48 | 000,358,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\e1c62x64.sys
[2012.08.26 21:25:48 | 000,098,496 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicInstC.dll
[2012.08.26 21:25:48 | 000,068,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\e1cmsg.dll
[2012.08.26 21:25:48 | 000,036,472 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicCo36.dll
[2012.08.25 22:47:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1
[2012.08.23 11:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.08.23 11:13:19 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.08.22 12:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2012.08.22 10:58:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinHTTrack
[2012.08.22 10:10:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Nuance
[2012.08.22 10:06:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\FLEXnet
[2012.08.22 10:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2012.08.22 10:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance
[2012.08.16 13:33:17 | 000,000,000 | --SD | C] -- C:\Users\***\Google Drive
[2012.08.15 17:17:30 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.15 17:17:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.15 17:17:30 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.15 17:17:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.15 17:17:29 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.15 17:17:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.15 17:17:29 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.15 17:17:28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.15 17:17:28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.15 17:17:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.15 17:17:27 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.15 17:17:27 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.15 17:17:26 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.15 14:05:44 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.15 14:05:42 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.15 14:05:42 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.15 14:05:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 14:05:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.15 14:05:42 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 14:05:41 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 14:05:40 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.13 18:45:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.08.13 18:45:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.08.13 18:45:38 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.08.13 18:45:37 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.08.13 18:45:37 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.08.13 18:43:10 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.08.13 18:43:09 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.08.13 18:43:09 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.08.13 18:43:07 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.08.13 18:43:07 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.08.13 18:43:07 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.08.13 18:43:06 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.08.13 18:43:06 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.08.13 18:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.08.13 18:01:24 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2012.08.13 18:01:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.08.13 18:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.08.13 17:45:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.30 12:06:51 | 010,892,808 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.30 12:06:51 | 003,689,698 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.30 12:06:51 | 003,344,560 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.30 12:06:51 | 002,995,858 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.30 12:06:51 | 000,006,872 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.30 12:01:57 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.30 12:01:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.30 12:01:49 | 3185,491,968 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.30 11:56:44 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.08.30 11:46:04 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.30 11:16:06 | 000,023,408 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 11:16:06 | 000,023,408 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 04:08:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.28 23:46:13 | 000,001,705 | ---- | M] () -- C:\Windows\Cm106.ini.imi
[2012.08.28 23:10:33 | 000,001,092 | ---- | M] () -- C:\Users\***\Desktop\TeamSpeak 3 Client.lnk
[2012.08.28 22:34:37 | 007,586,316 | ---- | M] () -- C:\Users\***\Desktop\GW2_Anfaengerguide_201208230117.pdf
[2012.08.28 15:07:37 | 000,000,598 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.08.23 11:16:03 | 000,002,115 | ---- | M] () -- C:\Users\***\AppData\Roaming\SAS7_000.DAT
[2012.08.22 15:46:00 | 026,228,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.08.22 15:46:00 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.08.22 15:46:00 | 019,828,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.08.22 15:46:00 | 018,229,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.08.22 15:46:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.08.22 15:46:00 | 015,291,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.08.22 15:46:00 | 014,879,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.08.22 15:46:00 | 012,465,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.08.22 15:46:00 | 009,066,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.08.22 15:46:00 | 007,626,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.08.22 15:46:00 | 007,387,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012.08.22 15:46:00 | 006,100,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012.08.22 15:46:00 | 002,745,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.08.22 15:46:00 | 002,725,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.08.22 15:46:00 | 002,573,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.08.22 15:46:00 | 002,422,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.08.22 15:46:00 | 002,216,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.08.22 15:46:00 | 001,866,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.08.22 15:46:00 | 001,763,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.08.22 15:46:00 | 001,482,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.08.22 15:46:00 | 000,060,776 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.08.22 15:46:00 | 000,052,584 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.08.22 15:46:00 | 000,016,366 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012.08.22 14:17:28 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.08.22 14:17:28 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.08.22 14:17:27 | 002,557,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.08.22 14:17:14 | 003,266,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.08.22 14:17:11 | 006,198,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.08.22 06:16:24 | 000,429,416 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.08.17 12:35:23 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.08.15 17:20:13 | 000,434,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.15 17:10:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.08.14 21:08:11 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.14 21:08:11 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.13 18:09:03 | 000,000,701 | ---- | M] () -- C:\Users\***\Desktop\Freigabe - Verknüpfung (2).lnk
[2012.08.13 18:06:12 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.13 18:01:30 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012.08.13 17:49:12 | 000,012,326 | ---- | M] () -- C:\Users\***\Desktop\Steam.exe.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.29 16:14:01 | 000,016,366 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.08.28 23:10:33 | 000,001,092 | ---- | C] () -- C:\Users\***\Desktop\TeamSpeak 3 Client.lnk
[2012.08.28 22:34:26 | 007,586,316 | ---- | C] () -- C:\Users\***\Desktop\GW2_Anfaengerguide_201208230117.pdf
[2012.08.28 15:07:37 | 000,000,598 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.08.26 21:27:27 | 000,001,904 | ---- | C] () -- C:\Windows\SysNative\SetupBD.din
[2012.08.26 21:25:48 | 000,003,114 | ---- | C] () -- C:\Windows\SysNative\e1c62x64.din
[2012.08.22 10:40:24 | 000,002,115 | ---- | C] () -- C:\Users\***\AppData\Roaming\SAS7_000.DAT
[2012.08.22 06:16:24 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.08.15 17:10:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.08.13 18:40:08 | 3185,491,968 | -HS- | C] () -- C:\hiberfil.sys
[2012.08.13 18:09:03 | 000,000,701 | ---- | C] () -- C:\Users\***\Desktop\Freigabe - Verknüpfung (2).lnk
[2012.08.13 17:49:12 | 000,012,326 | ---- | C] () -- C:\Users\***\Desktop\Steam.exe.lnk
[2012.05.08 14:00:44 | 000,010,639 | ---- | C] () -- C:\Users\***\a.r._elster_2048.pfx
[2012.03.30 13:46:43 | 000,000,218 | ---- | C] () -- C:\Users\***\.recently-used.xbel
[2012.02.06 14:24:50 | 000,000,664 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.11.26 16:07:24 | 000,111,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.11.26 16:07:19 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.11.26 16:03:01 | 000,000,535 | ---- | C] () -- C:\Windows\eReg.dat
[2011.08.14 17:27:21 | 000,000,538 | ---- | C] () -- C:\Windows\FICEDULA.INI
[2011.08.09 02:46:54 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.08.09 02:46:54 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.08.09 02:46:51 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.08.09 02:46:51 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.08.09 02:46:51 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.07.24 02:52:54 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011.04.21 23:26:58 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix106.dll
[2011.04.21 23:26:58 | 000,000,611 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2011.04.21 23:26:55 | 000,003,059 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
[2011.04.21 23:26:55 | 000,001,705 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2011.04.21 23:26:55 | 000,000,964 | ---- | C] () -- C:\Windows\cm106.ini
[2011.03.08 15:03:02 | 000,002,660 | ---- | C] () -- C:\Users\***\AppData\Roaming\TS3Client.rar
[2011.02.18 21:08:20 | 000,000,017 | ---- | C] () -- C:\Users\***\AppData\Local\resmon.resmoncfg
[2011.01.02 22:37:26 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2010.12.21 04:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.12.07 02:05:33 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2010.11.17 01:08:26 | 000,029,518 | ---- | C] () -- C:\Users\***\energy-report.html
[2010.10.27 18:38:18 | 000,245,227 | ---- | C] () -- C:\Windows\hpoins19.dat
[2010.10.27 18:38:18 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2010.10.05 00:14:28 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.09.13 22:56:31 | 000,000,136 | ---- | C] () -- C:\Windows\SysWow64\cpuz.ini
[2010.09.10 18:19:04 | 000,000,721 | ---- | C] () -- C:\Users\***\*** - Verknüpfung.lnk
[2010.09.01 21:00:51 | 000,006,838 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== LOP Check ==========
 
