EvilKnievel | 27.10.2010 14:55 | Otl:
OTL Logfile: Code:
otl logfile created on: 10/27/2010 3:41:56 pm - run 1
otl by oldtimer - version 3.2.17.1 folder = d:\users\stefan\desktop
64bit- ultimate edition (version = 6.1.7600) - type = ntworkstation
internet explorer (version = 8.0.7600.16385)
locale: 00000409 | country: Germany | language: Deu | date format: Dd.mm.yyyy
6.00 gb total physical memory | 4.00 gb available physical memory | 68.00% memory free
12.00 gb paging file | 10.00 gb available in paging file | 80.00% paging file free
paging file location(s): ?:\pagefile.sys [binary data]
%systemdrive% = d: | %systemroot% = d:\windows | %programfiles% = d:\program files (x86)
drive c: | 76.33 gb total space | 17.34 gb free space | 22.71% space free | partition type: Ntfs
drive d: | 201.01 gb total space | 129.15 gb free space | 64.25% space free | partition type: Ntfs
drive e: | 1196.25 gb total space | 403.74 gb free space | 33.75% space free | partition type: Ntfs
drive g: | 265.75 gb total space | 86.52 gb free space | 32.56% space free | partition type: Ntfs
drive h: | 100.00 gb total space | 77.71 gb free space | 77.71% space free | partition type: Ntfs
computer name: Stefan-pc | user name: Stefan | logged in as administrator.
Boot mode: Normal | scan mode: Current user | include 64bit scans
company name whitelist: Off | skip microsoft files: Off | no company name whitelist: On | file age = 30 days
========== processes (safelist) ==========
prc - d:\users\stefan\desktop\otl.exe (oldtimer tools)
prc - d:\users\stefan\appdata\local\temp\gd0.exe (trend micro inc.)
prc - d:\program files (x86)\mozilla firefox\firefox.exe (mozilla corporation)
prc - d:\program files (x86)\mozilla firefox\plugin-container.exe (mozilla corporation)
prc - d:\program files (x86)\virtualdj\virtualdj.exe (atomix productions)
prc - d:\program files (x86)\avira\antivir desktop\avguard.exe (avira gmbh)
prc - d:\program files (x86)\daemon tools lite\dtlite.exe (dt soft ltd)
prc - d:\program files (x86)\avira\antivir desktop\avgnt.exe (avira gmbh)
prc - d:\program files (x86)\avira\antivir desktop\sched.exe (avira gmbh)
prc - d:\program files (x86)\common files\binarysense\disksvc.exe (binarysense ltd.)
prc - d:\program files (x86)\asus\smartdoctor\smartdoctor.exe (asustek inc.)
prc - d:\program files (x86)\sony ericsson\sony ericsson pc suite\sepcsuite.exe (sony ericsson mobile communications ab)
prc - d:\program files (x86)\rivatuner v2.24 msi master overclocking arena 2009 edition\rivatuner.exe ()
prc - d:\windows\syswow64\asdr.exe ()
prc - d:\program files (x86)\asus\ai suite\ainap\ainap.exe ()
prc - d:\program files (x86)\analog devices\core\smax4pnp.exe (analog devices, inc.)
prc - d:\windows\syswow64\ctxfihlp.exe (creative technology ltd)
prc - d:\windows\syswow64\ctxfispi.exe (creative technology ltd)
prc - d:\program files (x86)\elaborate bytes\virtualclonedrive\vcddaemon.exe (elaborate bytes ag)
prc - d:\program files (x86)\analog devices\soundmax\soundmax.exe (analog devices, inc.)
prc - d:\program files (x86)\sony ericsson\sony ericsson pc suite\supserv.exe ()
prc - d:\program files (x86)\avmwlanstick\wlangui.exe (avm berlin)
prc - d:\program files (x86)\avmwlanstick\wlannetservice.exe (avm berlin)
prc - d:\program files (x86)\creative\shared files\ctaudsvc.exe (creative technology ltd)
prc - d:\program files (x86)\cpu-control\cpu_control.exe ()
========== modules (safelist) ==========
mod - d:\users\stefan\desktop\otl.exe (oldtimer tools)
mod - d:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (microsoft corporation)
mod - d:\windows\syswow64\wtsapi32.dll (microsoft corporation)
mod - d:\windows\syswow64\winsta.dll (microsoft corporation)
mod - d:\windows\syswow64\normaliz.dll (microsoft corporation)
========== win32 services (safelist) ==========
srv:64bit: - (kmservice) -- d:\windows\sysnative\srvany.exe file not found
srv:64bit: - (uxtuneup) -- d:\windows\sysnative\uxtuneup.dll (tuneup software)
srv:64bit: - (netzmanager service) -- d:\program files\netzmanager\nminfrais2\netzmanager_service.exe (deutsche telekom ag)
srv:64bit: - (windefend) -- d:\program files\windows defender\mpsvc.dll (microsoft corporation)
srv:64bit: - (appmgmt) -- d:\windows\sysnative\appmgmts.dll (microsoft corporation)
srv:64bit: - (aeadifilters) -- d:\windows\sysnative\aeadisrv.exe (andrea electronics corporation)
srv:64bit: - (atkfusservice) -- d:\windows\sysnative\atkfusservice.exe (asustek computer inc.)
srv - (lavasoft ad-aware service) -- d:\program files (x86)\lavasoft\ad-aware\aawservice.exe (lavasoft)
srv - (tuneup.utilitiessvc) -- d:\program files (x86)\tuneup utilities 2011\tuneuputilitiesservice64.exe (tuneup software)
srv - (uxtuneup) tuneup designerweiterung (beta) -- d:\windows\syswow64\uxtuneup.dll (tuneup software)
srv - (tomtomhomeservice) -- d:\program files (x86)\tomtom home 2\tomtomhomeservice.exe (tomtom)
srv - (antivirservice) -- d:\program files (x86)\avira\antivir desktop\avguard.exe (avira gmbh)
srv - (antivirschedulerservice) -- d:\program files (x86)\avira\antivir desktop\sched.exe (avira gmbh)
srv - (naupdate) -- d:\program files (x86)\nero\update\nasvc.exe (nero ag)
srv - (emmadevmgmtsvc) -- d:\program files (x86)\common files\sony ericsson\emma core\services64\emmadevicemgmt.exe (sony ericsson mobile communications)
srv - (emmaupdmgmtsvc) -- d:\program files (x86)\common files\sony ericsson\emma core\services64\emmaupdatemgmt.exe (sony ericsson mobile communications)
srv - (hdd & ssd access service) -- d:\program files (x86)\common files\binarysense\disksvc.exe (binarysense ltd.)
srv - (creative alchemy al6 licensing service) -- d:\program files (x86)\common files\creative labs shared\service\al6licensing.exe (creative labs)
srv - (creative audio engine licensing service) -- d:\program files (x86)\common files\creative labs shared\service\ctaelicensing.exe (creative labs)
srv - (aspnet_state) -- d:\windows\microsoft.net\framework64\v4.0.21006\aspnet_state.exe (microsoft corporation)
srv - (wpffontcache_v0400) -- d:\windows\microsoft.net\framework64\v4.0.21006\wpf\wpffontcache_v0400.exe (microsoft corporation)
srv - (clr_optimization_v4.0.21006_64) -- d:\windows\microsoft.net\framework64\v4.0.21006\mscorsvw.exe (microsoft corporation)
srv - (clr_optimization_v4.0.21006_32) -- d:\windows\microsoft.net\framework\v4.0.21006\mscorsvw.exe (microsoft corporation)
srv - (asdr) -- d:\windows\syswow64\asdr.exe ()
srv - (daupdatersvc) -- g:\dragon age\bin_ship\daupdatersvc.service.exe (bioware)
srv - (clr_optimization_v2.0.50727_32) -- d:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe (microsoft corporation)
srv - (omsi download service) -- d:\program files (x86)\sony ericsson\sony ericsson pc suite\supserv.exe ()
srv - (avm wlan connection service) -- d:\program files (x86)\avmwlanstick\wlannetservice.exe (avm berlin)
srv - (ctaudsvcservice) -- d:\program files (x86)\creative\shared files\ctaudsvc.exe (creative technology ltd)
srv - (dfsdks) -- d:\program files (x86)\ashampoo\ashampoo winoptimizer 6\dfsdks.exe (mst software gmbh, germany)
srv - (tdslmgrservice) -- d:\program files (x86)\dsl-manager\dslmgrsvc.exe (t-systems enterprise services gmbh)
srv - (nero backitup scheduler 4.0) -- d:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe (nero ag)
srv - (kmservice) -- d:\windows\syswow64\srvany.exe ()
========== driver services (safelist) ==========
drv:64bit: - (nvflash) -- d:\windows\sysnative\drivers\nvflash.sys file not found
drv:64bit: - (elbycdio) -- d:\windows\sysnative\drivers\elbycdio.sys (elaborate bytes ag)
drv:64bit: - (lbd) -- d:\windows\sysnative\drivers\lbd.sys (lavasoft ab)
drv:64bit: - (anydvd) -- d:\windows\sysnative\drivers\anydvd.sys (slysoft, inc.)
drv:64bit: - (avipbb) -- d:\windows\sysnative\drivers\avipbb.sys (avira gmbh)
drv:64bit: - (avgntflt) -- d:\windows\sysnative\drivers\avgntflt.sys (avira gmbh)
drv:64bit: - (atksgt) -- d:\windows\sysnative\drivers\atksgt.sys ()
drv:64bit: - (lirsgt) -- d:\windows\sysnative\drivers\lirsgt.sys ()
drv:64bit: - (sptd) -- d:\windows\sysnative\drivers\sptd.sys ()
drv:64bit: - (eio64) -- d:\windows\sysnative\drivers\eio64.sys (asustek computer inc.)
drv:64bit: - (xusb21) -- d:\windows\sysnative\drivers\xusb21.sys (microsoft corporation)
drv:64bit: - (amdsata) -- d:\windows\sysnative\drivers\amdsata.sys (advanced micro devices)
drv:64bit: - (amdxata) -- d:\windows\sysnative\drivers\amdxata.sys (advanced micro devices)
drv:64bit: - (amdsbs) -- d:\windows\sysnative\drivers\amdsbs.sys (amd technologies inc.)
