Ok habe alles so gemacht wie beschrieben :D
OTL files : Code:
OTL logfile created on: 27.09.2010 14:07:34 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Zandy\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16916)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,70 Gb Total Space | 53,15 Gb Free Space | 47,58% Space Free | Partition Type: NTFS
Drive D: | 111,43 Gb Total Space | 48,65 Gb Free Space | 43,66% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Q: | 931,51 Gb Total Space | 669,33 Gb Free Space | 71,85% Space Free | Partition Type: NTFS
Computer Name: MEINPC
Current User Name: Zandy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\Zandy\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\PC Tools Security\pctsTray.exe (PC Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\mcupdate.exe (Microsoft Corporation)
PRC - C:\Windows\vspc1030.exe (Sonix)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
PRC - C:\Program Files\Sitecom Europe BV\Sitecom WL-113 Utility\SiteComUSB.exe (Sitecom Europe BV)
========== Modules (SafeList) ==========
MOD - C:\Users\Zandy\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\guard32.dll (COMODO)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (TunngleService) -- C:\Program Files\Tunngle\TnglCtrl.exe File not found
SRV - (RSShutdown) -- D:\hackie\service.exe File not found
SRV - (Browser Defender Update Service) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe File not found
SRV - (ACPService) -- File not found
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (sdCoreService) -- C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (cmdGuard) -- C:\Windows\System32\drivers\cmdGuard.sys (COMODO)
DRV - (inspect) -- C:\Windows\System32\drivers\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (SPC1030) USB2.0 PC Camera (SPC1030) -- C:\Windows\System32\drivers\spc1030.sys ()
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- D:\Bearbeitungsprogramme\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (phaudlwr) -- C:\Windows\System32\drivers\phaudlwr.sys (Philips Applied Technologies)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (VX1000) -- C:\Windows\System32\drivers\VX1000.sys (Microsoft Corporation)
DRV - (DLADResM) -- C:\Windows\System32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\Windows\System32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\Windows\System32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\Windows\System32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\Windows\System32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\Windows\System32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\Windows\System32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\Windows\System32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\Windows\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (DRVNDDM) -- C:\Windows\System32\drivers\DRVNDDM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\Windows\System32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\Windows\System32\drivers\DLACDBHM.SYS (Roxio)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (RxFilter) -- C:\Windows\System32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV - (libusb0) -- C:\Windows\System32\drivers\libusb0.sys (hxxp://libusb-win32.sourceforge.net)
DRV - (MicNgTun) -- C:\Windows\System32\drivers\MicNgTun.sys (Micronas GmbH)
DRV - (MicNgCap) -- C:\Windows\System32\drivers\MicNgCap.sys (Micronas GmbH)
DRV - (MicNgBas) -- C:\Windows\System32\drivers\MicNgBas.sys (Micronas GmbH)
DRV - (ZD1211U(Sitecom)) Sitecom Wireless Network USB Adapter Driver(Sitecom) -- C:\Windows\System32\drivers\ZD1211U.sys (ZyDAS Technology Corporation)
DRV - (ASPI) -- C:\Windows\System32\drivers\ASPI32.SYS (Adaptec)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.18 18:25:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.18 18:25:19 | 000,000,000 | ---D | M]
[2009.03.05 16:38:53 | 000,000,000 | ---D | M] -- C:\Users\Zandy\AppData\Roaming\mozilla\Extensions
[2010.09.27 14:06:33 | 000,000,000 | ---D | M] -- C:\Users\Zandy\AppData\Roaming\mozilla\Firefox\Profiles\ffmk5zx8.default\extensions
[2010.09.25 17:01:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Zandy\AppData\Roaming\mozilla\Firefox\Profiles\ffmk5zx8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.24 22:25:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zandy\AppData\Roaming\mozilla\Firefox\Profiles\ffmk5zx8.default\extensions\{74714d77-1695-4e73-a98e-25cb374f46b4}
