Trojaner-Board - ein anderes symbol für das "öffnen" Zeichen im explorer

Code:

OTL logfile created on: 30.05.2013 19:57:37 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = E:\Downs

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 54,11% Memory free

8,00 Gb Paging File | 5,96 Gb Available in Paging File | 74,56% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,21 Gb Total Space | 157,10 Gb Free Space | 80,47% Space Free | Partition Type: NTFS

Drive E: | 698,63 Gb Total Space | 46,51 Gb Free Space | 6,66% Space Free | Partition Type: NTFS

Drive F: | 2,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive G: | 270,45 Gb Total Space | 270,35 Gb Free Space | 99,96% Space Free | Partition Type: NTFS

 

Computer Name: MAURICE-PC | User Name: Maurice | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - E:\Downs\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Users\Maurice\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Users\Maurice\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)

PRC - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (Conduit)

PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)

PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation)

PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()

MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll ()

MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll ()

MOD - C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll ()

MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll ()

MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll ()

MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll ()

MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll ()

MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll ()

MOD - C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY CBE\ENGINE\20.3.1.22\wincfi39.dll ()

 

 
 ========== Services (SafeList) ==========

 

SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (CltMngSvc) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (Conduit)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)

SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (HPSLPSVC) -- C:\Users\Maurice\AppData\Local\Temp\7zS2942\hpslpsvc64.dll (Hewlett-Packard Co.)

SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)

DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnets.sys (Symantec Corporation)

DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symefa64.sys (Symantec Corporation)

DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.sys (Symantec Corporation)

DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.sys (Symantec Corporation)

DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symds64.sys (Symantec Corporation)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ironx64.sys (Symantec Corporation)

DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.sys (Symantec Corporation)

DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)

DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)

DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()

DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130530.003\ex64.sys (Symantec Corporation)

DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130530.003\eng64.sys (Symantec Corporation)

DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130529.001\IDSviA64.sys (Symantec Corporation)

DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130515.001\BHDrvx64.sys (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 C6 08 58 18 5B CE 01  [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=sb&qsrc=2869

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Norton Safe Search"

FF - prefs.js..browser.search.defaultthis.engineName: "entrusted Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&CUI=UN36806589931318841&UM=2&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "hxxp://de.msn.com/?ocid=hmlogout"

FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8

FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15

FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.3.0.9%20-%205

FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.3.5.1

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0

FF - prefs.js..keyword.URL: "hxxp://nortonsafe.search.ask.com/web?o=APN10506&gct=kwd&qsrc=2869&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&q="

FF - prefs.js..network.proxy.autoconfig_url: "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('turntable.fm')%20!%3D%20-1%20%26%26%20url.indexOf('static.turntable.fm')%20%3D%3D%20-1%20%26%26%20url.indexOf('s3.amazonaws.com')%20%3D%3D%20-1%20%26%26%20url.indexOf('ping.chartbeat.net')%20%3D%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20's.hulu.com')%20%7B%20return%20'PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us06.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"

FF - prefs.js..network.proxy.type: 2

 

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Maurice\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\ [2013.05.26 20:12:57 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ [2013.05.30 17:15:49 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.05.26 20:50:31 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.26 20:28:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.05.26 20:50:31 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2013.05.26 20:10:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maurice\AppData\Roaming\mozilla\Extensions

[2013.05.29 16:24:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maurice\AppData\Roaming\mozilla\Firefox\Profiles\e0l4gydb.default\extensions

[2013.05.29 16:24:45 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Maurice\AppData\Roaming\mozilla\Firefox\Profiles\e0l4gydb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2013.05.26 20:11:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Maurice\AppData\Roaming\mozilla\Firefox\Profiles\e0l4gydb.default\extensions\ich@maltegoetz.de

[2013.05.20 20:20:58 | 000,374,078 | ---- | M] () (No name found) -- C:\Users\Maurice\AppData\Roaming\mozilla\firefox\profiles\e0l4gydb.default\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi

[2013.05.10 21:21:14 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Maurice\AppData\Roaming\mozilla\firefox\profiles\e0l4gydb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2013.05.03 13:12:52 | 000,006,511 | ---- | M] () -- C:\Users\Maurice\AppData\Roaming\mozilla\firefox\profiles\e0l4gydb.default\searchplugins\babylon.xml

[2013.05.03 13:12:52 | 000,006,511 | ---- | M] () -- C:\Users\Maurice\AppData\Roaming\mozilla\firefox\profiles\e0l4gydb.default\searchplugins\BrowserProtect.xml

[2013.05.26 20:21:57 | 000,000,995 | ---- | M] () -- C:\Users\Maurice\AppData\Roaming\mozilla\firefox\profiles\e0l4gydb.default\searchplugins\conduit.xml

[2013.03.31 19:17:54 | 000,001,294 | ---- | M] () -- C:\Users\Maurice\AppData\Roaming\mozilla\firefox\profiles\e0l4gydb.default\searchplugins\delta.xml

[2013.05.27 23:41:11 | 000,002,482 | ---- | M] () -- C:\Users\Maurice\AppData\Roaming\mozilla\firefox\profiles\e0l4gydb.default\searchplugins\safesearch.xml

[2013.05.27 08:27:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2013.05.27 08:27:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions

[2013.05.27 08:27:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2013.05.30 17:15:49 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\COFFPLGN

[2013.05.26 20:12:57 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPLGN

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)

O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\IPS\IPSBHO.DLL (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)

O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)

O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)

O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [Facebook Update] C:\Users\Maurice\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKCU..\Run: [SearchProtect] C:\Users\Maurice\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)

O4 - HKCU..\Run: [Spotify] C:\Users\Maurice\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)

O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Maurice\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

O4 - Startup: C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{116E2A05-8DA5-477F-B3A0-A3041167C3AC}: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008.10.26 23:38:22 | 000,000,072 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]

O32 - AutoRun File - [2005.09.26 22:16:28 | 000,253,952 | R--- | M] () - F:\autorun.exe -- [ CDFS ]