[2012.08.30 11:36:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.purple
[2011.05.14 03:05:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Anywhere Software
[2011.05.02 22:49:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Aqdeez
[2010.10.04 16:02:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\avidemux
[2010.10.17 16:46:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canneverbe Limited
[2012.08.27 11:40:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2012.08.30 12:02:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dropbox
[2011.12.30 03:39:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2012.01.30 20:28:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular
[2010.08.02 15:05:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\enchant
[2012.03.27 22:20:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FahMon
[2011.08.16 16:52:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Feedreader
[2012.01.11 17:15:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2011.02.21 16:42:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\fltk.org
[2010.11.16 22:02:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeArc
[2010.08.18 22:40:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2012.02.09 23:56:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GrabIt
[2012.03.30 12:30:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2011.12.20 18:57:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HD Tune Pro
[2010.09.02 17:51:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HFM
[2011.11.08 20:59:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Iremn
[2012.03.07 19:26:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LOVE
[2011.02.24 12:11:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAXON
[2011.05.19 23:30:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\NetMeter
[2012.08.30 12:05:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\NetSpeedMonitor
[2012.08.22 10:10:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nuance
[2010.08.25 13:04:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2011.07.07 21:27:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony
[2011.05.19 21:22:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TrafficMonitor
[2011.03.08 18:55:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TrueCrypt
[2012.08.29 10:07:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2012.08.30 12:02:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\uTorrent
[2010.12.14 16:11:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\xWeasel
[2012.08.26 22:08:34 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:7FFED16F

< End of report >
         
Edit: *** mit User-Namen getauscht

Alt 31.08.2012, 13:05   #2
moinmoin666
 
Etwas minimiert mich auf den Desktop und das Ladezeichen neben der Maus erscheint - Standard

Etwas minimiert mich auf den Desktop und das Ladezeichen neben der Maus erscheint



soo ich denke es war kein Schädling, denn nach dem ich die Medusa 5.1 NX Treiber deinstalliert habe von meinem USB-Headset war es weg. Zudem ist der Fehler reproduzierbar, wenn ich die Software wieder installiere.