[2010.02.24 15:52:21 | 000,000,000 | ---D | M] (Fox!Box [de]) -- C:\Users\Zandy\AppData\Roaming\mozilla\Firefox\Profiles\ffmk5zx8.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}
[2010.02.24 15:52:21 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Zandy\AppData\Roaming\mozilla\Firefox\Profiles\ffmk5zx8.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2009.09.23 19:33:53 | 000,002,171 | ---- | M] () -- C:\Users\Zandy\AppData\Roaming\Mozilla\FireFox\Profiles\ffmk5zx8.default\searchplugins\bing.xml
[2010.04.27 09:50:20 | 000,000,931 | ---- | M] () -- C:\Users\Zandy\AppData\Roaming\Mozilla\FireFox\Profiles\ffmk5zx8.default\searchplugins\conduit.xml
[2010.01.01 20:55:34 | 000,002,055 | ---- | M] () -- C:\Users\Zandy\AppData\Roaming\Mozilla\FireFox\Profiles\ffmk5zx8.default\searchplugins\daemon-search.xml
[2010.09.22 19:32:04 | 000,000,950 | ---- | M] () -- C:\Users\Zandy\AppData\Roaming\Mozilla\FireFox\Profiles\ffmk5zx8.default\searchplugins\icqplugin-1.xml
[2009.08.13 08:55:58 | 000,000,950 | ---- | M] () -- C:\Users\Zandy\AppData\Roaming\Mozilla\FireFox\Profiles\ffmk5zx8.default\searchplugins\icqplugin-2.xml
[2009.09.13 15:28:00 | 000,000,961 | ---- | M] () -- C:\Users\Zandy\AppData\Roaming\Mozilla\FireFox\Profiles\ffmk5zx8.default\searchplugins\icqplugin-3.xml
[2009.06.22 08:30:30 | 000,000,950 | ---- | M] () -- C:\Users\Zandy\AppData\Roaming\Mozilla\FireFox\Profiles\ffmk5zx8.default\searchplugins\icqplugin.xml
[2010.09.18 18:34:20 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.03.11 15:38:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.09.04 02:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2010.09.18 18:25:11 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.09.18 18:25:11 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.09.18 18:25:11 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.09.18 18:25:11 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.09.18 18:25:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.09.18 14:37:22 | 000,000,818 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 74.208.105.171 gs.apple.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [spc1030] C:\Windows\vspc1030.exe (Sonix)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Zandy\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Zandy\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1199395426399 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1236365074789&h=e8a697bd531e33d86563088add75ecf2/&filename=jinstall-6u12-windows-i586-jc.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} hxxp://www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Zandy\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Zandy\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.12.25 14:43:30 | 000,000,067 | ---- | M] () - Q:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{49696441-d1bc-11de-9148-000cf61398da}\Shell - "" = AutoRun
O33 - MountPoints2\{49696441-d1bc-11de-9148-000cf61398da}\Shell\AutoRun\command - "" = O:\LaunchU3.exe -- File not found
O33 - MountPoints2\{5f173ffd-6352-11de-ae4c-000cf61398da}\Shell - "" = AutoRun
O33 - MountPoints2\{5f173ffd-6352-11de-ae4c-000cf61398da}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{d7370f2b-fc9c-11de-bd86-000cf61398da}\Shell - "" = AutoRun
O33 - MountPoints2\{d7370f2b-fc9c-11de-bd86-000cf61398da}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.09.27 14:03:17 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Zandy\Desktop\OTL.exe
[2010.09.27 13:59:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.09.27 13:59:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.09.27 13:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.09.25 17:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\Orbitdownloader
[2010.09.23 15:10:43 | 000,000,000 | ---D | C] -- C:\Program Files\Duplicate Music Files Finder
[2010.09.20 15:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.09.20 15:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010.09.20 15:00:36 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010.09.20 15:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010.09.19 22:25:17 | 000,000,000 | ---D | C] -- C:\Users\Zandy\Desktop\iPod Photo Cache
[2010.09.19 22:07:37 | 000,000,000 | ---D | C] -- C:\Users\Zandy\Desktop\Ipod Bilder