O33 - MountPoints2\{4f4d2b99-c62f-11e2-9e71-002215de5f9e}\Shell - "" = AutoRun

O33 - MountPoints2\{4f4d2b99-c62f-11e2-9e71-002215de5f9e}\Shell\AutoRun\command - "" = F:\CD_Start.exe -- [2008.09.11 22:53:38 | 000,831,488 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.05.29 00:17:11 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE

[2013.05.29 00:15:23 | 000,000,000 | ---D | C] -- C:\RegBackup

[2013.05.29 00:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker

[2013.05.29 00:01:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Resource Hacker

[2013.05.28 21:57:11 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\ElevatedDiagnostics

[2013.05.27 19:09:22 | 000,000,000 | ---D | C] -- C:\Users\Maurice\Documents\My Games

[2013.05.27 19:09:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3

[2013.05.27 16:32:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games

[2013.05.27 16:24:19 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

[2013.05.27 16:23:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information

[2013.05.27 16:19:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games

[2013.05.27 16:17:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield

[2013.05.27 15:23:52 | 001,139,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symefa64.sys

[2013.05.27 15:23:52 | 000,796,248 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.sys

[2013.05.27 15:23:52 | 000,493,656 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symds64.sys

[2013.05.27 15:23:52 | 000,432,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnets.sys

[2013.05.27 15:23:52 | 000,224,416 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ironx64.sys

[2013.05.27 15:23:52 | 000,168,096 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.sys

[2013.05.27 15:23:52 | 000,036,952 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.sys

[2013.05.27 15:23:52 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symelam.sys

[2013.05.27 15:23:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1403010.016

[2013.05.27 12:34:16 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Adobe

[2013.05.27 12:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe

[2013.05.27 12:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe

[2013.05.27 08:27:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2013.05.27 08:07:59 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Media Player Classic

[2013.05.27 01:14:52 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll

[2013.05.27 01:14:52 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll

[2013.05.27 01:14:51 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll

[2013.05.27 01:14:51 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll

[2013.05.26 20:56:01 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2013.05.26 20:55:47 | 000,000,000 | -HSD | C] -- C:\Boot

[2013.05.26 20:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG

[2013.05.26 20:53:25 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\HP

[2013.05.26 20:53:24 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\HP

[2013.05.26 20:49:58 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant

[2013.05.26 20:49:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool

[2013.05.26 20:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

[2013.05.26 20:48:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP

[2013.05.26 20:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard

[2013.05.26 20:48:41 | 000,000,000 | ---D | C] -- C:\Windows\hpoj4500g510g-m

[2013.05.26 20:48:19 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l70w.dll

[2013.05.26 20:47:55 | 000,000,000 | -H-D | C] -- C:\Config.Msi

[2013.05.26 20:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP

[2013.05.26 20:45:26 | 001,418,240 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwtiop5.dll

[2013.05.26 20:45:26 | 000,979,456 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpwwiax6.dll

[2013.05.26 20:45:26 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll

[2013.05.26 20:45:26 | 000,503,296 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwvst01.dll

[2013.05.26 20:45:25 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll

[2013.05.26 20:45:11 | 000,000,000 | ---D | C] -- C:\Users\Maurice\Documents\KONAMI

[2013.05.26 20:37:52 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll

[2013.05.26 20:37:52 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll

[2013.05.26 20:37:52 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll

[2013.05.26 20:37:52 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll

[2013.05.26 20:37:50 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll

[2013.05.26 20:37:50 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll

[2013.05.26 20:37:49 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll

[2013.05.26 20:37:49 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll

[2013.05.26 20:37:49 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll

[2013.05.26 20:37:49 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll

[2013.05.26 20:37:47 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll

[2013.05.26 20:37:47 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll

[2013.05.26 20:37:46 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll

[2013.05.26 20:37:46 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll

[2013.05.26 20:37:45 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll

[2013.05.26 20:37:45 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll

[2013.05.26 20:37:45 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll

[2013.05.26 20:37:45 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll

[2013.05.26 20:37:44 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll

[2013.05.26 20:37:44 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll

[2013.05.26 20:37:43 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll

[2013.05.26 20:37:43 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll

[2013.05.26 20:37:38 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll

[2013.05.26 20:37:38 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll

[2013.05.26 20:37:36 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll

[2013.05.26 20:37:36 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll

[2013.05.26 20:37:36 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll

[2013.05.26 20:37:36 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll

[2013.05.26 20:37:35 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll

[2013.05.26 20:37:35 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll

[2013.05.26 20:37:35 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll

[2013.05.26 20:37:35 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll

[2013.05.26 20:37:34 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll

[2013.05.26 20:37:34 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll

[2013.05.26 20:37:33 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll

[2013.05.26 20:37:33 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll

[2013.05.26 20:37:32 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll

[2013.05.26 20:37:32 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll

[2013.05.26 20:37:31 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll

[2013.05.26 20:37:31 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll

[2013.05.26 20:37:25 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\NVIDIA

[2013.05.26 20:36:58 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI

[2013.05.26 20:36:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KONAMI

[2013.05.26 20:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\HP

[2013.05.26 20:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories

[2013.05.26 20:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories

[2013.05.26 20:31:38 | 000,091,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll

[2013.05.26 20:31:38 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll

[2013.05.26 20:31:19 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\WinRAR

[2013.05.26 20:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2013.05.26 20:31:18 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2013.05.26 20:31:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2013.05.26 20:31:13 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Logitech® Webcam-Software

[2013.05.26 20:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteCap

[2013.05.26 20:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoundSpectrum

[2013.05.26 20:29:00 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Thunderbird

[2013.05.26 20:29:00 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Thunderbird

[2013.05.26 20:28:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird

[2013.05.26 20:26:31 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Spotify

[2013.05.26 20:26:10 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Spotify

[2013.05.26 20:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd

[2013.05.26 20:24:16 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Leadertech

[2013.05.26 20:23:50 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Skype

[2013.05.26 20:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2013.05.26 20:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2013.05.26 20:23:39 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype

[2013.05.26 20:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2013.05.26 20:23:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared

[2013.05.26 20:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64

[2013.05.26 20:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\MPC-HC

[2013.05.26 20:22:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd

[2013.05.26 20:22:52 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Programs

[2013.05.26 20:22:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech

[2013.05.26 20:22:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech

[2013.05.26 20:22:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd

[2013.05.26 20:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect

[2013.05.26 20:21:57 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\SearchProtect

[2013.05.26 20:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite

[2013.05.26 20:21:27 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Facebook

[2013.05.26 20:21:23 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys

[2013.05.26 20:21:21 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\DAEMON Tools Lite

[2013.05.26 20:21:20 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\OpenCandy

[2013.05.26 20:21:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite

[2013.05.26 20:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite

[2013.05.26 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP

[2013.05.26 20:15:10 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Macromedia

[2013.05.26 20:15:10 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Macromedia

[2013.05.26 20:15:10 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Adobe

[2013.05.26 20:14:55 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013.05.26 20:14:55 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013.05.26 20:14:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed

[2013.05.26 20:14:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed

[2013.05.26 20:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2013.05.26 20:13:25 | 000,000,000 | ---D | C] -- C:\Users\Maurice\Documents\Symantec

[2013.05.26 20:12:50 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2013.05.26 20:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2013.05.26 20:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec

[2013.05.26 20:12:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64

[2013.05.26 20:12:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security CBE

[2013.05.26 20:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security CBE

[2013.05.26 20:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2013.05.26 20:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup

[2013.05.26 20:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup

[2013.05.26 20:10:07 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Mozilla

[2013.05.26 20:10:07 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Mozilla

[2013.05.26 20:09:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2013.05.26 20:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2013.05.26 20:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

[2013.05.26 20:07:45 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2013.05.26 20:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

[2013.05.26 20:07:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies

[2013.05.26 20:07:23 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2013.05.26 20:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2013.05.26 20:06:55 | 006,393,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2013.05.26 20:06:55 | 003,472,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2013.05.26 20:06:55 | 002,555,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2013.05.26 20:06:55 | 000,237,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2013.05.26 20:06:55 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2013.05.26 20:06:43 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2013.05.26 20:06:43 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2013.05.26 20:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2013.05.26 20:06:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation

[2013.05.26 20:06:17 | 026,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2013.05.26 20:06:17 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2013.05.26 20:06:17 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2013.05.26 20:06:17 | 017,987,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2013.05.26 20:06:17 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2013.05.26 20:06:17 | 015,275,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2013.05.26 20:06:17 | 015,038,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2013.05.26 20:06:17 | 012,862,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2013.05.26 20:06:17 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2013.05.26 20:06:17 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2013.05.26 20:06:17 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2013.05.26 20:06:17 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2013.05.26 20:06:17 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2013.05.26 20:06:17 | 002,854,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2013.05.26 20:06:17 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2013.05.26 20:06:17 | 002,528,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2013.05.26 20:06:17 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2013.05.26 20:06:17 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2013.05.26 20:06:17 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll

[2013.05.26 20:06:17 | 001,510,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll

[2013.05.26 20:06:17 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll

[2013.05.26 20:06:17 | 001,114,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2013.05.26 20:06:17 | 000,963,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2013.05.26 20:06:17 | 000,250,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2013.05.26 20:06:17 | 000,205,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2013.05.26 20:06:17 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys

[2013.05.26 20:06:17 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll

[2013.05.26 20:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2013.05.26 20:05:52 | 000,000,000 | ---D | C] -- C:\NVIDIA

[2013.05.26 20:05:18 | 000,374,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvusmu.exe

[2013.05.26 20:04:45 | 000,496,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvusmb.exe

[2013.05.26 20:04:40 | 000,489,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE

[2013.05.26 20:03:20 | 000,000,000 | R--D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2013.05.26 20:03:20 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Searches

[2013.05.26 20:03:20 | 000,000,000 | R--D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2013.05.26 20:03:13 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll

[2013.05.26 20:03:13 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe

[2013.05.26 20:03:13 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll

[2013.05.26 20:03:07 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Identities

[2013.05.26 20:03:06 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll

[2013.05.26 20:03:06 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll

[2013.05.26 20:03:06 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll

[2013.05.26 20:03:03 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Contacts

[2013.05.26 20:03:00 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\VirtualStore

[2013.05.26 20:02:59 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll

[2013.05.26 20:02:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Vorlagen

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\AppData\Local\Verlauf

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\AppData\Local\Temporary Internet Files

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Startmenü

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\SendTo

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Recent

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Netzwerkumgebung

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Lokale Einstellungen

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Documents\Eigene Videos

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Documents\Eigene Musik

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Eigene Dateien

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Documents\Eigene Bilder

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Druckumgebung

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Cookies

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\AppData\Local\Anwendungsdaten

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Anwendungsdaten

[2013.05.26 20:02:42 | 000,000,000 | --SD | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Videos

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Saved Games

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Pictures

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Music

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Links

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Favorites

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Downloads

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Documents

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Desktop

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2013.05.26 20:02:42 | 000,000,000 | -H-D | C] -- C:\Users\Maurice\AppData

[2013.05.26 20:02:42 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Temp

[2013.05.26 20:02:42 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Microsoft

[2013.05.26 20:02:42 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Media Center Programs

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Recovery

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Programme

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten

[2013.05.26 19:59:30 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2013.05.26 19:57:02 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2013.05.26 19:56:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.05.30 19:31:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.05.30 17:26:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-109828015-1817874145-2282497711-1000UA.job

[2013.05.30 17:18:52 | 000,015,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013.05.30 17:18:52 | 000,015,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013.05.30 17:18:02 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013.05.30 17:18:02 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2013.05.30 17:18:02 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013.05.30 17:18:02 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2013.05.30 17:18:02 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013.05.30 17:13:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.05.30 17:13:39 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs

[2013.05.30 17:13:35 | 3220,623,360 | -HS- | M] () -- C:\hiberfil.sys

[2013.05.29 20:26:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-109828015-1817874145-2282497711-1000Core.job