Dennoch kann ich das Headset betreiben, wenn ich im Gerätemanager die Treiber aktualisiere ohne die Software von Speedlink.

Warum das so ist, kann ich natürlich immer noch nicht sagen. Aber ich denke damit hat es sich erledigt.
__________________


Antwort

Themen zu Etwas minimiert mich auf den Desktop und das Ladezeichen neben der Maus erscheint
adobe, application/pdf:, bho, brief, desktop, document, error, firefox, flash player, folding, format, google, hijack, hijackthis, home, langs, launch, logfile, maus, monitor.exe, mozilla, nvidia update, plug-in, problem, prozesse, realtek, registry, scan, security, senden, server, teamspeak, tracker, warum, windows




Ähnliche Themen: Etwas minimiert mich auf den Desktop und das Ladezeichen neben der Maus erscheint


  1. Blauer Bildschirm nach dem Anmelden auf dem Laptop. Desktop erscheint nicht.
    Log-Analyse und Auswertung - 08.09.2015 (5)
  2. Permanentes Ladezeichen an der Maus
    Log-Analyse und Auswertung - 19.04.2015 (17)
  3. Maus/Desktop/Webseiten reagieren manchmal nicht
    Plagegeister aller Art und deren Bekämpfung - 09.12.2014 (13)
  4. Programmfenster und Desktop Flackern.. Habe ich mir etwas eingefangen?
    Plagegeister aller Art und deren Bekämpfung - 14.06.2013 (3)
  5. Windows XP SP3 - Bildschirm weiß, Maus vorhanden, Desktop zeigt sich kurz wenn man ausschaltet
    Log-Analyse und Auswertung - 29.05.2013 (5)
  6. Mich hats erwischt... wohl etwas mit windows recovery
    Log-Analyse und Auswertung - 04.05.2012 (1)
  7. Sanduhr erscheint neben dem Cursor: dann kann ich nicht mehr schreiben
    Log-Analyse und Auswertung - 28.07.2010 (1)
  8. Sanduhr neben der maus geht nicht mehr weg !
    Log-Analyse und Auswertung - 13.02.2010 (2)
  9. Ständiger Rechtsklick auf Desktop und in Prog. o. das Maus / Tastatur angeschl. sind
    Plagegeister aller Art und deren Bekämpfung - 26.01.2010 (0)
  10. Seltsames Buttonfeld erscheint auf Desktop...
    Plagegeister aller Art und deren Bekämpfung - 21.01.2010 (0)
  11. Desktop blinkt Warning, Roter Kreis mit weißem Kreuz neben der Uhr.
    Plagegeister aller Art und deren Bekämpfung - 02.03.2009 (29)
  12. Maus/Desktop Probleme (virus/trojaner?)
    Log-Analyse und Auswertung - 16.01.2009 (1)
  13. Hilfe! Ich kann mich nicht mehr anmelden und etwas versucht selbst Passworteingabe
    Plagegeister aller Art und deren Bekämpfung - 16.07.2007 (11)
  14. Desktop erscheint nicht
    Alles rund um Windows - 10.09.2005 (6)
  15. pc fährt zwar hoch aber der desktop erscheint nicht
    Plagegeister aller Art und deren Bekämpfung - 13.05.2005 (17)
  16. Dialer !? Komplett weißer Desktop. Symbole da, kein DFÜ Symbol im TASK neben der Uhr
    Plagegeister aller Art und deren Bekämpfung - 14.01.2005 (2)
  17. Etwas zu viel für mich... HILFE!!
    Log-Analyse und Auswertung - 21.12.2004 (1)

Zum Thema Etwas minimiert mich auf den Desktop und das Ladezeichen neben der Maus erscheint - Hallo, ich habe keine Ahnung warum, aber in unregelmäßigen Abständen werde ich aus so gut wie jeder Vollbild-Anwendung geschmissen, besonders ärgerlich beim Guild Wars 2 zocken. Ob es sich dabei - Etwas minimiert mich auf den Desktop und das Ladezeichen neben der Maus erscheint...
Archiv
Du betrachtest: Etwas minimiert mich auf den Desktop und das Ladezeichen neben der Maus erscheint auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.