[2010.09.18 18:25:05 | 000,000,000 | ---D | C] -- C:\Users\Zandy\AppData\Roaming\ProgSense
[2010.09.17 23:27:55 | 000,000,000 | ---D | C] -- C:\Users\Zandy\Documents\Adobe
[2010.09.17 23:27:12 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010.09.17 23:20:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010.09.17 23:04:17 | 000,000,000 | -HSD | C] -- C:\Users\Zandy\.COMMgr
[2010.09.17 22:55:21 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\Server
[2010.09.17 22:54:35 | 000,000,000 | ---D | C] -- C:\Users\Zandy\AppData\Roaming\0088A80374DFA29FD31A2D1FEF24C182
[2010.09.17 21:25:01 | 000,000,000 | ---D | C] -- C:\Users\Zandy\AppData\Roaming\Download Manager
[2010.09.17 17:05:30 | 000,000,000 | ---D | C] -- C:\Users\Zandy\Deskto
[2010.09.16 14:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Ableton
[2010.09.16 14:58:34 | 000,000,000 | ---D | C] -- C:\Users\Zandy\Documents\Ableton
[2010.09.16 14:58:33 | 000,000,000 | ---D | C] -- C:\Users\Zandy\AppData\Roaming\Ableton
[2010.09.07 15:52:22 | 000,000,000 | ---D | C] -- C:\Users\Zandy\AppData\Roaming\Notepad++
[2010.09.07 15:52:22 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2010.09.02 20:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009.02.05 15:53:01 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\cspc1030.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.09.27 14:12:15 | 004,980,736 | ---- | M] () -- C:\Users\Zandy\NTUSER.DAT
[2010.09.27 14:10:24 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BB2AC692-2CD6-4C68-9DFC-5B9F61E87B2F}.job
[2010.09.27 14:03:18 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Zandy\Desktop\OTL.exe
[2010.09.27 14:01:06 | 001,491,156 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.27 14:01:06 | 000,656,262 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.27 14:01:06 | 000,614,440 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.27 14:01:06 | 000,121,228 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.27 14:01:06 | 000,108,030 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.27 13:56:49 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.27 13:55:45 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.27 13:55:45 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.27 13:55:41 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.27 13:55:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.27 13:55:15 | 3219,644,416 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.26 21:40:54 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.09.26 21:40:41 | 002,976,619 | -H-- | M] () -- C:\Users\Zandy\AppData\Local\IconCache.db
[2010.09.26 21:20:44 | 001,579,830 | ---- | M] () -- C:\Users\Zandy\Desktop\IMG_127d1.jpg
[2010.09.26 21:05:38 | 003,052,111 | ---- | M] () -- C:\Users\Zandy\Desktop\IMG_1271.JPG
[2010.09.26 20:43:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.26 14:51:19 | 000,000,436 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010.09.25 17:16:51 | 000,111,616 | ---- | M] () -- C:\Users\Zandy\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.09.25 17:12:57 | 003,765,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.09.25 16:28:25 | 000,008,052 | ---- | M] () -- C:\Users\Zandy\AppData\Local\d3d9caps.dat
[2010.09.25 13:58:54 | 000,004,368 | ---- | M] () -- C:\Users\Zandy\Documents\cc_20100925_135829.reg
[2010.09.25 12:52:00 | 000,168,448 | ---- | M] () -- C:\Users\Zandy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.24 23:41:27 | 001,987,907 | ---- | M] () -- C:\Users\Zandy\Documents\eggetsberger-hypnose.pdf
[2010.09.24 23:14:12 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2010.09.20 14:28:21 | 000,009,694 | ---- | M] () -- C:\Users\Zandy\Documents\cc_20100920_142816.reg
[2010.09.18 18:42:14 | 000,032,738 | ---- | M] () -- C:\Users\Zandy\Documents\cc_20100918_184208.reg
[2010.09.18 14:37:22 | 000,000,818 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.09.04 14:19:46 | 000,138,184 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.08.31 13:52:19 | 000,001,064 | -H-- | M] () -- C:\Windows\tasks\RCHubTask 0 0 {2E6E3A14-F6F5-404E-AC33-87F20083074D} 2145340416~30026154.job
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.26 21:20:34 | 001,579,830 | ---- | C] () -- C:\Users\Zandy\Desktop\IMG_127d1.jpg
[2010.09.25 17:12:11 | 3219,644,416 | -HS- | C] () -- C:\hiberfil.sys
[2010.09.25 13:58:53 | 000,004,368 | ---- | C] () -- C:\Users\Zandy\Documents\cc_20100925_135829.reg