[2013.05.29 16:23:07 | 012,600,914 | ---- | M] () -- C:\Users\Maurice\Desktop\Alex gaudino - destination calabria HQ.mp4

[2013.05.29 00:27:26 | 000,001,108 | ---- | M] () -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk

[2013.05.29 00:17:40 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE

[2013.05.29 00:16:01 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-MAURICE-PC-Microsoft-Windows-7-Home-Premium-(64-Bit).dat

[2013.05.27 18:17:55 | 001,424,089 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\Cat.DB

[2013.05.27 18:17:40 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\VT20130115.021

[2013.05.27 16:32:11 | 000,002,157 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk

[2013.05.27 08:22:48 | 000,000,471 | ---- | M] () -- C:\Users\Maurice\Desktop\Filme (G).lnk

[2013.05.27 01:10:51 | 000,275,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013.05.26 20:55:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2013.05.26 20:53:23 | 000,237,261 | ---- | M] () -- C:\Windows\hpwins26.dat

[2013.05.26 20:49:33 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[2013.05.26 20:47:24 | 000,001,737 | ---- | M] () -- C:\Users\Maurice\Desktop\pes2011.lnk

[2013.05.26 20:33:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf

[2013.05.26 20:22:18 | 000,000,009 | ---- | M] () -- C:\END

[2013.05.26 20:21:23 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys

[2013.05.26 20:14:55 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013.05.26 20:14:55 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013.05.26 20:12:50 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2013.05.26 20:12:50 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2013.05.26 20:12:50 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2013.05.26 20:10:37 | 000,000,477 | ---- | M] () -- C:\Users\Maurice\Desktop\EXTERNE (E).lnk

[2013.05.26 20:00:04 | 000,056,735 | ---- | M] () -- C:\Windows\SysWow64\license.rtf

[2013.05.26 20:00:04 | 000,056,735 | ---- | M] () -- C:\Windows\SysNative\license.rtf

 
 ========== Files Created - No Company Name ==========

 

[2013.05.29 16:23:01 | 012,600,914 | ---- | C] () -- C:\Users\Maurice\Desktop\Alex gaudino - destination calabria HQ.mp4

[2013.05.29 00:27:25 | 000,001,108 | ---- | C] () -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk

[2013.05.29 00:16:01 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-MAURICE-PC-Microsoft-Windows-7-Home-Premium-(64-Bit).dat

[2013.05.27 18:17:40 | 001,424,089 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\Cat.DB

[2013.05.27 18:17:40 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\VT20130115.021

[2013.05.27 16:32:10 | 000,002,157 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk

[2013.05.27 15:23:52 | 000,009,670 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symelam64.cat

[2013.05.27 15:23:52 | 000,007,611 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.cat

[2013.05.27 15:23:52 | 000,007,601 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnet64.cat

[2013.05.27 15:23:52 | 000,007,593 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\iron.cat

[2013.05.27 15:23:52 | 000,007,589 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.cat

[2013.05.27 15:23:52 | 000,007,587 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symefa64.cat

[2013.05.27 15:23:52 | 000,007,585 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.cat

[2013.05.27 15:23:52 | 000,007,581 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symds64.cat

[2013.05.27 15:23:52 | 000,003,434 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symefa.inf

[2013.05.27 15:23:52 | 000,002,852 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symds.inf

[2013.05.27 15:23:52 | 000,001,440 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnet.inf

[2013.05.27 15:23:52 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.inf

[2013.05.27 15:23:52 | 000,001,420 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.inf

[2013.05.27 15:23:52 | 000,000,996 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symelam.inf

[2013.05.27 15:23:52 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.inf

[2013.05.27 15:23:52 | 000,000,767 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\iron.inf

[2013.05.27 15:23:48 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symvtcer.dat

[2013.05.27 15:23:48 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\isolate.ini

[2013.05.27 12:30:00 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

[2013.05.27 08:22:48 | 000,000,471 | ---- | C] () -- C:\Users\Maurice\Desktop\Filme (G).lnk

[2013.05.26 20:55:49 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK

[2013.05.26 20:55:47 | 000,383,562 | RHS- | C] () -- C:\bootmgr

[2013.05.26 20:50:06 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk

[2013.05.26 20:49:33 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[2013.05.26 20:47:24 | 000,001,737 | ---- | C] () -- C:\Users\Maurice\Desktop\pes2011.lnk

[2013.05.26 20:47:15 | 000,237,261 | ---- | C] () -- C:\Windows\hpwins26.dat

[2013.05.26 20:47:15 | 000,000,370 | ---- | C] () -- C:\Windows\hpwmdl26.dat

[2013.05.26 20:33:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf

[2013.05.26 20:28:48 | 000,002,098 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

[2013.05.26 20:26:31 | 000,001,763 | ---- | C] () -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

[2013.05.26 20:24:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\lvuvc.hs

[2013.05.26 20:21:34 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-109828015-1817874145-2282497711-1000UA.job

[2013.05.26 20:21:30 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-109828015-1817874145-2282497711-1000Core.job

[2013.05.26 20:21:29 | 000,000,009 | ---- | C] () -- C:\END

[2013.05.26 20:20:52 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk

[2013.05.26 20:14:56 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.05.26 20:12:50 | 000,007,466 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2013.05.26 20:12:50 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2013.05.26 20:10:37 | 000,000,477 | ---- | C] () -- C:\Users\Maurice\Desktop\EXTERNE (E).lnk

[2013.05.26 20:10:01 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2013.05.26 20:06:55 | 003,035,306 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin

[2013.05.26 20:06:17 | 000,017,738 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb

[2013.05.26 20:05:20 | 000,003,948 | ---- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin

[2013.05.26 20:05:18 | 000,000,659 | ---- | C] () -- C:\Windows\SysNative\nvsmu.nvu

[2013.05.26 20:04:45 | 000,002,016 | ---- | C] () -- C:\Windows\SysNative\nvsmb.nvu

[2013.05.26 20:03:26 | 000,001,405 | ---- | C] () -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2013.05.26 20:03:22 | 000,001,439 | ---- | C] () -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2013.05.26 19:59:53 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

