OTL Logfile: Code:
OTL logfile created on: 11.07.2012 14:25:48 - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = H:\Dokumente und Einstellungen\Stefan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 67,95% Memory free
3,85 Gb Paging File | 3,27 Gb Available in Paging File | 84,94% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Programme
Drive H: | 465,75 Gb Total Space | 126,68 Gb Free Space | 27,20% Space Free | Partition Type: NTFS
Drive I: | 125,48 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: TU-EBBA3B93496A | User Name: Stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.11 14:11:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- H:\Dokumente und Einstellungen\Stefan\Desktop\OTL.exe
PRC - [2012.06.27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- H:\Programme\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012.05.26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- H:\Dokumente und Einstellungen\Stefan\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
PRC - [2012.05.08 15:26:20 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- H:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 15:26:20 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- H:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 15:26:20 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- H:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 15:26:20 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- H:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- H:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.10.24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) -- H:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011.06.09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- H:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.11.27 01:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- H:\Programme\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010.11.27 01:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- H:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.05.25 20:53:50 | 002,155,848 | ---- | M] () -- H:\Programme\Acronis\DiskDirector\OSS\reinstall_svc.exe
PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- H:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- H:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- H:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008.12.28 11:58:55 | 000,073,728 | ---- | M] (Realtek Semiconductor Corp.) -- H:\WINDOWS\ALCFDRTM.EXE
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\explorer.exe
PRC - [2002.10.14 16:22:04 | 000,049,152 | ---- | M] (Lexmark International, Inc.) -- H:\Programme\Lexmark X74-X75\lxbbbmon.exe
PRC - [2002.10.14 16:12:34 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- H:\Programme\Lexmark X74-X75\lxbbbmgr.exe
========== Modules (No Company Name) ==========
MOD - [2012.07.09 18:11:10 | 002,042,848 | ---- | M] () -- H:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.05.08 15:26:21 | 000,398,288 | ---- | M] () -- H:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.02.19 23:07:48 | 008,527,008 | ---- | M] () -- H:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- H:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- H:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2010.07.04 23:32:36 | 000,004,608 | ---- | M] () -- H:\Programme\Unlocker\UnlockerHook.dll
MOD - [2010.05.25 20:53:50 | 002,155,848 | ---- | M] () -- H:\Programme\Acronis\DiskDirector\OSS\reinstall_svc.exe
MOD - [2010.03.31 23:30:12 | 000,473,704 | ---- | M] () -- H:\Programme\NVIDIA Corporation\nView\nvShell.dll
MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- H:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- H:\WINDOWS\system32\msdmo.dll
MOD - [2006.09.14 01:20:24 | 000,126,464 | ---- | M] () -- H:\Programme\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.07.10 19:51:16 | 004,419,392 | ---- | M] () [Auto | Running] -- h:\programme\gemeinsame dateien\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012.07.09 18:11:10 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- H:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- H:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.05.08 15:26:20 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- H:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 15:26:20 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- H:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- H:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- H:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.10.24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- H:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- H:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.12.14 19:01:00 | 004,041,064 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- H:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2010.11.27 01:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- H:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.05.25 20:53:50 | 002,155,848 | ---- | M] () [Auto | Running] -- H:\Programme\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- H:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- H:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- H:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- H:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- H:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\Programme\Garena\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\DOKUME~1\Stefan\LOKALE~1\Temp\ALZ2FA2.tmp -- (GarenaPEngine)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\DOKUME~1\Stefan\LOKALE~1\Temp\AMDPCI.sys -- (AMDPCI)