drv:64bit: - (lsi_sas2) -- d:\windows\sysnative\drivers\lsi_sas2.sys (lsi corporation)
drv:64bit: - (hpsamd) -- d:\windows\sysnative\drivers\hpsamd.sys (hewlett-packard company)
drv:64bit: - (stexstor) -- d:\windows\sysnative\drivers\stexstor.sys (promise technology)
drv:64bit: - (ntfs) -- d:\windows\sysnative\wbem\ntfs.mof ()
drv:64bit: - (nvenetfd) -- d:\windows\sysnative\drivers\nvm62x64.sys (nvidia corporation)
drv:64bit: - (ebdrv) -- d:\windows\sysnative\drivers\evbda.sys (broadcom corporation)
drv:64bit: - (b06bdrv) -- d:\windows\sysnative\drivers\bxvbda.sys (broadcom corporation)
drv:64bit: - (b57nd60a) -- d:\windows\sysnative\drivers\b57nd60a.sys (broadcom corporation)
drv:64bit: - (hcw85cir) -- d:\windows\sysnative\drivers\hcw85cir.sys (hauppauge computer works, inc.)
drv:64bit: - (adihdaudaddservice) -- d:\windows\sysnative\drivers\adihdaud.sys (analog devices, inc.)
drv:64bit: - (ha20x2k) -- d:\windows\sysnative\drivers\ha20x2k.sys (creative technology ltd)
drv:64bit: - (emupia) -- d:\windows\sysnative\drivers\emupia2k.sys (creative technology ltd)
drv:64bit: - (ctsfm2k) -- d:\windows\sysnative\drivers\ctsfm2k.sys (creative technology ltd)
drv:64bit: - (ctprxy2k) -- d:\windows\sysnative\drivers\ctprxy2k.sys (creative technology ltd)
drv:64bit: - (ossrv) -- d:\windows\sysnative\drivers\ctoss2k.sys (creative technology ltd.)
drv:64bit: - (ctaud2k) creative audio driver (wdm) -- d:\windows\sysnative\drivers\ctaud2k.sys (creative technology ltd)
drv:64bit: - (ctac32k) -- d:\windows\sysnative\drivers\ctac32k.sys (creative technology ltd)
drv:64bit: - (ctexfifx.sys) -- d:\windows\sysnative\drivers\ctexfifx.sys (creative technology ltd.)
drv:64bit: - (ctexfifx) -- d:\windows\sysnative\drivers\ctexfifx.sys (creative technology ltd.)
drv:64bit: - (cthwiut.sys) -- d:\windows\sysnative\drivers\cthwiut.sys (creative technology ltd.)
drv:64bit: - (cthwiut) -- d:\windows\sysnative\drivers\cthwiut.sys (creative technology ltd.)
drv:64bit: - (ct20xut.sys) -- d:\windows\sysnative\drivers\ct20xut.sys (creative technology ltd.)
drv:64bit: - (ct20xut) -- d:\windows\sysnative\drivers\ct20xut.sys (creative technology ltd.)
drv:64bit: - (vclone) -- d:\windows\sysnative\drivers\vclone.sys (elaborate bytes ag)
drv:64bit: - (mtsensor) -- d:\windows\sysnative\drivers\asacpi.sys ()
drv:64bit: - (hotcore3) -- d:\windows\sysnative\drivers\hotcore3.sys (paragon software group)
drv:64bit: - (ggsemc) -- d:\windows\sysnative\drivers\ggsemc.sys (sony ericsson mobile communications)
drv:64bit: - (ggflt) -- d:\windows\sysnative\drivers\ggflt.sys (sony ericsson mobile communications)
drv:64bit: - (a4djavs_x64) -- d:\windows\sysnative\drivers\a4djavs_x64.sys (native instruments gmbh)
drv:64bit: - (a4djusb_x64) -- d:\windows\sysnative\drivers\a4djusb_x64.sys (native instruments gmbh)
drv:64bit: - (fwlanusbn) -- d:\windows\sysnative\drivers\fwlanusbn.sys (avm gmbh)
drv:64bit: - (avmeject) -- d:\windows\sysnative\drivers\avmeject.sys (avm berlin)
drv:64bit: - (atkdisplf) -- d:\windows\sysnative\drivers\atkdisplowfilter.sys (asustek computer inc.)
drv:64bit: - (asusgsb) -- d:\windows\sysnative\drivers\asusgsb.sys (asustek computer inc.)
drv:64bit: - (s0017unic) sony ericsson device 0017 usb ethernet emulation semc0017 (wdm) -- d:\windows\sysnative\drivers\s0017unic.sys (mcci corporation)
drv:64bit: - (s0017obex) -- d:\windows\sysnative\drivers\s0017obex.sys (mcci corporation)
drv:64bit: - (s0017nd5) sony ericsson device 0017 usb ethernet emulation semc0017 (ndis) -- d:\windows\sysnative\drivers\s0017nd5.sys (mcci corporation)
drv:64bit: - (s0017mdm) -- d:\windows\sysnative\drivers\s0017mdm.sys (mcci corporation)
drv:64bit: - (s0017mgmt) sony ericsson device 0017 usb wmc device management drivers (wdm) -- d:\windows\sysnative\drivers\s0017mgmt.sys (mcci corporation)
drv:64bit: - (s0017mdfl) -- d:\windows\sysnative\drivers\s0017mdfl.sys (mcci corporation)
drv:64bit: - (s0017bus) sony ericsson device 0017 driver (wdm) -- d:\windows\sysnative\drivers\s0017bus.sys (mcci corporation)
drv:64bit: - (seehcri) -- d:\windows\sysnative\drivers\seehcri.sys (sony ericsson mobile communications)
drv:64bit: - (sifilter) -- d:\windows\sysnative\drivers\siwinacc.sys (silicon image, inc)
drv:64bit: - (siremfil) -- d:\windows\sysnative\drivers\siremfil.sys (silicon image, inc)
drv:64bit: - (si3132) -- d:\windows\sysnative\drivers\si3132.sys (silicon image, inc)
drv:64bit: - (dslmnlwf) -- d:\windows\sysnative\drivers\dslmnlwf.sys (t-systems enterprise services gmbh)
drv:64bit: - (s125obex) -- d:\windows\sysnative\drivers\s125obex.sys (mcci corporation)
drv:64bit: - (s125bus) sony ericsson device 125 driver (wdm) -- d:\windows\sysnative\drivers\s125bus.sys (mcci corporation)
drv:64bit: - (elbycdfl) -- d:\windows\sysnative\drivers\elbycdfl.sys (slysoft, inc.)
drv:64bit: - (fwlanusb) -- d:\windows\sysnative\drivers\fwlanusb.sys (avm gmbh)
drv - (lavasoft kernexplorer) -- d:\program files (x86)\lavasoft\ad-aware\kernexplorer64.sys ()
drv - (anydvd) -- d:\windows\syswow64\drivers\anydvd.sys (slysoft, inc.)
drv - (tuneuputilitiesdrv) -- d:\program files (x86)\tuneup utilities 2011\tuneuputilitiesdriver64.sys (tuneup software)
drv - (rivatuner64) -- d:\program files (x86)\rivatuner v2.24 msi master overclocking arena 2009 edition\rivatuner64.sys ()
drv - (elbycdfl) -- d:\windows\syswow64\drivers\elbycdfl.sys (slysoft, inc.)
drv - (nvflash) -- d:\windows\syswow64\drivers\nvflash.sys ()
========== standard registry (safelist) ==========
========== internet explorer ==========
ie - hklm\software\microsoft\internet explorer\main,local page = d:\windows\syswow64\blank.htm
ie - hkcu\software\microsoft\internet explorer\main,secondary start pages = h**p://4fuckr.com/page_1.htm [binary data]
ie - hkcu\software\microsoft\internet explorer\main,start page = h**p://welt4.freewar.de/freewar/index.php?login_failure=1
ie - hkcu\software\microsoft\internet explorer\main,start page redirect cache = h**p://de.msn.com/?ocid=iehp
ie - hkcu\software\microsoft\internet explorer\main,start page redirect cache acceptlangs = de
ie - hkcu\software\microsoft\internet explorer\main,start page redirect cache_timestamp = 2c bd 8f ab a4 60 ca 01 [binary data]
ie - hkcu\..\urlsearchhook: - reg error: Key error. File not found
ie - hkcu\software\microsoft\windows\currentversion\internet settings: "proxyenable" = 0
========== firefox ==========
ff - prefs.js..browser.search.defaultenginename: "icq search"
ff - prefs.js..browser.search.selectedengine: "google"
ff - prefs.js..browser.search.usedbfororder: True
ff - prefs.js..browser.startup.homepage: "google.de"
ff - prefs.js..extensions.enableditems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
ff - prefs.js..extensions.enableditems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
ff - prefs.js..extensions.enableditems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
ff - prefs.js..extensions.enableditems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
ff - prefs.js..extensions.enableditems: Jl@leimbach-it.de:2.5
ff - prefs.js..extensions.enableditems: {ddc359d1-844a-42a7-9aa1-88a850a938a8}:1.1.10
ff - prefs.js..keyword.url: "h**p://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q="
ff - hklm\software\mozilla\mozilla firefox 3.6.11\extensions\\components: D:\program files (x86)\mozilla firefox\components [2010/10/21 13:26:43 | 000,000,000 | ---d | m]
ff - hklm\software\mozilla\mozilla firefox 3.6.11\extensions\\plugins: D:\program files (x86)\mozilla firefox\plugins [2010/10/21 13:26:43 | 000,000,000 | ---d | m]
[2010/10/08 17:59:59 | 000,000,000 | ---d | m] -- d:\users\stefan\appdata\roaming\mozilla\extensions
[2010/10/08 17:59:59 | 000,000,000 | ---d | m] -- d:\users\stefan\appdata\roaming\mozilla\extensions\home2@tomtom.com
[2010/10/26 21:00:36 | 000,000,000 | ---d | m] -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\extensions
[2010/03/07 19:07:33 | 000,000,000 | ---d | m] (linkification) -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010/07/18 21:40:08 | 000,000,000 | ---d | m] (reloadevery) -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010/10/14 21:50:48 | 000,000,000 | ---d | m] (downloadhelper) -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/08/20 06:33:38 | 000,000,000 | ---d | m] (adblock plus) -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/09 14:35:58 | 000,000,000 | ---d | m] (downthemall!) -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\extensions\{ddc359d1-844a-42a7-9aa1-88a850a938a8}
[2010/03/26 00:10:48 | 000,000,000 | ---d | m] -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\extensions\jl@leimbach-it.de
[2010/03/13 11:43:38 | 000,000,687 | ---- | m] () -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\searchplugins\icq-search.xml
[2010/04/09 05:24:01 | 000,000,950 | ---- | m] () -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\searchplugins\icqplugin-1.xml
[2010/06/24 05:14:10 | 000,000,950 | ---- | m] () -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\searchplugins\icqplugin-2.xml
[2010/06/28 05:34:20 | 000,000,950 | ---- | m] () -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\searchplugins\icqplugin-3.xml
[2010/03/23 21:50:29 | 000,000,950 | ---- | m] () -- d:\users\stefan\appdata\roaming\mozilla\firefox\profiles\eluxhlz3.default\searchplugins\icqplugin.xml
[2010/10/26 21:00:36 | 000,000,000 | ---d | m] -- d:\program files (x86)\mozilla firefox\extensions
[2010/08/10 22:39:24 | 000,001,392 | ---- | m] () -- d:\program files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/08/10 22:39:24 | 000,002,344 | ---- | m] () -- d:\program files (x86)\mozilla firefox\searchplugins\ebay-de.xml
[2010/08/10 22:39:24 | 000,006,805 | ---- | m] () -- d:\program files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/08/10 22:39:24 | 000,001,178 | ---- | m] () -- d:\program files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/08/10 22:39:24 | 000,001,105 | ---- | m] () -- d:\program files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
o1 hosts file: ([2009/06/10 23:00:26 | 000,000,824 | ---- | m]) - d:\windows\sysnative\drivers\etc\hosts
o2:64bit: - bho: (office document cache handler) - {b4f3a835-0e21-4959-ba22-42b3008e02ff} - d:\progra~1\micros~2\office14\urlredir.dll (microsoft corporation)
o2 - bho: (office document cache handler) - {b4f3a835-0e21-4959-ba22-42b3008e02ff} - d:\progra~2\micros~1\office14\urlredir.dll (microsoft corporation)
o2 - bho: (d:\windows\syswow64\qkad7.dll) - {b6ba40c1-a501-59bd-f413-03b03a2c8952} - d:\windows\syswow64\qkad7.dll file not found
o3 - hklm\..\toolbar: (toolbar fuer ebay) - {000e148c-f7a7-445a-9044-93bf6ce09ecb} - d:\users\stefan\appdata\roaming\toolbars\toolbar fuer ebay\ebay.dll ()
o3 - hkcu\..\toolbar\webbrowser: (toolbar fuer ebay) - {000e148c-f7a7-445a-9044-93bf6ce09ecb} - d:\users\stefan\appdata\roaming\toolbars\toolbar fuer ebay\ebay.dll ()
o4:64bit: - hklm..\run: [rivatuner] d:\program files (x86)\rivatuner v2.24 msi master overclocking arena 2009 edition\rivatunerwrapper.exe ()
o4:64bit: - hklm..\run: [rivatunerstartupdaemon] d:\program files (x86)\rivatuner v2.24 msi master overclocking arena 2009 edition\rivatunerwrapper.exe ()
o4:64bit: - hklm..\run: [soundmax] d:\program files (x86)\analog devices\soundmax\soundmax.exe (analog devices, inc.)