[2013.05.26 19:59:52 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

[2013.05.26 19:56:41 | 3220,623,360 | -HS- | C] () -- C:\hiberfil.sys

[2012.09.21 21:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll

[2012.09.21 21:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll

[2012.09.21 21:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 

< End of report >

:daumenhoc danke gruß moe

Code:

OTL logfile created on: 31.05.2013 11:12:22 - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Maurice\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 3,27 Gb Available Physical Memory | 81,85% Memory free

8,00 Gb Paging File | 6,85 Gb Available in Paging File | 85,72% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,21 Gb Total Space | 158,59 Gb Free Space | 81,24% Space Free | Partition Type: NTFS

Drive E: | 698,63 Gb Total Space | 46,49 Gb Free Space | 6,65% Space Free | Partition Type: NTFS

Drive F: | 2,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive G: | 270,45 Gb Total Space | 270,35 Gb Free Space | 99,96% Space Free | Partition Type: NTFS

 

Computer Name: MAURICE-PC | User Name: Maurice | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Maurice\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Users\Maurice\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation)

PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY CBE\ENGINE\20.3.1.22\wincfi39.dll ()

 

 
 ========== Services (SafeList) ==========

 

SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)

SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)

DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnets.sys (Symantec Corporation)

DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symefa64.sys (Symantec Corporation)

DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.sys (Symantec Corporation)

DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.sys (Symantec Corporation)

DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symds64.sys (Symantec Corporation)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ironx64.sys (Symantec Corporation)

DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.sys (Symantec Corporation)

DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)

DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)

DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()

DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130530.003\ex64.sys (Symantec Corporation)

DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20130530.003\eng64.sys (Symantec Corporation)

DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130530.001\IDSviA64.sys (Symantec Corporation)

DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130515.001\BHDrvx64.sys (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)

DRV - (EraserUtilDrv11220) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys (Symantec Corporation)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 C6 08 58 18 5B CE 01  [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = 

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Norton Safe Search"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "hxxp://de.msn.com/?ocid=hmlogout"

FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8

FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15

FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.3.5.1

FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.3.0.9%20-%205

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0

FF - prefs.js..network.proxy.autoconfig_url: "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(host%20%3D%3D%20's.hulu.com'%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20(url.indexOf('turntable.fm')%20!%3D%20-1%20%26%26%20url.indexOf('static.turntable.fm')%20%3D%3D%20-1%20%26%26%20url.indexOf('s3.amazonaws.com')%20%3D%3D%20-1%20%26%26%20url.indexOf('ping.chartbeat.net')%20%3D%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1)%20%7B%20return%20'PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us06.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"

FF - prefs.js..network.proxy.type: 2

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Maurice\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\ [2013.05.26 20:12:57 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ [2013.05.30 21:47:33 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.05.26 20:50:31 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.26 20:28:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.05.26 20:50:31 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2013.05.26 20:10:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maurice\AppData\Roaming\mozilla\Extensions

[2013.05.30 21:01:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maurice\AppData\Roaming\mozilla\Firefox\Profiles\e0l4gydb.default\extensions

[2013.05.29 16:24:45 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Maurice\AppData\Roaming\mozilla\Firefox\Profiles\e0l4gydb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2013.05.26 20:11:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Maurice\AppData\Roaming\mozilla\Firefox\Profiles\e0l4gydb.default\extensions\ich@maltegoetz.de

[2013.05.10 21:21:14 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Maurice\AppData\Roaming\mozilla\firefox\profiles\e0l4gydb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2013.05.27 08:27:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2013.05.27 08:27:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions

[2013.05.27 08:27:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2013.05.30 21:47:33 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\COFFPLGN

[2013.05.26 20:12:57 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPLGN

 

O1 HOSTS File: ([2013.05.30 21:41:01 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)

O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\IPS\IPSBHO.DLL (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)

O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)

O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [Facebook Update] C:\Users\Maurice\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKCU..\Run: [Spotify] C:\Users\Maurice\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)

O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Maurice\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

O4 - Startup: C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{116E2A05-8DA5-477F-B3A0-A3041167C3AC}: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008.10.26 23:38:22 | 000,000,072 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]

O32 - AutoRun File - [2005.09.26 22:16:28 | 000,253,952 | R--- | M] () - F:\autorun.exe -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.05.31 11:11:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Maurice\Desktop\OTL.exe

[2013.05.30 21:46:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2013.05.30 21:46:00 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2013.05.30 21:09:41 | 000,000,000 | ---D | C] -- C:\Users\Maurice\Desktop\Tweaking.com - Windows Repair

[2013.05.30 20:59:00 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2013.05.30 20:58:50 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Maurice\Desktop\JRT.exe

[2013.05.30 20:58:00 | 000,000,000 | ---D | C] -- C:\JRT

[2013.05.30 20:43:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013.05.30 20:37:09 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2013.05.30 20:37:09 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2013.05.30 20:37:09 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2013.05.30 20:36:26 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013.05.30 20:36:11 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2013.05.29 00:17:11 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE

[2013.05.29 00:15:23 | 000,000,000 | ---D | C] -- C:\RegBackup

[2013.05.29 00:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker

[2013.05.29 00:01:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Resource Hacker

[2013.05.28 21:57:11 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\ElevatedDiagnostics

[2013.05.27 19:09:22 | 000,000,000 | ---D | C] -- C:\Users\Maurice\Documents\My Games

[2013.05.27 19:09:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3

[2013.05.27 16:32:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games

[2013.05.27 16:24:19 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

[2013.05.27 16:23:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information

[2013.05.27 16:19:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games

[2013.05.27 16:17:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield

[2013.05.27 15:23:52 | 001,139,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symefa64.sys

[2013.05.27 15:23:52 | 000,796,248 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.sys

[2013.05.27 15:23:52 | 000,493,656 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symds64.sys

[2013.05.27 15:23:52 | 000,432,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnets.sys

[2013.05.27 15:23:52 | 000,224,416 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ironx64.sys

[2013.05.27 15:23:52 | 000,168,096 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.sys

[2013.05.27 15:23:52 | 000,036,952 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.sys

[2013.05.27 15:23:52 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symelam.sys