[2010.09.24 23:41:27 | 001,987,907 | ---- | C] () -- C:\Users\Zandy\Documents\eggetsberger-hypnose.pdf
[2010.09.21 21:45:58 | 003,052,111 | ---- | C] () -- C:\Users\Zandy\Desktop\IMG_1271.JPG
[2010.09.20 14:28:18 | 000,009,694 | ---- | C] () -- C:\Users\Zandy\Documents\cc_20100920_142816.reg
[2010.09.18 18:42:10 | 000,032,738 | ---- | C] () -- C:\Users\Zandy\Documents\cc_20100918_184208.reg
[2010.05.17 17:49:38 | 000,079,360 | ---- | C] () -- C:\Users\Zandy\AppData\Roaming\netssh.exePowerS.dll
[2010.05.17 17:49:05 | 000,180,736 | ---- | C] () -- C:\Users\Zandy\AppData\Roaming\netssh.exeOptix_ScreenCapS.dll
[2010.05.17 17:48:40 | 000,086,528 | ---- | C] () -- C:\Users\Zandy\AppData\Roaming\netssh.exeGetSteamS.dll
[2010.05.17 17:48:25 | 000,108,544 | ---- | C] () -- C:\Users\Zandy\AppData\Roaming\netssh.exePwS.dll
[2010.04.20 19:54:11 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.04.20 18:32:02 | 000,000,005 | ---- | C] () -- C:\ProgramData\DragToDiscUserNameE.txt
[2010.04.15 17:45:31 | 000,000,614 | ---- | C] () -- C:\Users\Zandy\AppData\Roaming\nt.bat
[2010.03.30 21:20:22 | 001,053,056 | ---- | C] () -- C:\Windows\System32\drivers\CAMTHWDM.sys
[2010.02.25 20:48:43 | 000,157,184 | -HS- | C] () -- C:\Windows\System32\SCS.dll
[2010.01.01 19:53:27 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.09.06 10:31:45 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.03.10 23:58:11 | 000,000,168 | ---- | C] () -- C:\Users\Zandy\AppData\Roaming\AVSMediaPlayer.m3u
[2009.03.03 20:47:33 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009.03.03 20:47:33 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009.02.05 15:53:01 | 003,035,776 | ---- | C] () -- C:\Windows\System32\drivers\spc1030.sys
[2009.02.05 15:53:01 | 000,851,968 | ---- | C] () -- C:\Windows\System32\Dll_Volume_Ctrl.dll
[2009.02.05 15:53:01 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\spc1030c.sys
[2009.02.05 15:53:01 | 000,015,497 | ---- | C] () -- C:\Windows\spc1030.ini
[2009.01.19 20:45:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\InsDrvZD.dll
[2008.12.09 11:32:06 | 000,028,754 | ---- | C] () -- C:\Users\Zandy\AppData\Roaming\UserTile.png
[2008.09.20 19:07:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.06.15 19:28:39 | 000,000,628 | ---- | C] () -- C:\Users\Zandy\AppData\Roaming\wklnhst.dat
[2008.01.02 18:42:57 | 000,008,052 | ---- | C] () -- C:\Users\Zandy\AppData\Local\d3d9caps.dat
[2007.12.11 12:39:41 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2007.12.11 11:54:47 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.12.04 22:42:17 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.12.01 08:21:20 | 000,168,448 | ---- | C] () -- C:\Users\Zandy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.30 16:39:25 | 000,000,000 | ---- | C] () -- C:\Users\Zandy\AppData\Local\rx_image.Cache
[2007.06.27 03:50:58 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.05.23 21:39:26 | 000,000,689 | ---- | C] () -- C:\Windows\generic.ini
[2007.05.23 21:39:26 | 000,000,109 | ---- | C] () -- C:\Windows\Alaunch.ini
[2007.05.23 13:12:14 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2007.05.23 13:12:12 | 000,000,163 | ---- | C] () -- C:\Windows\wininit.ini
[2007.05.23 13:07:36 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.05.19 00:23:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007.04.10 23:46:52 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2006.12.13 23:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006.12.13 23:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\Windows:F5454D0BF17D7B8D
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:A8ADE5D8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:7E95B6FD
< End of report >
Extras : Code:
OTL Extras logfile created on: 27.09.2010 14:07:34 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Zandy\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16916)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,70 Gb Total Space | 53,15 Gb Free Space | 47,58% Space Free | Partition Type: NTFS
Drive D: | 111,43 Gb Total Space | 48,65 Gb Free Space | 43,66% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Q: | 931,51 Gb Total Space | 669,33 Gb Free Space | 71,85% Space Free | Partition Type: NTFS
Computer Name: MEINPC