o4 - hklm..\run: [ai nap] d:\program files (x86)\asus\ai suite\ainap\ainap.exe ()
o4 - hklm..\run: [avgnt] d:\program files (x86)\avira\antivir desktop\avgnt.exe (avira gmbh)
o4 - hklm..\run: [avmwlanclient] d:\program files (x86)\avmwlanstick\wlangui.exe (avm berlin)
o4 - hklm..\run: [clonecdtray] d:\program files (x86)\slysoft\clonecd\clonecdtray.exe (slysoft, inc.)
o4 - hklm..\run: [cpu level up] d:\program files (x86)\asus\ai suite\cpu level upex\cpulevelup.exe (asustek)
o4 - hklm..\run: [ctxfihlp] d:\windows\syswow64\ctxfihlp.exe (creative technology ltd)
o4 - hklm..\run: [qfan help] d:\program files (x86)\asus\ai suite\qfan3\qfanhelp.exe ()
o4 - hklm..\run: [soundmaxpnp] d:\program files (x86)\analog devices\core\smax4pnp.exe (analog devices, inc.)
o4 - hklm..\run: [virtualclonedrive] d:\program files (x86)\elaborate bytes\virtualclonedrive\vcddaemon.exe (elaborate bytes ag)
o4 - hkcu..\run: [cpu_control] d:\program files (x86)\cpu-control\cpu_control.exe ()
o4 - hkcu..\run: [daemon tools lite] d:\program files (x86)\daemon tools lite\dtlite.exe (dt soft ltd)
o4 - hkcu..\run: [icq] d:\program files (x86)\icq7.0\icq.exe (icq, llc.)
o4 - hkcu..\run: [koo9rv9k4z] d:\users\stefan\appdata\local\temp\gd0.exe (trend micro inc.)
o4 - hkcu..\run: [sony ericsson pc suite] d:\program files (x86)\sony ericsson\sony ericsson pc suite\sepcsuite.exe (sony ericsson mobile communications ab)
o4 - startup: D:\users\stefan\appdata\roaming\microsoft\windows\start menu\programs\startup\dsl-manager.lnk = d:\program files (x86)\dsl-manager\dslmgr.exe (t-systems enterprise services gmbh)
o6 - hklm\software\microsoft\windows\currentversion\policies\explorer: Noactivedesktop = 1 [2010/07/06 17:28:22 | 000,000,000 | ---d | m]
o6 - hklm\software\microsoft\windows\currentversion\policies\explorer: Noactivedesktopchanges = 1 [2010/07/06 17:28:22 | 000,000,000 | ---d | m]
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Consentpromptbehavioradmin = 0
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Consentpromptbehavioruser = 3
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Enableinstallerdetection = 1 [2010/07/06 17:28:22 | 000,000,000 | ---d | m]
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Enablelua = 0
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Enablesecureuiapaths = 1 [2010/07/06 17:28:22 | 000,000,000 | ---d | m]
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Enablevirtualization = 1 [2010/07/06 17:28:22 | 000,000,000 | ---d | m]
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Promptonsecuredesktop = 0
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Shutdownwithoutlogon = 1 [2010/07/06 17:28:22 | 000,000,000 | ---d | m]
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Undockwithoutlogon = 1 [2010/07/06 17:28:22 | 000,000,000 | ---d | m]
o6 - hklm\software\microsoft\windows\currentversion\policies\system\uipi\clipboard\exceptionformats: Cf_text = 1 [2010/07/06 17:28:22 | 000,000,000 | ---d | m]
o7 - hkcu\software\microsoft\windows\currentversion\policies\explorer: Nodrivetypeautorun = 145
o8:64bit: - extra context menu item: Add to &bom - d:\\progra~2\\biet-o~1\\\\addtobom.hta ()
o8 - extra context menu item: Add to &bom - d:\\progra~2\\biet-o~1\\\\addtobom.hta ()
o9 - extra button: Icq7 - {88eb38ef-4d2c-436d-abd3-56b232674062} - d:\program files (x86)\icq7.0\icq.exe (icq, llc.)
o9 - extra 'tools' menuitem : Icq7 - {88eb38ef-4d2c-436d-abd3-56b232674062} - d:\program files (x86)\icq7.0\icq.exe (icq, llc.)
o13 - gopher prefix: Missing
o13 - gopher prefix: Missing
o16 - dpf: {8ad9c840-044e-11d1-b3e9-00805f499d93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (java plug-in 1.6.0_17)
o16 - dpf: {cafeefac-0016-0000-0017-abcdeffedcba} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (java plug-in 1.6.0_17)
o16 - dpf: {cafeefac-ffff-ffff-ffff-abcdeffedcba} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (java plug-in 1.6.0_17)
o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} h**p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (shockwave flash object)
o16 - dpf: {f6acf75c-c32c-447b-9bef-46b766368d29} h**p://ccfiles.creative.com/web/softwareupdate/su2/ocx/15109/ctpid.cab (creative software autoupdate support package)
o17 - hklm\system\ccs\services\tcpip\parameters: Dhcpnameserver = 192.168.178.1
o18 - protocol\handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - reg error: Key error. File not found
o20 - appinit_dlls: (anydischelp.dll) - file not found
o20:64bit: - hklm winlogon: Shell - (explorer.exe) - d:\windows\explorer.exe (microsoft corporation)
o20:64bit: - hklm winlogon: Vmapplet - (systempropertiesperformance.exe) - d:\windows\sysnative\systempropertiesperformance.exe (microsoft corporation)
o20:64bit: - hklm winlogon: Vmapplet - (/pagefile) - file not found
o20 - hklm winlogon: Shell - (explorer.exe) - d:\windows\syswow64\explorer.exe (microsoft corporation)
o20 - hklm winlogon: Vmapplet - (/pagefile) - file not found
o20 - hkcu winlogon: Shell - (d:\users\stefan\appdata\roaming\hotfix.exe) - d:\users\stefan\appdata\roaming\hotfix.exe file not found
o21:64bit: - ssodl: Webcheck - {e6fb5e20-de35-11cf-9c87-00aa005127ed} - clsid or file not found.
O21 - ssodl: Webcheck - {e6fb5e20-de35-11cf-9c87-00aa005127ed} - clsid or file not found.