[2013.05.27 15:23:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1403010.016

[2013.05.27 12:34:16 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Adobe

[2013.05.27 12:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe

[2013.05.27 12:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe

[2013.05.27 08:27:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2013.05.27 08:07:59 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Media Player Classic

[2013.05.27 01:14:52 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll

[2013.05.27 01:14:52 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll

[2013.05.27 01:14:51 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll

[2013.05.27 01:14:51 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll

[2013.05.26 20:56:01 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2013.05.26 20:55:47 | 000,000,000 | ---D | C] -- C:\Boot

[2013.05.26 20:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG

[2013.05.26 20:53:25 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\HP

[2013.05.26 20:53:24 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\HP

[2013.05.26 20:49:58 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant

[2013.05.26 20:49:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool

[2013.05.26 20:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

[2013.05.26 20:48:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP

[2013.05.26 20:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard

[2013.05.26 20:48:41 | 000,000,000 | ---D | C] -- C:\Windows\hpoj4500g510g-m

[2013.05.26 20:48:19 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l70w.dll

[2013.05.26 20:47:55 | 000,000,000 | ---D | C] -- C:\Config.Msi

[2013.05.26 20:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP

[2013.05.26 20:45:26 | 001,418,240 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwtiop5.dll

[2013.05.26 20:45:26 | 000,979,456 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpwwiax6.dll

[2013.05.26 20:45:26 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll

[2013.05.26 20:45:26 | 000,503,296 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwvst01.dll

[2013.05.26 20:45:25 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll

[2013.05.26 20:45:11 | 000,000,000 | ---D | C] -- C:\Users\Maurice\Documents\KONAMI

[2013.05.26 20:37:52 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll

[2013.05.26 20:37:52 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll

[2013.05.26 20:37:52 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll

[2013.05.26 20:37:52 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll

[2013.05.26 20:37:50 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll

[2013.05.26 20:37:50 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll

[2013.05.26 20:37:49 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll

[2013.05.26 20:37:49 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll

[2013.05.26 20:37:49 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll

[2013.05.26 20:37:49 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll

[2013.05.26 20:37:47 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll

[2013.05.26 20:37:47 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll

[2013.05.26 20:37:46 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll

[2013.05.26 20:37:46 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll

[2013.05.26 20:37:45 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll

[2013.05.26 20:37:45 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll

[2013.05.26 20:37:45 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll

[2013.05.26 20:37:45 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll

[2013.05.26 20:37:44 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll

[2013.05.26 20:37:44 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll

[2013.05.26 20:37:43 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll

[2013.05.26 20:37:43 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll

[2013.05.26 20:37:38 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll

[2013.05.26 20:37:38 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll

[2013.05.26 20:37:36 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll

[2013.05.26 20:37:36 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll

[2013.05.26 20:37:36 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll

[2013.05.26 20:37:36 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll

[2013.05.26 20:37:35 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll

[2013.05.26 20:37:35 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll

[2013.05.26 20:37:35 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll

[2013.05.26 20:37:35 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll

[2013.05.26 20:37:34 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll

[2013.05.26 20:37:34 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll

[2013.05.26 20:37:33 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll

[2013.05.26 20:37:33 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll

[2013.05.26 20:37:32 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll

[2013.05.26 20:37:32 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll

[2013.05.26 20:37:31 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll

[2013.05.26 20:37:31 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll

[2013.05.26 20:37:25 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\NVIDIA

[2013.05.26 20:36:58 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI

[2013.05.26 20:36:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KONAMI

[2013.05.26 20:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\HP

[2013.05.26 20:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories

[2013.05.26 20:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories

[2013.05.26 20:31:38 | 000,091,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll

[2013.05.26 20:31:38 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll

[2013.05.26 20:31:19 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\WinRAR

[2013.05.26 20:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2013.05.26 20:31:18 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2013.05.26 20:31:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2013.05.26 20:31:13 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Logitech® Webcam-Software

[2013.05.26 20:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteCap

[2013.05.26 20:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoundSpectrum

[2013.05.26 20:29:00 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Thunderbird

[2013.05.26 20:29:00 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Thunderbird

[2013.05.26 20:28:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird

[2013.05.26 20:26:31 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Spotify

[2013.05.26 20:26:10 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Spotify

[2013.05.26 20:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd

[2013.05.26 20:24:16 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Leadertech

[2013.05.26 20:23:50 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Skype

[2013.05.26 20:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2013.05.26 20:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2013.05.26 20:23:39 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype

[2013.05.26 20:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2013.05.26 20:23:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared

[2013.05.26 20:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64

[2013.05.26 20:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\MPC-HC

[2013.05.26 20:22:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd

[2013.05.26 20:22:52 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Programs

[2013.05.26 20:22:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech

[2013.05.26 20:22:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech

[2013.05.26 20:22:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd

[2013.05.26 20:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite

[2013.05.26 20:21:27 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Facebook

[2013.05.26 20:21:23 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys

[2013.05.26 20:21:21 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\DAEMON Tools Lite

[2013.05.26 20:21:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite

[2013.05.26 20:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite

[2013.05.26 20:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP

[2013.05.26 20:15:10 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Macromedia

[2013.05.26 20:15:10 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Macromedia

[2013.05.26 20:15:10 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Adobe

[2013.05.26 20:14:55 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013.05.26 20:14:55 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013.05.26 20:14:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed

[2013.05.26 20:14:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed

[2013.05.26 20:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2013.05.26 20:13:25 | 000,000,000 | ---D | C] -- C:\Users\Maurice\Documents\Symantec

[2013.05.26 20:12:50 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2013.05.26 20:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2013.05.26 20:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec

[2013.05.26 20:12:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64

[2013.05.26 20:12:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security CBE

[2013.05.26 20:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security CBE

[2013.05.26 20:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2013.05.26 20:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup

[2013.05.26 20:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup

[2013.05.26 20:10:07 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Mozilla

[2013.05.26 20:10:07 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Mozilla