DRV - [2012.05.21 18:34:39 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.05.08 15:26:21 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 15:26:21 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- H:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- H:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.11.03 19:26:55 | 000,170,080 | ---- | M] (Acronis) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2010.07.04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- H:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.08.05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- H:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007.09.11 18:23:22 | 004,614,656 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.07.30 11:21:00 | 000,264,832 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007.06.29 15:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2001.08.17 14:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - H:\Programme\SFT_de3\prxtbSFT0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_de
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.at"
FF - prefs.js..network.proxy.no_proxies_on: "*.local,127.0.0.1:9421,"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: H:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: H:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: H:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: H:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: H:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: h:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: H:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: H:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: h:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: H:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: H:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: H:\Dokumente und Einstellungen\Stefan\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: H:\Programme\Mozilla Firefox\components [2012.07.09 18:11:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: H:\Programme\Mozilla Firefox\plugins
[2012.02.19 22:28:29 | 000,000,000 | ---D | M] (No name found) -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Mozilla\Extensions
[2010.07.03 14:48:02 | 000,000,000 | ---D | M] (No name found) -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Mozilla\Firefox\extensions
[2010.07.03 14:48:02 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2012.05.22 19:43:05 | 000,000,000 | ---D | M] (No name found) -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Mozilla\Firefox\Profiles\kazkypbg.default\extensions
[2012.05.22 19:38:21 | 000,000,000 | ---D | M] (No name found) -- H:\Programme\Mozilla Firefox\extensions
[2012.05.31 16:42:27 | 000,000,000 | ---D | M] (Skype Click to Call) -- H:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.09 18:11:12 | 000,085,472 | ---- | M] (Mozilla Foundation) -- H:\Programme\mozilla firefox\components\browsercomps.dll
[2012.04.21 03:18:25 | 000,002,252 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:18:25 | 000,002,040 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2001.08.23 14:00:00 | 000,000,820 | ---- | M]) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - H:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - H:\Programme\SFT_de3\prxtbSFT0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SFT_de3 Toolbar) - {ff88a983-649d-4207-9336-9b999280b436} - H:\Programme\SFT_de3\prxtbSFT0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\..\Toolbar\WebBrowser: (SFT_de3 Toolbar) - {FF88A983-649D-4207-9336-9B999280B436} - H:\Programme\SFT_de3\prxtbSFT0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] H:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] H:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [amd_dc_opt] H:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] H:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] H:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BabylonToolbar] "H:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I File not found
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Lexmark X74-X75] H:\Programme\Lexmark X74-X75\lxbbbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] H:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] H:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] H:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Smart File Advisor] H:\Programme\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKLM..\Run: [SunJavaUpdateSched] H:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrayServer] H:\Programme\MAGIX\Video_deluxe_16_Plus_Sonderedition\Trayserver.exe (MAGIX AG)