O22:64bit: - sharedtaskscheduler: {e31004d1-a431-41b8-826f-e902f9d95c81} - windows dreamscene - d:\windows\sysnative\dreamscene.dll (microsoft corporation)
o22 - sharedtaskscheduler: {b6ba40c1-a501-59bd-f413-03b03a2c8952} - dfskea98e4iagjiufhg87df87u - d:\windows\syswow64\qkad7.dll file not found
o22 - sharedtaskscheduler: {e31004d1-a431-41b8-826f-e902f9d95c81} - windows dreamscene - d:\windows\syswow64\dreamscene.dll (microsoft corporation)
o27:64bit: - hklm ifeo\taskmgr.exe: Debugger - d:\program files (x86)\tuneup utilities 2011\pmlauncher.exe (tuneup software)
o27:64bit: - hklm ifeo\unins000.exe: Debugger - d:\program files (x86)\tuneup utilities 2011\tuautoreactivator64.exe (tuneup software)
o27:64bit: - hklm ifeo\wo6.exe: Debugger - d:\program files (x86)\tuneup utilities 2011\tuautoreactivator64.exe (tuneup software)
o27 - hklm ifeo\taskmgr.exe: Debugger - d:\program files (x86)\tuneup utilities 2011\pmlauncher.exe (tuneup software)
o27 - hklm ifeo\unins000.exe: Debugger - "d:\program files (x86)\tuneup utilities 2011\tuautoreactivator64.exe" (tuneup software)
o27 - hklm ifeo\wo6.exe: Debugger - "d:\program files (x86)\tuneup utilities 2011\tuautoreactivator64.exe" (tuneup software)
o32 - hklm cdrom: Autorun - 1
o32 - autorun file - [2009/11/06 12:40:17 | 000,000,000 | ---- | m] () - c:\autoexec.bat -- [ ntfs ]
o33 - mountpoints2\{0d015aa1-0fb2-11df-ae60-00040ec2d49e}\shell - "" = autorun
o33 - mountpoints2\{0d015aa1-0fb2-11df-ae60-00040ec2d49e}\shell\autorun\command - "" = f:\pushinst.exe -- file not found
o33 - mountpoints2\{a96da4f5-f081-11de-9024-00040ec2d49e}\shell - "" = autorun
o33 - mountpoints2\{a96da4f5-f081-11de-9024-00040ec2d49e}\shell\autorun\command - "" = j:\launchu3.exe -- file not found
o34 - hklm bootexecute: (autocheck autochk *) - file not found
o34 - hklm bootexecute: (lsdelete) - file not found
o35:64bit: - hklm\..comfile [open] -- "%1" %*
o35:64bit: - hklm\..exefile [open] -- "%1" %*
o35 - hklm\..comfile [open] -- "%1" %*
o35 - hklm\..exefile [open] -- "%1" %*
o36 - appcertdlls: Diskvaws - (d:\windows\system32\icartend.dll) - d:\windows\syswow64\icartend.dll file not found
o37:64bit: - hklm\...com [@ = comfile] -- "%1" %*
o37:64bit: - hklm\...exe [@ = exefile] -- "%1" %*
o37 - hklm\...com [@ = comfile] -- "%1" %*
o37 - hklm\...exe [@ = exefile] -- "%1" %*
========== files/folders - created within 30 days ==========
[2010/10/27 15:39:09 | 000,575,488 | ---- | c] (oldtimer tools) -- d:\users\stefan\desktop\otl.exe
[2010/10/24 17:00:29 | 000,069,152 | ---- | c] (lavasoft ab) -- d:\windows\sysnative\drivers\lbd.sys
[2010/10/24 15:00:14 | 000,000,000 | ---d | c] -- d:\users\stefan\appdata\local\sunbelt software
[2010/10/24 14:59:40 | 000,000,000 | -h-d | c] -- d:\programdata\{e961ce1b-c3ea-4882-9f67-f859b555d097}
[2010/10/24 14:59:36 | 000,000,000 | ---d | c] -- d:\programdata\lavasoft
[2010/10/24 14:59:36 | 000,000,000 | ---d | c] -- d:\program files (x86)\lavasoft
[2010/10/23 21:13:59 | 000,000,000 | ---d | c] -- d:\program files (x86)\trend micro
[2010/10/23 21:12:26 | 000,000,000 | ---d | c] -- d:\users\stefan\appdata\roaming\vlc
[2010/10/23 18:47:50 | 000,000,000 | ---d | c] -- d:\programdata\spybot - search & destroy
[2010/10/23 18:46:19 | 000,000,000 | ---d | c] -- d:\users\stefan\appdata\roaming\avira
[2010/10/23 18:36:04 | 000,116,568 | ---- | c] (avira gmbh) -- d:\windows\sysnative\drivers\avipbb.sys
[2010/10/23 18:36:04 | 000,081,072 | ---- | c] (avira gmbh) -- d:\windows\sysnative\drivers\avgntflt.sys
[2010/10/23 18:36:04 | 000,051,992 | ---- | c] (avira gmbh) -- d:\windows\syswow64\drivers\avgntdd.sys
[2010/10/23 18:36:04 | 000,017,016 | ---- | c] (avira gmbh) -- d:\windows\syswow64\drivers\avgntmgr.sys
[2010/10/23 18:36:03 | 000,000,000 | ---d | c] -- d:\programdata\avira
[2010/10/23 18:36:03 | 000,000,000 | ---d | c] -- d:\program files (x86)\avira
[2010/10/23 18:09:32 | 000,000,000 | ---d | c] -- d:\users\stefan\appdata\local\dbcontrol
[2010/10/20 22:57:49 | 000,000,000 | ---d | c] -- d:\users\stefan\documents\arcania - gothic 4
[2010/10/14 05:35:39 | 000,702,976 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\msfeeds.dll
[2010/10/14 05:35:39 | 000,599,040 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\msfeeds.dll
[2010/10/14 05:35:39 | 000,057,856 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\licmgr10.dll
[2010/10/14 05:35:39 | 000,044,544 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\licmgr10.dll
[2010/10/14 05:35:38 | 000,482,816 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\html.iec
[2010/10/14 05:35:38 | 000,386,048 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\html.iec
[2010/10/14 05:35:38 | 000,256,000 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\iepeers.dll
[2010/10/14 05:35:38 | 000,247,808 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\ieui.dll
[2010/10/14 05:35:38 | 000,185,856 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\iepeers.dll
[2010/10/14 05:35:38 | 000,176,640 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\ieui.dll
[2010/10/14 05:35:38 | 000,097,280 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\mshtmled.dll
[2010/10/14 05:35:38 | 000,067,072 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\mshtmled.dll
[2010/10/14 05:35:38 | 000,012,800 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\msfeedssync.exe
[2010/10/14 05:35:38 | 000,012,288 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\msfeedssync.exe
[2010/10/14 05:34:41 | 014,627,840 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\wmp.dll
[2010/10/14 05:34:40 | 012,625,408 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\wmploc.dll
[2010/10/14 05:34:40 | 011,406,848 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\wmp.dll
[2010/10/14 05:34:39 | 012,625,920 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\wmploc.dll
[2010/10/14 05:34:38 | 002,085,376 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\ole32.dll
[2010/10/14 05:34:12 | 000,633,856 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\comctl32.dll
[2010/10/14 05:34:08 | 001,024,512 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\wmpmde.dll
[2010/10/14 05:34:08 | 000,954,752 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\mfc40.dll
[2010/10/14 05:34:08 | 000,954,288 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\mfc40u.dll
[2010/10/14 05:34:08 | 000,738,816 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\wmpmde.dll
[2010/10/14 05:34:07 | 000,483,840 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\structuredquery.dll
[2010/10/14 05:34:07 | 000,148,992 | ---- | c] (microsoft corporation) -- d:\windows\sysnative\t2embed.dll
[2010/10/14 05:34:07 | 000,109,056 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\t2embed.dll
[2010/10/14 05:34:06 | 000,009,728 | ---- | c] (microsoft corporation) -- d:\windows\syswow64\sscore.dll
[2010/10/10 21:17:50 | 000,000,000 | ---d | c] -- d:\users\stefan\documents\anydvdhd
[2010/10/08 18:21:16 | 000,000,000 | ---d | c] -- d:\program files (x86)\gpsbabel
[2010/10/08 18:10:41 | 000,000,000 | ---d | c] -- d:\program files\7-zip
[2010/10/08 18:00:11 | 000,000,000 | ---d | c] -- d:\users\stefan\documents\tomtom
[2010/10/08 18:00:08 | 000,000,000 | ---d | c] -- d:\programdata\tomtom
[2010/10/08 17:59:59 | 000,000,000 | ---d | c] -- d:\users\stefan\appdata\roaming\tomtom
[2010/10/08 17:59:59 | 000,000,000 | ---d | c] -- d:\users\stefan\appdata\local\tomtom
[2010/10/08 17:59:54 | 000,000,000 | ---d | c] -- d:\program files (x86)\tomtom international b.v
[2010/10/08 17:59:45 | 000,000,000 | ---d | c] -- d:\program files (x86)\tomtom home 2
[2010/09/30 23:25:10 | 000,040,104 | ---- | c] (elaborate bytes ag) -- d:\windows\sysnative\drivers\elbycdio.sys
[2010/09/30 13:18:24 | 000,089,256 | ---- | c] (elaborate bytes ag) -- d:\windows\syswow64\elbycdio.dll
[2010/09/27 20:24:45 | 000,000,000 | ---d | c] -- d:\program files (x86)\daemon tools lite
[2010/01/11 22:24:29 | 000,148,736 | ---- | c] (avanquest software) -- d:\programdata\hpe671b.dll
[2010/01/01 17:08:48 | 000,148,736 | ---- | c] (avanquest software) -- d:\programdata\hpe363d.dll
[2009/06/04 01:57:38 | 000,060,928 | ---- | c] ( ) -- d:\windows\syswow64\a3d.dll
[2 d:\windows\*.tmp files -> d:\windows\*.tmp -> ]
========== files - modified within 30 days ==========
[2010/10/27 15:40:29 | 000,575,488 | ---- | m] (oldtimer tools) -- d:\users\stefan\desktop\otl.exe
[2010/10/27 15:36:02 | 000,000,248 | -h-- | m] () -- d:\windows\tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job
[2010/10/27 15:34:54 | 000,000,290 | -h-- | m] () -- d:\windows\tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job
[2010/10/27 15:18:34 | 000,000,982 | ---- | m] () -- d:\users\stefan\appdata\roaming\microsoft\windows\start menu\programs\startup\dsl-manager.lnk
[2010/10/27 15:15:43 | 000,014,224 | -h-- | m] () -- d:\windows\sysnative\7b296fb0-376b-497e-b012-9c450e1b7327-5p-1.c7483456-a289-439d-8115-601632d005a0
[2010/10/27 15:15:43 | 000,014,224 | -h-- | m] () -- d:\windows\sysnative\7b296fb0-376b-497e-b012-9c450e1b7327-5p-0.c7483456-a289-439d-8115-601632d005a0
[2010/10/27 15:08:49 | 000,000,394 | ---- | m] () -- d:\windows\tasks\ad-aware update (weekly).job
[2010/10/27 15:08:19 | 000,067,584 | --s- | m] () -- d:\windows\bootstat.dat
[2010/10/27 15:08:17 | 535,732,223 | -hs- | m] () -- d:\hiberfil.sys
[2010/10/27 05:46:14 | 000,063,460 | ---- | m] () -- d:\windows\sysnative\bmxstatebkp-{00000002-00000000-00000007-00001102-00000005-00231102}.rfx
[2010/10/27 05:46:14 | 000,063,460 | ---- | m] () -- d:\windows\sysnative\bmxstate-{00000002-00000000-00000007-00001102-00000005-00231102}.rfx