Current User Name: Zandy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2780370485-2775809281-2979314199-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Zandy\Desktop\Allgemein\BitTorrent\bittorrent.exe" = C:\Users\Zandy\Desktop\Allgemein\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"D:\AirRivals_DE\Launcher.atm" = D:\AirRivals_DE\Launcher.atm:Enabled:GameExe2 -- File not found
"D:\AirRivals_DE\Res-Voip\SCVoIP.exe" = D:\AirRivals_DE\Res-Voip\SCVoIP.exe:Enabled:GameVoIP -- File not found
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B3A891-60F5-4DCB-B5C4-40859E111C32}" = rport=138 | protocol=17 | dir=out | app=system |
"{0104B14D-5906-4415-822B-EAB1893BEF44}" = lport=138 | protocol=17 | dir=in | app=system |
"{019FF6CB-E9E9-456C-B7D7-4D426BAAA06A}" = lport=5050 | protocol=6 | dir=in | name=5050 |
"{094908A9-4C64-493F-ACC4-4D821C3F2154}" = rport=2869 | protocol=6 | dir=out | app=system |
"{2D9869FE-DAFA-441E-9AED-6A9558BF9344}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{31B860DA-73B5-4EDD-AD7E-9A4C28E974E8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{353D86E6-EEBF-4363-A987-1AA4A108596D}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{35C20EC4-DCD9-45B8-9363-3916C4BE4116}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4B348D8C-F25F-4DF0-9CA9-0D0E5089FEEC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{59637524-E8C3-40A3-87CF-F64570690B26}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5BBE7987-32AC-4EF6-A0E0-CAB6579D46DB}" = rport=139 | protocol=6 | dir=out | app=system |
"{67CD75F9-2271-4C03-8B32-CFA5D21E96A3}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6C0027A4-EF84-46A4-92CA-0731201BD356}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6EC81507-C5BE-46EA-8AE5-42D0E4FD68C0}" = lport=13146 | protocol=6 | dir=in | name=azereus |
"{793B1A50-4816-4EC0-973D-3B8EFF5A78A6}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7B4975F7-FB3F-4111-98EB-179FDD4E5AEF}" = rport=445 | protocol=6 | dir=out | app=system |
"{82A4166F-E314-40DD-A545-5B432F5413A9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8B7431A9-2BE0-4F39-8414-F30DA3DE39E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8DE40A60-D798-48F4-A153-3793A15FD50E}" = lport=137 | protocol=17 | dir=in | app=system |
"{A8BD2364-3BB7-4E1F-8ACF-F636176028B5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BD75BEC7-A89D-4A9A-88C0-8A56D6CB0391}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C0510FFD-31BD-4013-BA10-CCBF664E19F1}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C4F8ABEA-7C0E-49F4-BA72-A7DC38BE971B}" = lport=139 | protocol=6 | dir=in | app=system |
"{D26B66A3-C331-4A18-8E2D-0E116B316EE9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DC359436-E112-4B1F-82F2-1F5EFA050736}" = lport=445 | protocol=6 | dir=in | app=system |
"{FC402580-9923-48BF-8384-E3ADCCDE65C3}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0037F6F1-2ED5-4758-A051-17534ADA50A2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{08BA8DA1-E50E-4338-BD57-6D004206509A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0C09A92E-317A-49B4-ABE4-ACEB3D7CCEA2}" = dir=in | app=d:\bearbeitungsprogramme\playmovie\pmvservice.exe |
"{1E7B9E66-F410-4A0E-A2B3-C0C2EEC12345}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{246B7977-686F-4DA2-8196-22FF931E54FE}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.0-engb-downloader.exe |
"{302621DD-9CB1-46D1-91A7-80B2DC5DCA8F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{35519704-ADE4-48A5-85FD-7F294D47CD16}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{3D7BBBCB-C18E-4510-8083-6930FCD3C597}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3E3A4BD3-F48E-4EBB-9F11-AB947392FB2F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{416E957D-5107-4071-96D8-0BB207AFE0C4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{454AD2B8-0EF2-4CA3-83CC-29132654F184}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{4B049494-498E-4177-B2A3-4000FBFA9021}" = protocol=6 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe |
"{53FAECCC-E85D-46B8-B54E-7DF1BC185EA0}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{5412D00E-8A16-4123-88ED-CD6AA22D3F15}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5718ACAF-9DBA-4EE8-B019-33F145E49700}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{611110B8-EE89-4A21-8A2D-5053A5DC207F}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{6EEC8F4A-FFFC-4C9E-98E6-FA1E30CC374C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{72E8576F-4E3B-4E2D-8211-E11912D746AA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{826B0EDB-35C3-4342-B5E2-6481D15DA55E}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{8DF272AA-F8A8-498B-8475-7BFEC2291493}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{94525E22-426E-4773-B5FF-9CFC91DFB5B6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9DBE8352-2E24-4D17-873F-54B046C4A649}" = protocol=17 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe |
"{A3B4D216-2253-4C53-A46C-4749CDB21994}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AF4CA328-D47A-4200-8B2A-37ACFCF2FAD5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B3DCFAE8-4C34-4A69-9B52-84D14D5B2D5E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{B8FE0290-2691-4776-A54D-0D777FD29E3A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BD7E1CB9-2370-4198-A5CF-58651265180B}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{BE8FFDCD-A522-41A9-AAF6-ECFC19C373ED}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{C716D6EE-2123-4A8E-AE23-A79B12FBF6BE}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{C852B588-B676-4AF6-B40D-C88F9F4A1E76}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{C9248B30-C2FC-4C22-AF04-EBA0EC6EAB6C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C9DD64A6-B8C2-4CFA-9EE7-5346473DF6F3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CAFDCF0A-3BD5-4D62-9EA7-886705B63F88}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.0-engb-downloader.exe |
"{CBB355BB-7F9F-431A-BD40-DED8B265A51E}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{D74A9B68-6710-47C6-AA8B-7172A2C595BD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E1DCE130-9AE8-4B6E-A6F6-DEF37CE93D1A}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{E8598425-C28A-4D98-8681-1C8ED9393D3F}" = dir=in | app=d:\bearbeitungsprogramme\playmovie\playmovie.exe |
"TCP Query User{0104331B-692C-48A0-BF84-C512EEC82292}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{0A477EC7-C641-4608-9FD6-FC5E49F90E6E}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{0F1933EC-9B6F-4A99-B4BD-CF696C3DFFD8}D:\halo 1 mp\haloce.exe" = protocol=6 | dir=in | app=d:\halo 1 mp\haloce.exe |
"TCP Query User{1290680D-7BBB-408C-96DD-E801324C324F}C:\program files\steam\steamapps\alex32175\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\alex32175\counter-strike source\hl2.exe |
"TCP Query User{1BD25AC1-361A-4F9B-B730-F1A065A01627}Q:\css\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=q:\css\counter-strike source\hl2.exe |
"TCP Query User{236B5E77-B703-4EDF-BFFA-A84DB66322F6}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{3DB97748-4353-45E5-960E-832E7E3A3FA8}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{3FD9ECE9-2448-4656-8273-203C8D4D7995}D:\sniper\sniper elite\sniperelite.exe" = protocol=6 | dir=in | app=d:\sniper\sniper elite\sniperelite.exe |
"TCP Query User{41CC5285-8594-45D7-BFCD-F2A5E60ED7ED}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{44858294-7D0A-41D1-90B1-CD375AE6388B}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{5CCA4F48-6DC8-4629-992F-83652782F967}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{614F1BD6-42A4-485F-B305-5DB22E57D5D0}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{6C988A3C-433E-4BAE-BF35-2DEA4257CB89}C:\program files\gamespy arcade\aphex.exe" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"TCP Query User{6F87A5C4-35E6-4C5A-B774-DEBE9F4BB11A}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{6FE46B79-6652-426D-B3E5-E8868A14F8C5}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{747612FE-B0FD-4380-92A2-E4F603ACFA3B}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{74D22B22-0777-41A9-98A8-697A99A123A8}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{85CF08CE-B4C4-4B9E-AAAA-A527E385B164}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{8678D507-865D-41D1-B72A-BEC530C6B3DE}C:\users\zandy\downloads\halo\haloce.exe" = protocol=6 | dir=in | app=c:\users\zandy\downloads\halo\haloce.exe |
"TCP Query User{88D46B82-67FC-4C0D-95DB-E84DAEBE8BA6}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{8B5023F9-A317-4D02-9F91-A9B3D21481EC}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{9A7E8807-0E45-4EAC-BC6B-1D35DD8879DB}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{A4F53370-0BBD-4E21-B13C-C7F2D05D0F35}D:\need for speed\nfs.exe" = protocol=6 | dir=in | app=d:\need for speed\nfs.exe |
