| Gelendil | 18.05.2011 20:47 |
OTL.txt :OTL Logfile: Code:
OTL logfile created on: 18.05.2011 21:39:54 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Maxl\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,16 Gb Total Space | 113,71 Gb Free Space | 19,74% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 12,37 Gb Free Space | 61,86% Space Free | Partition Type: FAT32
Computer Name: MAXL-PC | User Name: Maxl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.05.18 21:17:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Maxl\Downloads\OTL.exe
PRC - [2011.03.28 16:15:17 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.03.28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.03.28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010.10.12 17:35:07 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.07.04 12:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010.06.26 02:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPointP\SetPoint.exe
PRC - [2010.06.22 21:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010.04.03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.06.30 16:20:08 | 000,339,968 | ---- | M] () -- C:\Windows\tsnpstd3.exe
PRC - [2008.05.07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.05.07 17:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.05.07 16:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.28 18:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 04:24:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
========== Modules (SafeList) ==========
MOD - [2011.05.18 21:17:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Maxl\Downloads\OTL.exe
MOD - [2008.01.21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.03.28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.03.23 07:57:42 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.07.04 12:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.05.06 11:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.04.03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2008.05.07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011.04.01 17:07:25 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.04.01 17:07:25 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.12.29 21:47:51 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2010.12.01 21:06:29 | 000,108,104 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010.09.30 17:41:15 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.06.17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.14 02:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.04.04 00:55:31 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.03.25 13:09:06 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.03.25 13:09:06 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010.03.25 13:09:06 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010.03.18 11:02:32 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2010.03.18 11:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010.03.18 11:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.07.03 09:15:12 | 010,526,464 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.02.06 17:13:00 | 000,218,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ost
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "YouTube-Videosuche"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.19 20:12:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.09 18:30:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.05.09 18:54:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2010.05.23 17:51:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maxl\AppData\Roaming\mozilla\Extensions
[2010.05.23 17:51:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maxl\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.05.18 19:26:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maxl\AppData\Roaming\mozilla\Firefox\Profiles\yur1shno.default\extensions
[2010.07.19 22:19:39 | 000,002,057 | ---- | M] () -- C:\Users\Maxl\AppData\Roaming\Mozilla\Firefox\Profiles\yur1shno.default\searchplugins\youtube-videosuche.xml
[2011.05.08 19:53:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.07.07 01:54:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.05.08 19:53:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.04.19 20:12:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2011.04.19 20:12:07 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File not found (No name found) --
[2010.07.07 01:54:47 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.01.01 10:00:00 | 000,135,168 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.07.07 01:54:16 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.05.19 16:38:12 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.04.25 23:13:22 | 000,002,048 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrch.xml
[2011.05.02 21:31:48 | 000,002,046 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrchost.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.05.18 21:34:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Programme\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
O4 - HKLM..\Run: [amd_dc_opt] C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe ()
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Maxl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^maxdome Download Manager.lnk - - File not found
MsConfig - StartUpFolder: C:^Users^Maxl^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpReg: AutoStartNPSAgent - hkey= - key= - C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: snpstd3 - hkey= - key= - C:\Windows\vsnpstd3.exe ()
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.05.18 21:38:20 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.05.18 21:38:18 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.05.18 21:19:45 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.05.18 21:19:45 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.05.18 21:19:45 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.05.18 21:19:40 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011.05.18 21:19:23 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.05.18 21:19:09 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011.05.18 21:08:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.05.18 21:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.05.18 21:08:29 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2011.05.18 19:51:55 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Roaming\Owazo
[2011.05.14 16:18:13 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Roaming\Media Player Classic
[2011.05.09 18:55:18 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Local\Thunderbird
[2011.05.09 18:54:46 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Thunderbird
[2011.05.09 18:53:28 | 000,000,000 | ---D | C] -- C:\Users\Maxl\Documents\Profiles