[2010/10/27 05:46:14 | 000,001,080 | ---- | m] () -- d:\windows\sysnative\settingsbkup.sfm
[2010/10/27 05:46:14 | 000,001,080 | ---- | m] () -- d:\windows\sysnative\settings.sfm
[2010/10/27 05:46:14 | 000,000,788 | ---- | m] () -- d:\windows\sysnative\dvcstate-{00000002-00000000-00000007-00001102-00000005-00231102}.rfx
[2010/10/24 14:59:39 | 000,001,174 | ---- | m] () -- d:\users\stefan\application data\microsoft\internet explorer\quick launch\ad-aware.lnk
[2010/10/24 14:59:39 | 000,001,150 | ---- | m] () -- d:\users\public\desktop\ad-aware.lnk
[2010/10/24 14:09:32 | 028,541,623 | ---- | m] () -- d:\program files (x86)\spybot - search & destroy.rar
[2010/10/23 21:13:59 | 000,002,981 | ---- | m] () -- d:\users\stefan\desktop\hijackthis.lnk
[2010/10/23 19:11:56 | 000,000,103 | ---- | m] () -- d:\windows\wininit.ini
[2010/10/23 19:02:35 | 000,001,066 | ---- | m] () -- d:\users\public\desktop\vlc media player.lnk
[2010/10/23 19:01:13 | 019,657,194 | ---- | m] () -- d:\users\stefan\documents\vlc-1.1.4-win32.exe
[2010/10/23 18:36:13 | 000,002,066 | ---- | m] () -- d:\users\public\desktop\avira antivir control center.lnk
[2010/10/23 18:09:24 | 000,000,179 | ---- | m] () -- d:\users\stefan\appdata\roaming\42693.bat
[2010/10/23 18:09:06 | 000,000,016 | ---- | m] () -- d:\users\stefan\appdata\roaming\dxqkew.dat
[2010/10/23 18:08:41 | 000,000,004 | ---- | m] () -- d:\users\stefan\appdata\roaming\avdrn.dat
[2010/10/23 18:07:50 | 000,001,164 | ---- | m] () -- d:\users\stefan\desktop\antimalware doctor.lnk
[2010/10/23 18:07:50 | 000,001,144 | ---- | m] () -- d:\users\stefan\application data\microsoft\internet explorer\quick launch\antimalware doctor.lnk
[2010/10/20 22:48:37 | 000,000,690 | ---- | m] () -- d:\users\public\desktop\arcania - gothic 4 starten.lnk
[2010/10/15 05:28:23 | 001,619,748 | ---- | m] () -- d:\windows\sysnative\perfstringbackup.ini
[2010/10/15 05:28:23 | 000,697,474 | ---- | m] () -- d:\windows\sysnative\perfh007.dat
[2010/10/15 05:28:23 | 000,654,354 | ---- | m] () -- d:\windows\sysnative\perfh009.dat
[2010/10/15 05:28:23 | 000,148,104 | ---- | m] () -- d:\windows\sysnative\perfc007.dat
[2010/10/15 05:28:23 | 000,121,224 | ---- | m] () -- d:\windows\sysnative\perfc009.dat
[2010/10/14 14:25:02 | 000,418,392 | ---- | m] () -- d:\windows\sysnative\fntcache.dat
[2010/10/12 14:44:28 | 000,000,083 | -hs- | m] () -- d:\programdata\.zreglib
[2010/10/10 21:17:30 | 000,001,199 | ---- | m] () -- d:\users\public\desktop\clonedvd2.lnk
[2010/10/10 21:17:10 | 000,001,101 | ---- | m] () -- d:\users\public\desktop\anydvd.lnk
[2010/10/02 19:41:27 | 002,966,140 | ---- | m] () -- d:\users\stefan\documents\2010-10-2-17-41-mymdb_backup.xlg
[2010/10/01 21:37:12 | 002,944,588 | ---- | m] () -- d:\users\stefan\documents\2010-10-1-19-37-mymdb_backup.xlg
[2010/09/30 23:25:10 | 000,040,104 | ---- | m] (elaborate bytes ag) -- d:\windows\sysnative\drivers\elbycdio.sys
[2010/09/30 13:18:24 | 000,089,256 | ---- | m] (elaborate bytes ag) -- d:\windows\syswow64\elbycdio.dll
[2 d:\windows\*.tmp files -> d:\windows\*.tmp -> ]
========== files created - no company name ==========
[2010/10/25 20:41:36 | 000,000,394 | ---- | c] () -- d:\windows\tasks\ad-aware update (weekly).job
[2010/10/24 16:57:20 | 000,015,880 | ---- | c] () -- d:\windows\sysnative\lsdelete.exe
[2010/10/24 14:59:39 | 000,001,174 | ---- | c] () -- d:\users\stefan\application data\microsoft\internet explorer\quick launch\ad-aware.lnk
[2010/10/24 14:59:39 | 000,001,150 | ---- | c] () -- d:\users\public\desktop\ad-aware.lnk
[2010/10/24 14:09:19 | 028,541,623 | ---- | c] () -- d:\program files (x86)\spybot - search & destroy.rar
[2010/10/23 21:13:59 | 000,002,981 | ---- | c] () -- d:\users\stefan\desktop\hijackthis.lnk
[2010/10/23 19:11:56 | 000,000,103 | ---- | c] () -- d:\windows\wininit.ini
[2010/10/23 19:02:35 | 000,001,066 | ---- | c] () -- d:\users\public\desktop\vlc media player.lnk
[2010/10/23 18:57:08 | 019,657,194 | ---- | c] () -- d:\users\stefan\documents\vlc-1.1.4-win32.exe
[2010/10/23 18:36:13 | 000,002,066 | ---- | c] () -- d:\users\public\desktop\avira antivir control center.lnk
[2010/10/23 18:10:48 | 000,000,290 | -h-- | c] () -- d:\windows\tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job
[2010/10/23 18:10:43 | 000,000,248 | -h-- | c] () -- d:\windows\tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job
[2010/10/23 18:09:32 | 000,000,000 | ---- | c] () -- d:\users\stefan\appdata\local\googleupdate.log
[2010/10/23 18:09:24 | 000,000,179 | ---- | c] () -- d:\users\stefan\appdata\roaming\42693.bat
[2010/10/23 18:09:06 | 000,000,016 | ---- | c] () -- d:\users\stefan\appdata\roaming\dxqkew.dat
[2010/10/23 18:08:41 | 000,000,004 | ---- | c] () -- d:\users\stefan\appdata\roaming\avdrn.dat
[2010/10/23 18:07:50 | 000,001,164 | ---- | c] () -- d:\users\stefan\desktop\antimalware doctor.lnk
[2010/10/23 18:07:50 | 000,001,144 | ---- | c] () -- d:\users\stefan\application data\microsoft\internet explorer\quick launch\antimalware doctor.lnk
[2010/10/20 22:48:37 | 000,000,690 | ---- | c] () -- d:\users\public\desktop\arcania - gothic 4 starten.lnk
[2010/10/10 21:17:30 | 000,001,199 | ---- | c] () -- d:\users\public\desktop\clonedvd2.lnk
[2010/10/10 21:17:10 | 000,001,101 | ---- | c] () -- d:\users\public\desktop\anydvd.lnk
[2010/10/02 19:41:21 | 002,966,140 | ---- | c] () -- d:\users\stefan\documents\2010-10-2-17-41-mymdb_backup.xlg
[2010/10/01 21:37:07 | 002,944,588 | ---- | c] () -- d:\users\stefan\documents\2010-10-1-19-37-mymdb_backup.xlg
[2010/04/02 17:17:34 | 000,179,091 | ---- | c] () -- d:\windows\syswow64\xlive.dll.cat
[2010/02/07 14:21:18 | 000,000,193 | ---- | c] () -- d:\windows\wordpad.ini
[2010/01/23 14:13:08 | 053,992,860 | ---- | c] () -- d:\program files (x86)\mymdb.rar
[2009/12/31 16:31:52 | 000,000,083 | -hs- | c] () -- d:\programdata\.zreglib
[2009/12/19 16:50:42 | 000,000,034 | ---- | c] () -- d:\windows\cdplayer.ini
[2009/12/03 20:33:24 | 000,000,156 | ---- | c] () -- d:\users\stefan\appdata\roaming\default.rss
[2009/12/03 20:33:07 | 000,000,069 | ---- | c] () -- d:\windows\nerodigital.ini
[2009/11/28 15:39:19 | 000,015,873 | ---- | c] () -- d:\windows\syswow64\inetde.dll
[2009/11/09 20:47:16 | 000,053,248 | ---- | c] () -- d:\windows\syswow64\asrussian.dll
[2009/11/09 20:47:16 | 000,053,248 | ---- | c] () -- d:\windows\syswow64\askorean.dll
[2009/11/09 20:47:16 | 000,053,248 | ---- | c] () -- d:\windows\syswow64\asjapan.dll
[2009/11/09 20:47:16 | 000,053,248 | ---- | c] () -- d:\windows\syswow64\asgerman.dll
[2009/11/09 20:47:16 | 000,053,248 | ---- | c] () -- d:\windows\syswow64\asfrench.dll
[2009/11/09 20:47:16 | 000,053,248 | ---- | c] () -- d:\windows\syswow64\aseng.dll
[2009/11/09 20:47:16 | 000,053,248 | ---- | c] () -- d:\windows\syswow64\ascht.dll
[2009/11/09 20:47:16 | 000,053,248 | ---- | c] () -- d:\windows\syswow64\aschs.dll
[2009/11/09 20:47:15 | 000,761,856 | ---- | c] () -- d:\windows\syswow64\xvidcore.dll
[2009/11/09 20:47:15 | 000,180,224 | ---- | c] () -- d:\windows\syswow64\xvidvfw.dll
[2009/11/09 16:39:36 | 000,000,038 | ---- | c] () -- d:\windows\avisplitter.ini
[2009/11/07 20:04:33 | 000,003,040 | ---- | c] () -- d:\windows\syswow64\drivers\nvflash.sys
[2009/11/07 19:39:06 | 000,024,576 | r--- | c] () -- d:\windows\syswow64\asio.dll
[2009/11/07 19:39:06 | 000,013,368 | r--- | c] () -- d:\windows\syswow64\drivers\asio.sys
[2009/11/07 19:38:45 | 000,001,769 | ---- | c] () -- d:\windows\language_trs.ini
[2009/11/07 19:35:19 | 001,594,390 | ---- | c] () -- d:\windows\syswow64\perfstringbackup.ini
[2009/11/07 19:21:22 | 000,148,480 | ---- | c] () -- d:\windows\syswow64\apomngr.dll
[2009/11/07 19:21:22 | 000,073,728 | ---- | c] () -- d:\windows\syswow64\cmdrtr.dll
[2009/11/07 19:20:49 | 000,003,072 | ---- | c] () -- d:\windows\syswow64\ctxfiger.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | c] () -- d:\windows\syswow64\bwcontexthandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | c] () -- d:\windows\syswow64\msjetoledb40.dll
[2009/06/04 02:37:08 | 000,021,093 | ---- | c] () -- d:\windows\syswow64\instwdm.ini
[2009/06/04 02:37:06 | 000,000,054 | ---- | c] () -- d:\windows\syswow64\ctzapxx.ini
[2009/06/04 01:55:20 | 000,002,560 | ---- | c] () -- d:\windows\syswow64\ctxfires.dll
[2009/05/27 10:49:00 | 000,000,285 | ---- | c] () -- d:\windows\syswow64\kill.ini
========== alternate data streams ==========
@alternate data stream - 24 bytes -> d:\windows:917ecb1c0ee15d1d
< end of report > --- --- ---
extras:
OTL Logfile: Code:
otl extras logfile created on: 10/27/2010 3:41:56 pm - run 1
otl by oldtimer - version 3.2.17.1 folder = d:\users\stefan\desktop
64bit- ultimate edition (version = 6.1.7600) - type = ntworkstation
internet explorer (version = 8.0.7600.16385)
locale: 00000409 | country: Germany | language: Deu | date format: Dd.mm.yyyy
6.00 gb total physical memory | 4.00 gb available physical memory | 68.00% memory free
12.00 gb paging file | 10.00 gb available in paging file | 80.00% paging file free
paging file location(s): ?:\pagefile.sys [binary data]
%systemdrive% = d: | %systemroot% = d:\windows | %programfiles% = d:\program files (x86)
drive c: | 76.33 gb total space | 17.34 gb free space | 22.71% space free | partition type: Ntfs
drive d: | 201.01 gb total space | 129.15 gb free space | 64.25% space free | partition type: Ntfs
drive e: | 1196.25 gb total space | 403.74 gb free space | 33.75% space free | partition type: Ntfs
drive g: | 265.75 gb total space | 86.52 gb free space | 32.56% space free | partition type: Ntfs
drive h: | 100.00 gb total space | 77.71 gb free space | 77.71% space free | partition type: Ntfs
computer name: Stefan-pc | user name: Stefan | logged in as administrator.