O4 - HKLM..\Run: [UnlockerAssistant] H:\Programme\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-1482476501-1979792683-682003330-1003..\Run: [Akamai NetSession Interface] H:\Dokumente und Einstellungen\Stefan\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-1482476501-1979792683-682003330-1003..\Run: [DAEMON Tools Lite] H:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: H:\Dokumente und Einstellungen\Stefan\Startmenü\Programme\Autostart\pkg_0ll.exe.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-1979792683-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O8 - Extra context menu item: Add to Google Photos Screensa&ver - H:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab (IGDTester Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7AFADA4-2865-4BFA-8571-20D726B06874}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - H:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\WINDOWS\system32\userinit.exe) - H:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: H:\Dokumente und Einstellungen\Stefan\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: H:\Dokumente und Einstellungen\Stefan\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O31 - SafeBoot: AlternateShell - H:\Dokumente und Einstellungen\Stefan\Lokale Einstellungen\Temp\pkg_0ll.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.11.22 09:47:02 | 000,000,056 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{3a152141-a350-11e1-9379-003018a36b83}\Shell - "" = AutoRun
O33 - MountPoints2\{3a152141-a350-11e1-9379-003018a36b83}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3a152141-a350-11e1-9379-003018a36b83}\Shell\AutoRun\command - "" = I:\PuertoRicoSetup.exe -- [2005.10.24 08:27:42 | 077,405,351 | R--- | M] ()
O33 - MountPoints2\{63f5be0e-e4ed-11de-8eb9-003018a36b83}\Shell - "" = AutoRun
O33 - MountPoints2\{63f5be0e-e4ed-11de-8eb9-003018a36b83}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{63f5be0e-e4ed-11de-8eb9-003018a36b83}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{fd3406a6-ecff-11dd-8db6-003018a36b83}\Shell - "" = AutoRun
O33 - MountPoints2\{fd3406a6-ecff-11dd-8db6-003018a36b83}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fd3406a6-ecff-11dd-8db6-003018a36b83}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpReg: Skype - hkey= - key= - H:\Programme\Skype\Phone\Skype.exe (Skype Technologies S.A.)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - H:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - H:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: nm.sys - H:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection H:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection H:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - H:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - h:\WINDOWS\system32\Rundll32.exe h:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - H:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - H:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - H:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "H:\WINDOWS\system32\rundll32.exe" "H:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - H:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - H:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - H:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - H:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - H:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - H:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - H:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - H:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - H:\WINDOWS\System32\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv50 - H:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - H:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - H:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - H:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.07.11 14:20:13 | 000,595,968 | ---- | C] (OldTimer Tools) -- H:\Dokumente und Einstellungen\Stefan\Desktop\OTL.exe
[2012.07.11 13:10:45 | 000,000,000 | ---D | C] -- H:\WINDOWS\LastGood
[2012.07.09 17:57:58 | 000,000,000 | ---D | C] -- H:\Programme\LogMeIn Hamachi
[2012.07.09 17:57:58 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\LogMeIn Hamachi
[2012.07.09 14:02:04 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Malwarebytes
[2012.06.20 22:24:37 | 000,000,000 | ---D | C] -- H:\Programme\ESET
[2012.06.20 22:22:51 | 002,322,184 | ---- | C] (ESET) -- H:\Dokumente und Einstellungen\Stefan\Desktop\esetsmartinstaller_enu.exe
[2012.06.14 20:17:07 | 000,000,000 | -HSD | C] -- H:\WINDOWS\CSC
[2012.06.12 12:55:38 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.06.12 12:55:31 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.06.12 12:55:30 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- H:\WINDOWS\System32\drivers\mbam.sys
[2012.06.12 12:55:30 | 000,000,000 | ---D | C] -- H:\Programme\Malwarebytes' Anti-Malware
[2012.06.11 23:38:19 | 000,000,000 | -HSD | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[6 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]
[5 H:\WINDOWS\System32\*.tmp files -> H:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.11 14:25:00 | 000,001,090 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.11 14:11:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- H:\Dokumente und Einstellungen\Stefan\Desktop\OTL.exe