[2013.05.26 20:09:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2013.05.26 20:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2013.05.26 20:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

[2013.05.26 20:07:45 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2013.05.26 20:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

[2013.05.26 20:07:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies

[2013.05.26 20:07:23 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2013.05.26 20:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2013.05.26 20:06:55 | 006,393,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2013.05.26 20:06:55 | 003,472,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2013.05.26 20:06:55 | 002,555,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2013.05.26 20:06:55 | 000,237,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2013.05.26 20:06:55 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2013.05.26 20:06:43 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2013.05.26 20:06:43 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2013.05.26 20:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2013.05.26 20:06:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation

[2013.05.26 20:06:17 | 026,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2013.05.26 20:06:17 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2013.05.26 20:06:17 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2013.05.26 20:06:17 | 017,987,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2013.05.26 20:06:17 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2013.05.26 20:06:17 | 015,275,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2013.05.26 20:06:17 | 015,038,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2013.05.26 20:06:17 | 012,862,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2013.05.26 20:06:17 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2013.05.26 20:06:17 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2013.05.26 20:06:17 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2013.05.26 20:06:17 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2013.05.26 20:06:17 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2013.05.26 20:06:17 | 002,854,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2013.05.26 20:06:17 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2013.05.26 20:06:17 | 002,528,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2013.05.26 20:06:17 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2013.05.26 20:06:17 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2013.05.26 20:06:17 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll

[2013.05.26 20:06:17 | 001,510,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll

[2013.05.26 20:06:17 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll

[2013.05.26 20:06:17 | 001,114,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2013.05.26 20:06:17 | 000,963,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2013.05.26 20:06:17 | 000,250,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2013.05.26 20:06:17 | 000,205,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2013.05.26 20:06:17 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys

[2013.05.26 20:06:17 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll

[2013.05.26 20:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2013.05.26 20:05:52 | 000,000,000 | ---D | C] -- C:\NVIDIA

[2013.05.26 20:05:18 | 000,374,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvusmu.exe

[2013.05.26 20:04:45 | 000,496,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvusmb.exe

[2013.05.26 20:04:40 | 000,489,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE

[2013.05.26 20:03:20 | 000,000,000 | R--D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2013.05.26 20:03:20 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Searches

[2013.05.26 20:03:20 | 000,000,000 | R--D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2013.05.26 20:03:13 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll

[2013.05.26 20:03:13 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe

[2013.05.26 20:03:13 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll

[2013.05.26 20:03:07 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Identities

[2013.05.26 20:03:06 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll

[2013.05.26 20:03:06 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll

[2013.05.26 20:03:06 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll

[2013.05.26 20:03:03 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Contacts

[2013.05.26 20:03:00 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\VirtualStore

[2013.05.26 20:02:59 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll

[2013.05.26 20:02:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Vorlagen

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\AppData\Local\Verlauf

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\AppData\Local\Temporary Internet Files

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Startmenü

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\SendTo

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Recent

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Netzwerkumgebung

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Lokale Einstellungen

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Documents\Eigene Videos

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Documents\Eigene Musik

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Eigene Dateien

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Documents\Eigene Bilder

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Druckumgebung

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Cookies

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\AppData\Local\Anwendungsdaten

[2013.05.26 20:02:43 | 000,000,000 | -HSD | C] -- C:\Users\Maurice\Anwendungsdaten

[2013.05.26 20:02:42 | 000,000,000 | --SD | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Videos

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Saved Games

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Pictures

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Music

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Links

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Favorites

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Downloads

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Documents

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\Desktop

[2013.05.26 20:02:42 | 000,000,000 | R--D | C] -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2013.05.26 20:02:42 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Temp

[2013.05.26 20:02:42 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Local\Microsoft

[2013.05.26 20:02:42 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData\Roaming\Media Center Programs

[2013.05.26 20:02:42 | 000,000,000 | ---D | C] -- C:\Users\Maurice\AppData

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Programme

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente

[2013.05.26 20:02:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten

[2013.05.26 20:02:26 | 000,000,000 | ---D | C] -- C:\Recovery

[2013.05.26 19:57:02 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2013.05.26 19:56:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.05.31 11:11:23 | 000,000,835 | ---- | M] () -- C:\Users\Maurice\Desktop\ComboFix - Verknüpfung.lnk

[2013.05.31 11:05:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.05.31 11:05:43 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-109828015-1817874145-2282497711-1000UA.job

[2013.05.31 11:05:42 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.05.31 11:05:39 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs

[2013.05.30 21:53:38 | 000,015,632 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013.05.30 21:53:38 | 000,015,632 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013.05.30 21:50:50 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013.05.30 21:50:50 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2013.05.30 21:50:50 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013.05.30 21:50:50 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2013.05.30 21:50:50 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013.05.30 21:46:06 | 000,275,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013.05.30 21:45:53 | 3220,623,360 | -HS- | M] () -- C:\hiberfil.sys

[2013.05.30 21:44:39 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE

[2013.05.30 21:41:01 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2013.05.30 21:06:39 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat

[2013.05.30 20:57:52 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Maurice\Desktop\JRT.exe

[2013.05.30 20:53:59 | 000,000,322 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat

[2013.05.30 20:51:54 | 000,632,031 | ---- | M] () -- C:\Users\Maurice\Desktop\adwcleaner.exe

[2013.05.30 20:43:43 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_399

[2013.05.30 20:26:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-109828015-1817874145-2282497711-1000Core.job

[2013.05.30 19:56:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maurice\Desktop\OTL.exe

[2013.05.29 16:23:07 | 012,600,914 | ---- | M] () -- C:\Users\Maurice\Desktop\Alex gaudino - destination calabria HQ.mp4

[2013.05.29 00:27:26 | 000,001,108 | ---- | M] () -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk

[2013.05.29 00:16:01 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-MAURICE-PC-Microsoft-Windows-7-Home-Premium-(64-Bit).dat

[2013.05.27 18:17:55 | 001,424,089 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\Cat.DB

[2013.05.27 18:17:40 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\VT20130115.021

[2013.05.27 16:32:11 | 000,002,157 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk

[2013.05.27 08:22:48 | 000,000,471 | ---- | M] () -- C:\Users\Maurice\Desktop\Filme (G).lnk

[2013.05.26 20:55:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2013.05.26 20:53:23 | 000,237,261 | ---- | M] () -- C:\Windows\hpwins26.dat

[2013.05.26 20:49:33 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[2013.05.26 20:47:24 | 000,001,737 | ---- | M] () -- C:\Users\Maurice\Desktop\pes2011.lnk

[2013.05.26 20:33:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf

[2013.05.26 20:21:23 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys

[2013.05.26 20:14:55 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013.05.26 20:14:55 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013.05.26 20:12:50 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2013.05.26 20:12:50 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2013.05.26 20:12:50 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2013.05.26 20:10:37 | 000,000,477 | ---- | M] () -- C:\Users\Maurice\Desktop\EXTERNE (E).lnk

[2013.05.26 20:00:04 | 000,056,735 | ---- | M] () -- C:\Windows\SysWow64\license.rtf

[2013.05.26 20:00:04 | 000,056,735 | ---- | M] () -- C:\Windows\SysNative\license.rtf

 
 ========== Files Created - No Company Name ==========

 

[2013.05.31 11:11:23 | 000,000,835 | ---- | C] () -- C:\Users\Maurice\Desktop\ComboFix - Verknüpfung.lnk

[2013.05.30 21:06:39 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat

[2013.05.30 20:53:55 | 000,000,322 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat

[2013.05.30 20:52:24 | 000,632,031 | ---- | C] () -- C:\Users\Maurice\Desktop\adwcleaner.exe

[2013.05.30 20:37:09 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2013.05.30 20:37:09 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2013.05.30 20:37:09 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2013.05.30 20:37:09 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2013.05.30 20:37:09 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2013.05.29 16:23:01 | 012,600,914 | ---- | C] () -- C:\Users\Maurice\Desktop\Alex gaudino - destination calabria HQ.mp4

[2013.05.29 00:27:25 | 000,001,108 | ---- | C] () -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk

[2013.05.29 00:16:01 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-MAURICE-PC-Microsoft-Windows-7-Home-Premium-(64-Bit).dat

[2013.05.27 18:17:40 | 001,424,089 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\Cat.DB

[2013.05.27 18:17:40 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\VT20130115.021

[2013.05.27 16:32:10 | 000,002,157 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk

[2013.05.27 15:23:52 | 000,009,670 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symelam64.cat

[2013.05.27 15:23:52 | 000,007,611 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.cat

[2013.05.27 15:23:52 | 000,007,601 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnet64.cat

[2013.05.27 15:23:52 | 000,007,593 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\iron.cat

[2013.05.27 15:23:52 | 000,007,589 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.cat

[2013.05.27 15:23:52 | 000,007,587 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symefa64.cat

[2013.05.27 15:23:52 | 000,007,585 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.cat

[2013.05.27 15:23:52 | 000,007,581 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symds64.cat

[2013.05.27 15:23:52 | 000,003,434 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symefa.inf

[2013.05.27 15:23:52 | 000,002,852 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symds.inf

[2013.05.27 15:23:52 | 000,001,440 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnet.inf

[2013.05.27 15:23:52 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.inf

[2013.05.27 15:23:52 | 000,001,420 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.inf

[2013.05.27 15:23:52 | 000,000,996 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symelam.inf

[2013.05.27 15:23:52 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.inf

[2013.05.27 15:23:52 | 000,000,767 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\iron.inf

[2013.05.27 15:23:48 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symvtcer.dat

[2013.05.27 15:23:48 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\isolate.ini

[2013.05.27 12:30:00 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

[2013.05.27 08:22:48 | 000,000,471 | ---- | C] () -- C:\Users\Maurice\Desktop\Filme (G).lnk

[2013.05.26 20:55:49 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK

[2013.05.26 20:55:47 | 000,383,562 | RHS- | C] () -- C:\bootmgr

[2013.05.26 20:50:06 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk

[2013.05.26 20:49:33 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[2013.05.26 20:47:24 | 000,001,737 | ---- | C] () -- C:\Users\Maurice\Desktop\pes2011.lnk

[2013.05.26 20:47:15 | 000,237,261 | ---- | C] () -- C:\Windows\hpwins26.dat

[2013.05.26 20:47:15 | 000,000,370 | ---- | C] () -- C:\Windows\hpwmdl26.dat

[2013.05.26 20:33:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf

[2013.05.26 20:28:48 | 000,002,098 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

[2013.05.26 20:26:31 | 000,001,763 | ---- | C] () -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

[2013.05.26 20:24:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\lvuvc.hs

[2013.05.26 20:21:34 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-109828015-1817874145-2282497711-1000UA.job

[2013.05.26 20:21:30 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-109828015-1817874145-2282497711-1000Core.job

[2013.05.26 20:20:52 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk

[2013.05.26 20:14:56 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.05.26 20:12:50 | 000,007,466 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2013.05.26 20:12:50 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2013.05.26 20:10:37 | 000,000,477 | ---- | C] () -- C:\Users\Maurice\Desktop\EXTERNE (E).lnk

[2013.05.26 20:10:01 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2013.05.26 20:06:55 | 003,035,306 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin

[2013.05.26 20:06:17 | 000,017,738 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb

[2013.05.26 20:05:20 | 000,003,948 | ---- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin

[2013.05.26 20:05:18 | 000,000,659 | ---- | C] () -- C:\Windows\SysNative\nvsmu.nvu

[2013.05.26 20:04:45 | 000,002,016 | ---- | C] () -- C:\Windows\SysNative\nvsmb.nvu

[2013.05.26 20:03:26 | 000,001,405 | ---- | C] () -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2013.05.26 20:03:22 | 000,001,439 | ---- | C] () -- C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2013.05.26 19:59:53 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

[2013.05.26 19:59:52 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

[2013.05.26 19:56:41 | 3220,623,360 | -HS- | C] () -- C:\hiberfil.sys

[2012.09.21 21:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll

[2012.09.21 21:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll

[2012.09.21 21:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 

< End of report >

thx moe