Boot mode: Normal | scan mode: Current user | include 64bit scans
company name whitelist: Off | skip microsoft files: Off | no company name whitelist: On | file age = 30 days
========== extra registry (safelist) ==========
========== file associations ==========
64bit: [hkey_local_machine\software\classes\<extension>]
.url[@ = internetshortcut] -- d:\windows\system32\ieframe.dll (microsoft corporation)
[hkey_local_machine\software\classes\<extension>]
.cpl [@ = cplfile] -- d:\windows\syswow64\control.exe (microsoft corporation)
.url [@ = internetshortcut] -- d:\windows\system32\ieframe.dll (microsoft corporation)
[hkey_current_user\software\classes\<extension>]
.html [@ = firefoxhtml] -- d:\program files (x86)\mozilla firefox\firefox.exe (mozilla corporation)
========== shell spawning ==========
64bit: [hkey_local_machine\software\classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* file not found
cmdfile [open] -- "%1" %* file not found
comfile [open] -- "%1" %* file not found
exefile [open] -- "%1" %* file not found
helpfile [open] -- reg error: Key error.
Inffile [install] -- %systemroot%\system32\infdefaultinstall.exe "%1" (microsoft corporation)
internetshortcut [open] -- "d:\windows\system32\rundll32.exe" "d:\windows\system32\ieframe.dll",openurl %l (microsoft corporation)
internetshortcut [print] -- "d:\windows\system32\rundll32.exe" "d:\windows\system32\mshtml.dll",printhtml "%1" (microsoft corporation)
piffile [open] -- "%1" %* file not found
regfile [merge] -- reg error: Key error.
Scrfile [config] -- "%1" file not found
scrfile [install] -- rundll32.exe desk.cpl,installscreensaver %l (microsoft corporation)
scrfile [open] -- "%1" /s file not found
txtfile [edit] -- reg error: Key error.
Unknown [openas] -- %systemroot%\system32\rundll32.exe %systemroot%\system32\shell32.dll,openas_rundll %1 file not found
directory [addtoplaylistvlc] -- "d:\program files (x86)\videolan\vlc\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
directory [cmd] -- cmd.exe /s /k pushd "%v" (microsoft corporation)
directory [find] -- %systemroot%\explorer.exe (microsoft corporation)
directory [playwithvlc] -- "d:\program files (x86)\videolan\vlc\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
folder [open] -- %systemroot%\explorer.exe (microsoft corporation)
folder [explore] -- reg error: Value error.
Drive [find] -- %systemroot%\explorer.exe (microsoft corporation)
[hkey_local_machine\software\classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %systemroot%\system32\control.exe "%1",%* (microsoft corporation)
exefile [open] -- "%1" %*
helpfile [open] -- reg error: Key error.
Inffile [install] -- %systemroot%\system32\infdefaultinstall.exe "%1" (microsoft corporation)
internetshortcut [open] -- "d:\windows\system32\rundll32.exe" "d:\windows\system32\ieframe.dll",openurl %l (microsoft corporation)
internetshortcut [print] -- "d:\windows\system32\rundll32.exe" "d:\windows\system32\mshtml.dll",printhtml "%1" (microsoft corporation)
piffile [open] -- "%1" %*
regfile [merge] -- reg error: Key error.
Scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,installscreensaver %l (microsoft corporation)
scrfile [open] -- "%1" /s
txtfile [edit] -- reg error: Key error.
Unknown [openas] -- %systemroot%\system32\rundll32.exe %systemroot%\system32\shell32.dll,openas_rundll %1
directory [addtoplaylistvlc] -- "d:\program files (x86)\videolan\vlc\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
directory [cmd] -- cmd.exe /s /k pushd "%v" (microsoft corporation)
directory [find] -- %systemroot%\explorer.exe (microsoft corporation)
directory [playwithvlc] -- "d:\program files (x86)\videolan\vlc\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
folder [open] -- %systemroot%\explorer.exe (microsoft corporation)
folder [explore] -- reg error: Value error.
Drive [find] -- %systemroot%\explorer.exe (microsoft corporation)
========== security center settings ==========
64bit: [hkey_local_machine\software\microsoft\security center]
"cval" = 1 -- [2010/07/06 17:28:22 | 000,000,000 | ---d | m]
64bit: [hkey_local_machine\software\microsoft\security center\monitoring]
64bit: [hkey_local_machine\software\microsoft\security center\svc]
"vistasp1" = 28 4d b2 76 41 04 ca 01 [binary data]
"antivirusoverride" = 0
"antispywareoverride" = 0
"firewalloverride" = 0
64bit: [hkey_local_machine\software\microsoft\security center\svc\vol]
[hkey_local_machine\software\microsoft\security center]
[hkey_local_machine\software\microsoft\security center\svc]
========== system restore settings ==========
64bit: [hkey_local_machine\software\policies\microsoft\windows nt\systemrestore]
[hkey_local_machine\software\policies\microsoft\windows nt\systemrestore]
========== firewall settings ==========
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile]
"disablenotifications" = 0
"enablefirewall" = 1 -- [2010/07/06 17:28:22 | 000,000,000 | ---d | m]
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"disablenotifications" = 0
"enablefirewall" = 0
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\publicprofile]
"disablenotifications" = 0
"enablefirewall" = 0
========== authorized applications list ==========
========== hkey_local_machine uninstall list ==========
64bit: [hkey_local_machine\software\microsoft\windows\currentversion\uninstall]
"{013cca52-da56-4133-ac2b-1988a9568c30}" = native instruments audio 4 dj driver
"{0b8565ba-bad5-4732-b122-5fd78efc50a9}" = native instruments service center
"{0f2d7186-ef54-37fa-aa61-ed6f88e771ce}" = microsoft .net framework 4 extended beta 2
"{23170f69-40c1-2702-0915-000001000000}" = 7-zip 9.15 (x64 edition)
"{267b3e82-c941-47d8-bcd3-1bbbb56fcbc6}" = native instruments maschine controller driver
"{2aac4085-dcbf-417b-aebd-182197839240}" = native instruments traktor
"{3d3e663d-4e7e-4577-a560-7ecddd45548a}" = pvsonydll
"{43b74fab-fb58-447d-8d3a-5f638af36fd1}" = netzmanager
"{4ffa2088-8317-3b14-93cd-4c699db37843}" = microsoft visual c++ 2008 redistributable - x64 9.0.30729
"{7930fb47-6452-4476-bf16-d77f748646db}" = native instruments session io driver
"{8220eefe-38cd-377e-8595-13398d740ace}" = microsoft visual c++ 2008 redistributable - x64 9.0.30729.17
"{90140000-0011-0000-1000-0000000ff1ce}" = microsoft office professional plus 2010
"{90140000-0012-0000-1000-0000000ff1ce}" = microsoft office standard 2010
"{90140000-0015-0407-1000-0000000ff1ce}" = microsoft office access mui (german) 2010
"{90140000-0016-0000-1000-0000000ff1ce}" = microsoft office excel 2010
"{90140000-0016-0407-1000-0000000ff1ce}" = microsoft office excel mui (german) 2010
"{90140000-0018-0000-1000-0000000ff1ce}" = microsoft office powerpoint 2010
"{90140000-0018-0407-1000-0000000ff1ce}" = microsoft office powerpoint mui (german) 2010
"{90140000-0019-0407-1000-0000000ff1ce}" = microsoft office publisher mui (german) 2010
"{90140000-001a-0000-1000-0000000ff1ce}" = microsoft office outlook 2010
"{90140000-001a-0407-1000-0000000ff1ce}" = microsoft office outlook mui (german) 2010
"{90140000-001b-0000-1000-0000000ff1ce}" = microsoft office word 2010
"{90140000-001b-0407-1000-0000000ff1ce}" = microsoft office word mui (german) 2010
"{90140000-001f-0407-1000-0000000ff1ce}" = microsoft office proof (german) 2010
"{90140000-001f-0409-1000-0000000ff1ce}" = microsoft office proof (english) 2010
"{90140000-001f-040c-1000-0000000ff1ce}" = microsoft office proof (french) 2010