[2012.07.11 13:08:31 | 000,002,206 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2012.07.11 13:08:31 | 000,001,086 | ---- | M] () -- H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.11 13:05:33 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2012.07.10 19:54:06 | 000,002,243 | ---- | M] () -- H:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2012.07.10 15:20:06 | 000,376,856 | ---- | M] () -- H:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.10 13:10:20 | 000,480,796 | ---- | M] () -- H:\WINDOWS\System32\perfh007.dat
[2012.07.10 13:10:20 | 000,459,490 | ---- | M] () -- H:\WINDOWS\System32\perfh009.dat
[2012.07.10 13:10:20 | 000,093,770 | ---- | M] () -- H:\WINDOWS\System32\perfc007.dat
[2012.07.10 13:10:20 | 000,078,686 | ---- | M] () -- H:\WINDOWS\System32\perfc009.dat
[2012.07.10 13:03:43 | 000,001,374 | ---- | M] () -- H:\WINDOWS\imsins.BAK
[2012.07.10 12:58:47 | 000,618,655 | ---- | M] () -- H:\Dokumente und Einstellungen\Stefan\Desktop\adwcleaner.exe
[2012.07.09 20:43:39 | 000,000,813 | ---- | M] () -- H:\Dokumente und Einstellungen\Stefan\Desktop\Minecraft_Server (2).lnk
[2012.07.09 20:38:34 | 000,000,716 | ---- | M] () -- H:\Dokumente und Einstellungen\Stefan\Desktop\MinecraftSP (2).lnk
[2012.07.09 17:57:59 | 000,000,665 | ---- | M] () -- H:\Dokumente und Einstellungen\All Users\Desktop\LogMeIn Hamachi.lnk
[2012.06.21 19:41:02 | 000,000,664 | ---- | M] () -- H:\WINDOWS\System32\d3d9caps.dat
[2012.06.20 22:08:12 | 002,322,184 | ---- | M] (ESET) -- H:\Dokumente und Einstellungen\Stefan\Desktop\esetsmartinstaller_enu.exe
[2012.06.14 20:16:16 | 000,000,813 | ---- | M] () -- H:\Dokumente und Einstellungen\Stefan\Startmenü\Programme\Autostart\pkg_0ll.exe.lnk
[2012.06.12 12:55:38 | 000,000,756 | ---- | M] () -- H:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[6 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]
[5 H:\WINDOWS\System32\*.tmp files -> H:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.10 12:58:47 | 000,618,655 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\Desktop\adwcleaner.exe
[2012.07.09 20:43:39 | 000,000,813 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\Desktop\Minecraft_Server (2).lnk
[2012.07.09 20:38:34 | 000,000,716 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\Desktop\MinecraftSP (2).lnk
[2012.06.14 20:19:42 | 000,000,664 | ---- | C] () -- H:\WINDOWS\System32\d3d9caps.dat
[2012.06.12 12:55:38 | 000,000,756 | ---- | C] () -- H:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.12 11:14:41 | 000,000,813 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\Startmenü\Programme\Autostart\pkg_0ll.exe.lnk
[2012.05.23 13:05:18 | 000,011,867 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\TheHunterSettings_live.bin
[2012.05.22 23:56:51 | 000,000,048 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\TheHunterSettings_live.cfg
[2012.04.13 20:55:20 | 000,000,604 | -H-- | C] () -- H:\Programme\STLL Notifier
[2012.02.16 20:09:30 | 000,003,072 | ---- | C] () -- H:\WINDOWS\System32\iacenc.dll
[2012.02.02 14:36:31 | 000,051,186 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\room_v3.dat
[2012.01.19 10:00:02 | 000,273,344 | ---- | C] () -- H:\WINDOWS\System32\nvdrsdb1.bin
[2012.01.19 10:00:02 | 000,273,344 | ---- | C] () -- H:\WINDOWS\System32\nvdrsdb0.bin
[2012.01.19 10:00:02 | 000,000,001 | ---- | C] () -- H:\WINDOWS\System32\nvdrssel.bin
[2012.01.19 09:59:31 | 002,128,778 | ---- | C] () -- H:\WINDOWS\System32\nvdata.data
[2012.01.02 22:49:49 | 000,000,218 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\.recently-used.xbel
[2011.07.14 17:35:30 | 000,000,139 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2011.06.19 23:09:21 | 000,000,046 | ---- | C] () -- H:\WINDOWS\mxcdr.INI
[2011.05.17 20:04:26 | 000,000,301 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\rftg
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- H:\WINDOWS\System32\xlive.dll.cat
[2011.02.17 18:28:14 | 000,000,325 | ---- | C] () -- H:\WINDOWS\LEXSTAT.INI
[2011.02.17 18:21:59 | 000,000,184 | ---- | C] () -- H:\WINDOWS\System32\lxbbcoin.ini
[2010.11.25 00:14:16 | 000,000,000 | ---- | C] () -- H:\WINDOWS\b-mpeg-mp4-converter.INI
[2010.08.08 17:51:03 | 000,089,168 | -H-- | C] () -- H:\WINDOWS\System32\mlfcache.dat
[2010.07.15 19:15:34 | 000,027,648 | ---- | C] () -- H:\WINDOWS\System32\AVSredirect.dll
[2009.12.19 14:29:15 | 000,000,380 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\SciTE.session
[2009.06.13 15:06:21 | 000,125,440 | ---- | C] () -- H:\Dokumente und Einstellungen\Stefan\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.13 11:36:06 | 035,950,872 | R--- | C] () -- H:\Programme\PhysX_8.10.13_SystemSoftware.exe
========== LOP Check ==========
[2010.11.03 19:28:06 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2010.09.28 17:56:49 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Age of Empires 3
[2012.01.03 14:02:16 | 000,000,000 | -H-D | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.05.21 18:36:32 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010.11.16 21:24:02 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Firefly Studios
[2012.05.22 19:19:56 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hunter
[2011.10.20 12:48:48 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2011.05.07 16:34:34 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound
[2012.06.11 23:39:33 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010.11.03 19:32:15 | 000,000,000 | -HSD | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2012.06.11 23:38:19 | 000,000,000 | -HSD | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011.12.27 00:03:37 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.11.14 16:42:53 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2012.07.09 18:05:11 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
[2011.12.17 15:18:23 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\.minecraft
[2010.07.20 21:26:41 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\AUTOSICH
[2009.02.17 20:51:36 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\BitCometLite
[2012.05.05 20:32:28 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Code Force Limited
[2012.05.21 18:36:00 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\DAEMON Tools Lite
[2012.01.07 14:41:28 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\DVDVideoSoft
[2011.03.27 23:25:33 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.11.12 16:46:15 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Firefly Studios
[2012.02.11 00:15:18 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\GetRightToGo
[2010.09.30 20:28:01 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\GHISLER
[2012.05.16 18:50:13 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\gtk-2.0
[2010.05.12 16:20:58 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\LolClient
[2010.04.23 16:14:35 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2012.05.24 13:41:24 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\LolClient2
[2011.10.20 13:31:55 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\MAGIX
[2011.05.07 16:34:34 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\NCH Swift Sound
[2012.02.19 22:43:11 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Opera
[2010.01.28 23:55:57 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Playrix Entertainment
[2008.12.28 11:49:04 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\TMP
[2012.06.05 21:55:30 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\TS3Client
[2012.06.11 23:39:32 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\TuneUp Software
[2011.10.01 11:53:07 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Unity
[2008.12.31 13:17:38 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\uTorrent
[2011.05.18 21:54:01 | 000,000,276 | ---- | M] () -- H:\WINDOWS\Tasks\wavepadShakeIcon.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.02.05 18:46:31 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\All Users\Application Data\Office Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.12.17 15:18:23 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\.minecraft
[2012.04.24 11:51:20 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Adobe
[2010.08.09 00:30:37 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Apple Computer
[2010.07.20 21:26:41 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\AUTOSICH
[2011.10.17 10:09:02 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Avira
[2011.04.02 11:46:47 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\AVS4YOU
[2009.02.17 20:51:36 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\BitCometLite
[2012.05.05 20:32:28 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Code Force Limited
[2012.05.21 18:36:00 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\DAEMON Tools Lite
[2010.01.30 12:57:06 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\DivX
[2012.01.07 14:41:28 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\DVDVideoSoft
[2011.03.27 23:25:33 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.11.12 16:46:15 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Firefly Studios
[2012.02.11 00:15:18 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\GetRightToGo
[2010.09.30 20:28:01 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\GHISLER
[2009.10.13 18:42:16 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Google
[2012.05.16 18:50:13 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\gtk-2.0
[2009.03.26 18:45:00 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Help
[2008.12.24 20:45:23 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Identities
[2009.12.29 21:43:06 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\InstallShield
[2010.05.12 16:20:58 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\LolClient
[2010.04.23 16:14:35 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2012.05.24 13:41:24 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\LolClient2
[2008.12.31 12:41:27 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Macromedia
[2011.10.20 13:31:55 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\MAGIX
[2012.07.09 14:02:04 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Malwarebytes
[2011.07.14 17:35:08 | 000,000,000 | --SD | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Microsoft
[2009.04.04 18:17:57 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Microsoft Games
[2012.02.19 22:28:29 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Mozilla
[2011.05.07 16:34:34 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\NCH Swift Sound
[2012.01.28 23:10:52 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\NVIDIA
[2012.02.19 22:43:11 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Opera