"TCP Query User{AD952BE4-E8E1-43B1-9434-433622534F17}Q:\cs 1.6\hl.exe" = protocol=6 | dir=in | app=q:\cs 1.6\hl.exe |
"TCP Query User{B44B4CCA-E5CD-47DB-ADAE-0DECDC5609EC}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{BF56FD46-B7E2-4294-AD12-3E99608C0A2F}D:\bearbeitungsprogramme\loadhack\routerclient.exe" = protocol=6 | dir=in | app=d:\bearbeitungsprogramme\loadhack\routerclient.exe |
"TCP Query User{E1047DB5-342A-45B4-8562-312B3D2D5298}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{F126F394-586E-47D5-891F-CFA174224650}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F950DD31-0EF6-4891-9ABE-AF088477F7CB}C:\program files\steam\steamapps\alex32175\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\alex32175\half-life 2 deathmatch\hl2.exe |
"TCP Query User{FD8DBA90-91D9-409B-BC0D-5AEFB898AE9A}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{0C247432-04D7-4707-9295-7CE29ABE7385}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{1425068E-C074-41AA-8985-2452528E17B1}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{15041823-475F-4C85-AC4E-8E9BB7CE3450}Q:\cs 1.6\hl.exe" = protocol=17 | dir=in | app=q:\cs 1.6\hl.exe |
"UDP Query User{18EC5E5B-8F12-4158-931A-7FD2BBA084EB}C:\program files\steam\steamapps\alex32175\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\alex32175\counter-strike source\hl2.exe |
"UDP Query User{201CECF7-61A5-49C6-BA2C-772B234E3ECE}D:\sniper\sniper elite\sniperelite.exe" = protocol=17 | dir=in | app=d:\sniper\sniper elite\sniperelite.exe |
"UDP Query User{27CC196D-6C95-4050-A374-C1DB6C1C334B}D:\need for speed\nfs.exe" = protocol=17 | dir=in | app=d:\need for speed\nfs.exe |
"UDP Query User{2CC72417-5567-4385-A059-49401B802D5A}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{43E803C5-93B3-4C36-9AC9-3E2B39864976}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"UDP Query User{4C5C2E2D-D415-4B03-9E38-D430ECA21AA5}D:\bearbeitungsprogramme\loadhack\routerclient.exe" = protocol=17 | dir=in | app=d:\bearbeitungsprogramme\loadhack\routerclient.exe |
"UDP Query User{73CFF006-447C-4F2D-8ED1-FFB8FAF3451C}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"UDP Query User{960E48F2-FF8A-41B9-9891-A178A94F7109}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{AD03769E-A394-43F7-B2D3-5C52908A3438}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{AF65371D-F6BD-4DDE-8AF2-F2A392BEE142}D:\halo 1 mp\haloce.exe" = protocol=17 | dir=in | app=d:\halo 1 mp\haloce.exe |
"UDP Query User{BF115C25-8099-45E3-A60F-DDF649A953A7}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{C72D9B26-005A-4F83-A90D-DA88E92968F6}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{C773F02D-BAD9-4C8B-82F6-86A5047C6C77}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{CABD8817-5C6F-4B50-9CC1-86792876A87B}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{CB1FFA80-09A3-46B5-9E14-663ADF8F4B03}C:\users\zandy\downloads\halo\haloce.exe" = protocol=17 | dir=in | app=c:\users\zandy\downloads\halo\haloce.exe |
"UDP Query User{CBDB7A5F-730B-4101-BB92-E1E6B3F4DF78}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{D0DCD784-BC2B-4651-A787-60CF4016863F}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{D14C7B62-1635-431C-8AAF-90943DFD5E6B}Q:\css\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=q:\css\counter-strike source\hl2.exe |
"UDP Query User{D948BBBA-B79D-4E3F-95FC-CE8AD92C22A9}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{DF291E2E-1199-438F-BD04-1C5AA8EAD9AA}C:\program files\gamespy arcade\aphex.exe" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"UDP Query User{EA20067D-6D70-4395-B32F-A027D1B31CB0}C:\program files\steam\steamapps\alex32175\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\alex32175\half-life 2 deathmatch\hl2.exe |
"UDP Query User{F5542E76-F618-47E2-B841-E62E13499F31}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{F832C6D6-25AD-442E-867F-3A85BD916708}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{F8CF76FC-166F-4DB8-9B34-A5A363B6A4C4}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{FB2CD881-3CDB-47D5-BD79-7D35B223C7C5}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{FE0EDA0B-BAD7-4B14-92F1-C12F1C8F7327}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00170407-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{1491FF84-E32E-AA9C-C511-777375B77766}" = Catalyst Control Center Localization German
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{18D78B2E-7160-ABD1-0963-446FB828D1C3}" = Catalyst Control Center Graphics Previews Vista