"{90140000-001f-0410-1000-0000000ff1ce}" = microsoft office proof (italian) 2010
"{90140000-002c-0407-1000-0000000ff1ce}" = microsoft office proofing (german) 2010
"{90140000-0043-0000-1000-0000000ff1ce}" = microsoft office office 32-bit components 2010
"{90140000-0043-0407-1000-0000000ff1ce}" = microsoft office shared 32-bit mui (german) 2010
"{90140000-0044-0407-1000-0000000ff1ce}" = microsoft office infopath mui (german) 2010
"{90140000-006e-0407-1000-0000000ff1ce}" = microsoft office shared mui (german) 2010
"{90140000-008b-0000-1000-0000000ff1ce}" = microsoft office small business basics 2010
"{90140000-00a1-0407-1000-0000000ff1ce}" = microsoft office onenote mui (german) 2010
"{90140000-00ba-0407-1000-0000000ff1ce}" = microsoft office groove mui (german) 2010
"{a35001f0-f1e4-11dd-a38b-005056c00008}" = paragon partition manager™ 10.0 professional
"{b0efb716-085b-4564-8060-212e41f5ce50}" = windows live id sign-in assistant
"{b962ad08-335f-46f7-a182-257d37672e5c}" = native instruments rig kontrol 3 driver
"{e856e900-52de-3f06-b493-b39442a717f6}" = microsoft .net framework 4 client profile beta 2
"{ee936c7a-ea40-31d5-9b65-8e3e089c3828}" = microsoft visual c++ 2008 atl update kb973924 - x64 9.0.30729.4148
"microsoft .net framework 4 client profile beta 2" = microsoft .net framework 4 client profile beta 2
"microsoft .net framework 4 extended beta 2" = microsoft .net framework 4 extended beta 2
"nvidia display control panel" = nvidia display control panel
"nvidia drivers" = nvidia drivers
"office14.excel" = microsoft excel 2010
"office14.outlook" = microsoft outlook 2010
"office14.powerpoint" = microsoft powerpoint 2010
"office14.proplus" = microsoft office professional plus 2010
"office14.smallbusbasics" = microsoft office small business basics 2010
"office14.standard" = microsoft office standard 2010
"office14.word" = microsoft word 2010
"teamspeak 3 client" = teamspeak 3 client
"win7x64 components_is1" = win7x64 components v1.2.1
"winrar archiver" = winrar
[hkey_local_machine\software\microsoft\windows\currentversion\uninstall]
"{002d9d5e-29ba-3e6d-9bc4-3d7d6dbc735c}" = microsoft visual c++ 2008 atl update kb973924 - x86 9.0.30729.4148
"{02b244a2-7f6a-42e8-a36f-8c385d7a1625}" = gothic iii
"{0711500b-9912-4d60-9a49-c577b4503d42}" = nero recode help
"{07ff7593-9dea-40b5-9f87-f557e65bbf60}" = nero recode
"{08b3869e-d282-424c-9afc-870e04a4ba14}" = rockstar games social club
"{08c8666b-c502-4ab3-b4cb-d74ac42d14fe}" = nero backitup 10 help (chm)
"{11a84fca-c3c7-4afd-a797-111db8569dbc}" = nero burningrom
"{155f4a0e-76ed-45a2-91fb-ff2a2133c31a}" = risen
"{16987e99-c95c-4513-9239-7b44a0a71db5}" = nero soundtrax 10 help (chm)
"{1b040683-c390-4711-abc7-da8d85e470e7}" = neroburningrom
"{1b8fe958-a304-4902-bf7a-4e2f0f5b7017}_is1" = gpsbabel 1.4.1
"{1f1c2dfc-2d24-3e06-bcb8-725134adf989}" = microsoft visual c++ 2008 redistributable - x86 9.0.30729.4148
"{1f7fb68f-52f6-46a3-b42f-38ce46295ae5}" = nero mediahub 10
"{237ccb62-8454-43e3-b158-3acd0134852e}" = high-definition video playback 10
"{24036256-bfdb-4cd3-be8a-a3d6160f2e16}" = tuneup utilities 2011
"{2436f2a8-4b7e-4b6c-ae4e-604c84aa6a4f}" = nero core components 10
"{26a24ae4-039d-4ca4-87b4-2f83216017ff}" = java(tm) 6 update 17
"{277c1559-4cf7-44ff-8d07-98aa9c13aabd}" = nero multimedia suite 10
"{28526951-55ef-4901-a0ca-b9ac966d1dd1}" = split/second
"{2d3455a8-3b15-41a8-99f8-0d4215746463}" = nero startsmart
"{2ffe93f0-bb72-4e52-8761-354d1aaa9387}" = sony ericsson pc suite 6.009.00
"{3097b151-1f61-4211-a4cc-d70127b226ae}" = soundtrax
"{310bc5e2-31af-49bb-904d-e71eb93645dc}" = ai suite
"{329411a0-19f3-4740-874f-17400b126f27}" = nero vision 10 help (chm)
"{33643918-7957-4839-92c7-ea96cb621a98}" = nero express 10 help (chm)
"{34bdf3bf-aa61-42e7-8818-c16a304910fc}" = emma core
"{3ac8457c-0385-4bea-a959-e095f05d6d67}" = battlefield: Bad company™ 2
"{3f30cc51-0788-487b-aa83-7214a239c0c0}" = nero disc copy gadget help
"{406fb8a4-f539-48a9-809c-f94706f9c9f6}_is1" = s.t.a.l.k.e.r. - call of pripyat [v1.6.01]
"{42c8b7df-feb0-4d51-b169-506b6bec5797}" = nero 10 menu templatepack 1
"{4343080e-91b7-4388-ab4d-fb1000008200}" = dead rising 2
"{43fbab46-5969-4200-9958-1ff81fee506f}" = nero 10 movie themepack 1
"{45a66726-69bc-466b-a7a4-12fcba4883d7}" = hijackthis
"{4d42353b-533f-4306-ad0b-7fef292ade04}" = nero coverdesigner help
"{4e8c27c2-d727-4c00-a90e-c3f6376eee70}" = nero controlcenter
"{5454083b-1308-4485-bf17-111000028701}" = grand theft auto: Episodes from liberty city
"{5454083b-1308-4485-bf17-111000028702}" = grand theft auto: Episodes from liberty city
"{5454083b-1308-4485-bf17-111000028703}" = grand theft auto: Episodes from liberty city
"{5454083b-1308-4485-bf17-111000038701}" = grand theft auto: Episodes from liberty city
"{555868c6-49fb-484f-bb43-8980651a1b00}" = nero burnrights 10 help (chm)
"{56be5cc9-95e6-4128-abea-968414ca9c80}" = dolbyfiles
"{56c049be-79e9-4502-bea7-9754a3e60f9b}" = neroxml
"{579ba58c-f33d-4970-9953-b94b43768ac3}" = grand theft auto iv
"{589a63d3-89e1-4d9b-8dbc-6039bb27289e}" = activision(r)
"{5ae12194-3eaa-40df-b2bf-fe1d6b78bbf4}" = nero vision
"{5c2e8a0f-80e2-4c68-8cc0-d8d16e7196bf}" = nero rescueagent help
"{5c9a7e65-5b71-4c7f-876a-8c6af9e9e23d}" = saboteur™
"{5d4c60aa-84e6-4e1a-8a68-69970d387be1}" = tuneup utilities language pack (de-de)
"{61b8b2f9-d8da-4b24-89a9-db09f38a4899}" = grand theft auto: Episodes from liberty city
"{63aa3eab-23bb-48b2-9ad0-44f878075604}" = nero 10 menu templatepack basic
"{65bb0407-4cc8-4dc7-952e-3eefdf05602a}" = nero update
"{66049135-9659-4aad-9169-9cca269ebb3e}" = nero infotool 10 help (chm)
"{6dfb899f-17a2-48f0-a533-ed8d6866cf38}" = nero control center 10
"{70550193-1c22-445c-8fa4-564e155db1a7}" = nero express 10
"{70f19404-b96c-4ebb-ad2b-3574f8736197}" = nero 10 movie themepack 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = microsoft visual c++ 2005 redistributable
"{76e41f43-59d2-4f30-ba42-9a762ee1e8de}" = avanquest update
"{770657d0-a123-3c07-8e44-1c83ec895118}" = microsoft visual c++ 2005 atl update kb973923 - x86 8.0.50727.4053
"{775dc704-aae3-4a79-981f-ea1cbaf96eb7}" = gothic iii - götterdämmerung
"{7a295d8f-484b-4ffb-89ab-c1fd497591fe}" = nero waveeditor 10 help (chm)
"{7a5d731d-b4b3-490e-b339-75685712baab}" = nero burning rom 10
"{7ee873af-46bb-4b5d-ba6f-cfe4b0566e22}" = tuneup utilities language pack (de-de)
"{7f88c9e5-12bd-404f-ac6a-108baac9b708}" = asus gamer osd
"{809d7e6d-915d-4ead-821f-e13d93f37161}" = asus smart doctor
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = microsoft visual c++ 2005 redistributable
"{888f1505-c2b3-4fde-835d-36353ebd4754}" = ubisoft game launcher
"{88eb38ef-4d2c-436d-abd3-56b232674062}" = icq7
"{89f4137d-6c26-4a84-bdb8-2e5a4bb71e00}" = microsoft silverlight
"{8ecec853-5c3d-4b10-b5c7-ff11ff724807}" = nero recode 10
"{8f3c31c5-9c3a-4aa8-8efa-71290a7ad533}" = tomtom home visual studio merge modules
"{8fb1b528-e260-451e-9b55-e9152f94b80b}" = microsoft games for windows - live redistributable
"{90a455a7-0fc8-4508-b7fa-8f135b8f041a}" = dsl-manager
"{92146419-ae44-4c8b-a48b-0abb1b5ec026}" = nero 10 menu templatepack 3
"{92a10e9d-ea00-4a46-8f22-eea660992d61}" = nero 10 sample videos
"{92e25238-61a3-4acd-a407-3c480eef47a7}" = nero rescueagent 10 help (chm)
"{93a10228-4f64-4a31-b7b9-bc6aa7753bb8}" = scratch live 1.8.2 (18221)
"{943cc0c0-2253-4fe0-9493-dd386f7857fd}" = nero express
"{961d53ea-40dc-4156-ad74-25684ce05f81}" = nero installer