[2010.01.28 23:55:57 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Playrix Entertainment
[2012.04.13 20:55:24 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Sibelius Software
[2012.07.10 21:28:35 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Skype
[2012.01.05 12:29:22 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\skypePM
[2012.03.22 19:23:40 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Sony Corporation
[2011.05.25 15:15:03 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Sun
[2008.12.28 11:49:04 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\TMP
[2012.06.05 21:55:30 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\TS3Client
[2012.06.11 23:39:32 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\TuneUp Software
[2011.12.19 01:00:58 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\U3
[2011.10.01 11:53:07 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Unity
[2008.12.31 13:17:38 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\uTorrent
[2011.10.16 16:36:51 | 000,000,000 | ---D | M] -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\vlc
< %APPDATA%\*.exe /s >
[2010.04.23 14:54:29 | 000,038,208 | ---- | M] () -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.06.18 10:59:17 | 003,120,288 | ---- | M] (Adobe Systems, Inc.) -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2011.07.14 23:18:27 | 000,002,238 | R--- | M] () -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Microsoft\Installer\{F8CC09A4-CD72-4634-A55D-70F95AE23E5B}\_18be6784.exe
[2011.07.14 23:18:27 | 000,002,238 | R--- | M] () -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\Microsoft\Installer\{F8CC09A4-CD72-4634-A55D-70F95AE23E5B}\_294823.exe
[2007.08.02 10:21:00 | 015,953,276 | ---- | M] (Marvell ) -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\TMP\SetupYukonWin_5X6N.exe
[2007.10.23 10:27:20 | 000,110,592 | ---- | M] () -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\U3\temp\cleanup.exe
[2008.05.02 11:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- H:\Dokumente und Einstellungen\Stefan\Anwendungsdaten\U3\temp\Launchpad Removal.exe
< %SYSTEMDRIVE%\*.exe >
[2008.12.24 23:50:30 | 112,284,744 | ---- | M] (NVIDIA Corporation ) -- H:\180.48_geforce_winxp_32bit_international_whql.exe
[2010.03.27 12:46:01 | 042,341,360 | ---- | M] () -- H:\avira_antivir_personal_de.exe
[2010.01.28 19:11:25 | 027,066,664 | ---- | M] (Microsoft Corporation) -- H:\PowerPointViewer.exe
< MD5 for: AGP440.SYS >
[2004.08.04 02:10:00 | 018,782,319 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.12.28 14:28:25 | 023,898,261 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.12.28 14:28:25 | 023,898,261 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- H:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- H:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.04 02:10:00 | 018,782,319 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.12.28 14:28:25 | 023,898,261 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.12.28 14:28:25 | 023,898,261 | ---- | M] () .cab file -- H:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- H:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- H:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- H:\WINDOWS\system32\eventlog.dll
[2004.08.04 01:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- H:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- H:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- H:\WINDOWS\system32\netlogon.dll
[2004.08.04 01:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- H:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- H:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- H:\WINDOWS\system32\scecli.dll
[2004.08.04 01:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- H:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: USER32.DLL >
[2004.08.04 01:57:38 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- H:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- H:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- H:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- H:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- H:\WINDOWS\system32\userinit.exe
[2004.08.04 01:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- H:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- H:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004.08.04 01:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- H:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- H:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- H:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2001.08.23 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- H:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001.08.23 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- H:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.12.24 19:41:57 | 000,094,208 | ---- | M] () -- H:\WINDOWS\System32\config\default.sav
[2008.12.24 19:41:57 | 000,663,552 | ---- | M] () -- H:\WINDOWS\System32\config\software.sav
[2008.12.24 19:41:57 | 000,450,560 | ---- | M] () -- H:\WINDOWS\System32\config\system.sav
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[5 H:\WINDOWS\system32\*.tmp files -> H:\WINDOWS\system32\*.tmp -> ]
< End of report > --- --- --- |