"{1F649FD8-7201-FD89-F792-1B7D0C36A57C}" = Catalyst Control Center Graphics Previews Common
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CAFEE26-C4AF-6349-6D99-8B5230F47F5E}" = Skins
"{3F750653-FC3C-45A0-5304-615D63C74D07}" = Catalyst Control Center Core Implementation
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43F5AB70-4EDE-4AE8-A5DC-1C8C78868AFF}" = Sitecom Wireless Network USB Adapter 54G WL-113
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{479DCD93-4372-B11C-B727-D1D9A7AE344F}" = ccc-utility
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{55FC05BC-5022-F24B-6309-FD5A95208F94}" = Catalyst Control Center Graphics Full Existing
"{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}" = Suite
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F5623DF-7951-4D32-8897-73E0A6BC2AA7}" = Samsung PC Studio
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{726DBFE3-BE2B-4FFA-9787-D6495765CFD2}" = Microsoft LifeCam
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BECDEE0-7126-4F9B-8BE4-E72AEA79571B}" = ArcSoft WebCam Companion 2
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{897CA0D9-948F-4E5B-A20E-535E1060D3E6}" = MyDVD-VR Recorder
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
"{8F371CCB-7EB9-DEE8-82F4-424A148F7DDB}" = CCC Help German
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7D9D2E0-8051-4FCD-DA16-5E44A5B89495}" = Catalyst Control Center Graphics Light
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACC901CB-12A9-4252-8535-4020803CD819}" = Sprachtrainer Découvertes 2
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C441197D-F750-4EFE-B3EC-885684D923DB}" = Sprachtrainer Découvertes 3
"{C45EB9E5-7165-4FB0-8C31-77FC4743362F}" = Manual CanoScan LiDE 25
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CD763478-5961-4022-961A-9FB3EA00038A}" = StarOffice 8
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEE7A421-E272-FCEA-381A-ED4AACCAA165}" = ccc-core-static
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DCFFB64E-A757-4430-A455-B947F029BFD4}" = Roxio WinOnCD 9 Basic
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E75055E0-085C-BD62-CD52-2398F3E84A86}" = Catalyst Control Center Graphics Full New
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6D5EED1-EB69-421C-A314-8998CA574C51}" = Philips SPC1030NC Webcam
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}" = Sprachtrainer Fonts
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"10F7630C78CC9B1F315B5FA216ECB493C3ACD3E5" = Windows-Treiberpaket - Philips CL (phaudlwr) MEDIA (06/02/2008 1.0.5.12)
"45BC8B5D6014058D45855440C588F87C62D70673" = Windows-Treiberpaket - Philips (SPC1030) Image (06/11/2008 5.8.8.042)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Free FLV Converter_is1" = Free FLV Converter V 6.7.4
"Free Studio_is1" = Free Studio version 4.8
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2
"GameSpy Arcade" = GameSpy Arcade
"HijackThis" = HijackThis 2.0.2
"InstallShield_{897CA0D9-948F-4E5B-A20E-535E1060D3E6}" = Sonic MyDVD-VR
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Orbit_is1" = Orbit Downloader
"PhotoScape" = PhotoScape
"Spyware Doctor" = PC Tools AntiVirus Free
"VLC media player" = VLC media player 0.9.9
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
dann hab ich noch den Logfile von Malwarebytes : Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4702
Windows 6.0.6000
Internet Explorer 7.0.6000.16916
27.09.2010 16:13:17
mbam-log-
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 308146
Laufzeit: 2 Stunde(n), 2 Minute(n), 47 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 7
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\WS9E3IQBKY (Trojan.FakeAlert) -> No action taken.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Window Title (Hijacked.WindowTitle) -> Bad: (Hacked by Godzilla) Good: (Internet Explorer) -> No action taken.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Windows\System32\SCS.dll (Trojan.Dropper.PGen) -> No action taken.
D:\Bearbeitungsprogramme\loadhack\ocr\netload.in\asmCaptcha\test.exe (Malware.Packer) -> No action taken.
C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> No action taken.
C:\Users\Public\Documents\Server\server.dat (Malware.Trace) -> No action taken.
C:\Users\Zandy\AppData\Local\Temp\0.5170452955694216.exe (Trojan.Dropper) -> No action taken.
|