"{96ed4b78-300e-4033-ae6c-c115ceb4df07}" = nero 10 clipartpack
"{9a25302d-30c0-39d9-bd6f-21e6ec160475}" = microsoft visual c++ 2008 redistributable - x86 9.0.30729.17
"{9a4297f3-2a51-4ed9-92ca-4bcb8380947e}" = nero vision 10
"{9a875b56-a35c-46ba-a3aa-df8d03ee9f2f}" = nero controlcenter
"{9b6b24be-80e7-46c4-9fa5-b167d5e0f345}" = nero burningrom 10 help (chm)
"{9c916142-c18c-429d-bfed-40094a7e0beb}" = die siedler 7
"{9e78c42c-4ff9-4f41-bbc4-bf872606e79d}_is1" = driver robot 1.1.0.14
"{9f3523f8-dad7-ae52-6da7-45cdddf33726}" = advertising center
"{a3a61264-b075-46be-9c97-376ea4ceeef5}" = pdfgrabber 6.0
"{a73bec3c-40a0-480e-87ef-efcd33629088}" = neroexpress
"{a8399f58-234a-48c6-ba55-30c15738bf3c}" = nero coverdesigner
"{a8f2089b-1f79-4bf6-b385-a2c2b0b9a74d}" = imagxpress
"{ac76ba86-7ad7-1031-7b44-a93000000001}" = adobe reader 9.3.3 - deutsch
"{acd15fdf-fc42-4175-b477-576f92ff2256}" = nero 10 sample imagepack
"{ae3cf174-872c-46c6-b9f6-c0593f3bc7b8}" = microsoft office live add-in 1.4
"{aec81925-9c76-4707-84a9-40696c613ed3}" = dragon age: Origins
"{b2c12c8d-65dc-40bd-b309-5adb0c6c8d8f}" = nero waveeditor
"{b4092c6d-e886-4cb2-ba68-fe5a88d31de6}_is1" = spybot - search & destroy
"{b8777ffc-165b-4dde-b60b-ad5533d9ead3}" = aquasoft photokalender 3
"{b96c2601-52f5-4d5d-816a-63469ea311ef}" = "nero soundtrax help
"{bcd82ab5-670d-4242-90fa-1f97103c16cd}" = movie templates - starter kit
"{c18a0418-442a-4186-af98-d08f5054a2fc}" = nero discspeed 10 help (chm)
"{c3273c55-e1e4-41ff-8d69-0158090db8d8}" = nero coverdesigner 10 help (chm)
"{c3580ac4-c827-4332-b935-9a282ed5bb97}" = nero dolby files 10
"{c99c89a3-119a-45e6-b26e-dd5643caa0c5}" = menu templates - starter kit
"{cd1826a5-cfcc-4c6e-9f9d-e181876162ea}" = nero rescue agent
"{d0894778-7254-401e-8a82-f9c05ae100bb}" = nero 9
"{d24db8b9-bb6c-4334-9619-ba1c650e13d3}" = microsoft primary interoperability assemblies 2005
"{d7c206b6-1a63-4389-a8b1-8f607d0bff1f}" = nero startsmart help
"{db7c1d4a-08ba-4c7e-a8aa-b7f9bb372dcf}" = nero recode 10 help (chm)
"{ded53b0b-b67c-4244-ae6a-d6fd3c28d1ef}" = ad-aware
"{e1ee5339-5d32-458f-baab-b19f6301bce2}" = nero soundtrax 10
"{e337e787-cf61-4b7b-b84f-509202a54023}" = nero rescueagent 10
"{e4a8dd87-a746-4443-bf25-caf99ced6767}" = nero disc copy gadget
"{e712c273-7564-4c8e-aa59-0fa19bc35117}" = nero 10 menu templatepack 2
"{e86156e5-9859-440d-8876-26ced1349802}" = nero waveeditor help
"{ed3d71cc-9f3b-4ac5-9e55-ab915ebc0beb}" = hdd temperature v.4
"{edcdfad5-df80-4600-a493-e9dad6810230}" = nero waveeditor 10
"{efe1ab94-5466-4b6e-be31-ff4c115fd25d}" = max payne 2
"{f0a37341-d692-11d4-a984-009027ec0a9c}" = soundmax
"{f333a33d-125c-32a2-8dce-5c5d14231e27}" = visual c++ 2008 x86 runtime - (v9.0.30729)
"{f333a33d-125c-32a2-8dce-5c5d14231e27}.vc_x86runtime_30729_01" = visual c++ 2008 x86 runtime - v9.0.30729.01
"{f412b4af-388c-4ff5-9b2f-33db1c536953}" = nero infotool 10
"{f467862a-d9ca-47ed-8d81-b4b3c9399272}" = nero mediahub 10 help (chm)
"{f53f6769-ac46-49e3-abe3-2c8afd39d0dd}" = nero vision
"{f5cb822f-b365-43d1-bcc0-4fda1a2017a7}" = nero 10 movie themepack basic
"{f6117f9c-adb5-4590-9be4-12c7bec28702}" = nero startsmart 10 help (chm)
"{f61d489e-6c44-49ac-ad02-7da8aca73a65}" = nero startsmart 10
"{f97e3841-ca9d-4964-9d64-26066241d26f}" = microsoft games for windows - live
"{f9835182-794b-4f24-902a-e2ca9d43380f}" = nvidia physx
"{ff66e9f6-83e7-3a3e-af14-8de9a809a6a4}" = microsoft visual c++ 2008 redistributable - x86 9.0.21022
"ad-aware" = ad-aware
"adobe flash player activex" = adobe flash player 10 activex
"adobe flash player plugin" = adobe flash player 10 plugin
"alchemy" = creative alchemy
"any dvd converter professional_is1" = any dvd converter professional 3.5.8
"anydvd" = anydvd
"aoa video joiner_is1" = aoa video joiner
"aquasoft photokalender 3" = aquasoft photokalender 3
"arcania" = arcania - gothic 4
"ashampoo winoptimizer 6_is1" = ashampoo winoptimizer 6.30
"asio4all" = asio4all
"audiocs" = creative audio-systemsteuerung
"audiograbber" = audiograbber 1.83 se
"audiograbber-lame" = audiograbber lame-mp3-plugin
"avi2dvd" = avi2dvd 0.4.5 beta
"avira antivir desktop" = avira antivir personal - free antivirus
"avisynth" = avisynth 2.5
"avmwlancli" = avm fritz!wlan
"biet-o-matic v2.12.0" = biet-o-matic v2.12.0
"ca_movielabel_is1" = movie label 2011 v6.1
"call of duty modern warfare 2_is1" = call of duty modern warfare 2
"clonecd" = clonecd
"clonedvd2" = clonedvd2
"console launcher" = creative konsole starter
"cpu-control_is1" = cpu-control
"creative software autoupdate" = creative software autoupdate
"creative sound blaster properties x64 edition" = creative sound blaster properties x64 edition
"efcl seculauncher error fix v1.1 by tokzic 1.1" = efcl seculauncher error fix v1.1 by tokzic 1.1
"eflc errors fix v1.3 tokzic 4 mygully" = eflc errors fix v1.3 tokzic 4 mygully
"festo fluidsim_is1" = festo fluidsim 3.6
"formatfactory" = formatfactory 2.20
"future wars" = future wars
"g3qp231012008_is1" = questpaket 4 update 1 deinstallation
"gfwl_{4343080e-91b7-4388-ab4d-fb1000008200}" = dead rising 2
"gordon's gate flash driver" = gordon's gate flash driver 1.1.0.12
"host openal (adi)" = host openal (adi)
"installshield_{589a63d3-89e1-4d9b-8dbc-6039bb27289e}" = blur(tm)
"installshield_{809d7e6d-915d-4ead-821f-e13d93f37161}" = asus smart doctor
"logo!soft comfort v6.0" = logo!soft comfort v6.0
"mafia ii update 1_is1" = mafia ii update 1
"mafia ii_is1" = mafia ii
"manhunt 2" = manhunt 2
"mkv to avi with subtitle_is1" = mkv to avi with subtitle version 2.0
"mozilla firefox (3.6.11)" = mozilla firefox (3.6.11)
"mymdb_0" = mymdb 3.5.3
"mymdb_1" = mymdb 3.6
"mymdb_2" = mymdb 3.6
"mymdb_3" = mymdb 3.6
"mymdb_4" = mymdb 3.6
"mymdb_5" = mymdb 3.6
"native instruments audio 4 dj driver" = native instruments audio 4 dj driver
"native instruments finale gpo" = native instruments finale gpo
"native instruments maschine controller driver" = native instruments maschine controller driver
"native instruments rig kontrol 3 driver" = native instruments rig kontrol 3 driver
"native instruments service center" = native instruments service center
"native instruments session io driver" = native instruments session io driver
"native instruments traktor" = native instruments traktor
"native instruments traktor dj studio 3" = native instruments traktor dj studio 3
"netzmanager" = netzmanager
"no-ip.com duc" = no-ip.com duc (remove only)
"openal" = openal
"reason4_is1" = reason 4.0
"rivatuner" = rivatuner v2.24 msi master overclocking arena 2009 edition
"semc omsi module" = semc omsi module
"sfbm" = soundfont-bank-manager
"smart recorder" = creative smart recorder
"tbsb03968.tbsb03968toolbar" = toolbar fuer ebay
"teamspeak 2 rc2_is1" = teamspeak 2 rc2
"tomtom home" = tomtom home 2.7.6.2056
"tuneup utilities 2011" = tuneup utilities 2011
"virtual dj - atomix productions" = virtual dj - atomix productions
"virtualclonedrive" = virtualclonedrive
"vlc media player" = vlc media player 1.1.4
"xvid" = xvid mpeg-4 video codec
"youtubeget_is1" = youtubeget 5.3
========== hkey_current_user uninstall list ==========
[hkey_current_user\software\microsoft\windows\currentversion\uninstall]
"freewar karten editor" = freewar karten editor
========== last 10 event log errors ==========
error reading event logs: The event service is not operating properly or the event logs are corrupt!
< end of report > --- --- --- |