[2011.05.09 18:48:20 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Roaming\Avira
[2011.05.09 18:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.05.09 18:46:21 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.05.09 18:46:20 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.05.09 18:46:20 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.05.09 18:46:20 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2011.05.08 21:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.05.08 16:22:50 | 000,000,000 | ---D | C] -- C:\Users\Maxl\Documents\5xtxf0dx.default
[2011.05.02 21:31:41 | 000,000,000 | ---D | C] -- C:\Programme\Movie Subtitles Searcher
[2011.04.29 18:53:33 | 000,000,000 | ---D | C] -- C:\Users\Maxl\Documents\Square Enix
[2011.04.29 18:46:56 | 000,000,000 | ---D | C] -- C:\Programme\SQUARE ENIX - Eidos Interactive
[2011.04.28 00:28:43 | 000,000,000 | ---D | C] -- C:\dreamloaddata
[2011.04.28 00:28:01 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dreamload
[2011.04.28 00:27:58 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Roaming\dreamload
[2011.04.28 00:27:57 | 000,000,000 | ---D | C] -- C:\Programme\Dreamload LLC
[2011.04.27 16:13:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2011.04.27 15:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
[2011.04.27 15:40:12 | 017,686,528 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\System32\mkl_blueripple.dll
[2011.04.27 15:40:12 | 001,380,352 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\System32\rapture3d_oal.dll
[2011.04.27 15:40:11 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011.04.27 15:40:11 | 000,000,000 | ---D | C] -- C:\Programme\OpenAL
[2011.04.27 15:40:11 | 000,000,000 | ---D | C] -- C:\Programme\BRS
[2011.04.27 15:40:10 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2011.04.27 15:35:56 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011.04.27 15:35:55 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011.04.27 15:35:54 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011.04.27 15:35:54 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011.04.27 15:35:53 | 000,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011.04.27 15:35:53 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011.04.27 15:35:51 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011.04.27 15:35:48 | 000,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011.04.27 15:31:33 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011.04.27 15:31:21 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011.04.27 15:31:13 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011.04.27 15:29:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2011.04.27 15:04:28 | 000,000,000 | ---D | C] -- C:\Programme\Codemasters
[2011.04.27 03:18:59 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Local\QuickPar
[2011.04.27 03:17:46 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
[2011.04.27 03:17:46 | 000,000,000 | ---D | C] -- C:\Programme\QuickPar
[2011.04.27 03:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
[2011.04.27 02:03:59 | 000,000,000 | ---D | C] -- C:\Programme\m-r-software
[2011.04.27 02:03:58 | 000,000,000 | ---D | C] -- C:\Programme\Aerosoft
[2011.04.27 02:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aerosoft
[2011.04.27 00:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webcam Simulator
[2011.04.27 00:05:44 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\wcs
[2011.04.26 01:37:41 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Local\SKIDROW
[2011.04.26 01:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2011.04.26 01:11:08 | 000,000,000 | ---D | C] -- C:\Programme\Valve
[2011.04.25 23:12:23 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2011.04.25 23:08:37 | 000,000,000 | ---D | C] -- C:\Downloads
[2011.04.25 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2011.04.25 20:20:44 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Roaming\Xilisoft
[2011.04.25 20:20:44 | 000,000,000 | ---D | C] -- C:\Programme\Xilisoft
[2011.04.23 18:46:42 | 000,000,000 | ---D | C] -- C:\Programme\SystemRequirementsLab
[2011.04.22 18:37:50 | 000,000,000 | ---D | C] -- C:\Users\Maxl\AppData\Roaming\PunkBuster
[2011.04.20 10:40:55 | 000,000,000 | ---D | C] -- C:\Users\Maxl\Documents\gemeindefest
[2011.02.06 16:50:33 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd.dll
[2011.02.06 16:50:33 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd.dll
[2011.02.06 16:50:33 | 000,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd.dll
[2010.06.12 17:00:43 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll
[2010.06.12 17:00:43 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2010.06.12 17:00:43 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[2010.06.12 17:00:42 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.05.18 21:34:59 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.05.18 21:18:44 | 004,351,251 | R--- | M] () -- C:\Users\Maxl\Desktop\ComboFix.exe
[2011.05.18 21:17:48 | 003,650,622 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.18 21:17:48 | 001,502,722 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.18 21:17:48 | 001,090,310 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.18 21:17:48 | 000,983,274 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.18 21:11:32 | 000,089,341 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.05.18 21:11:32 | 000,089,341 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.05.18 21:11:26 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.18 21:11:20 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.18 21:11:20 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.18 21:11:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.18 21:11:14 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.18 21:08:30 | 000,000,718 | ---- | M] () -- C:\Users\Maxl\Desktop\ERUNT.lnk
[2011.05.18 20:51:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.18 19:49:45 | 000,000,680 | ---- | M] () -- C:\Users\Maxl\AppData\Local\d3d9caps.dat
[2011.05.18 18:51:20 | 000,008,470 | ---- | M] () -- C:\Users\Maxl\Desktop\OpenDocument Text (neu).odt
[2011.05.15 16:51:27 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.05.14 16:29:23 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011.05.14 16:18:20 | 000,031,744 | ---- | M] () -- C:\Users\Maxl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.12 00:17:20 | 000,023,616 | ---- | M] () -- C:\Users\Maxl\Desktop\Neue Bitmap.bmp.jpg
[2011.05.09 19:15:21 | 020,533,281 | ---- | M] () -- C:\Users\Maxl\Documents\vlc-1.1.9-win32.exe
[2011.05.09 18:54:50 | 000,001,794 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2011.05.09 18:46:26 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.01 21:47:16 | 000,260,848 | ---- | M] () -- C:\Users\Maxl\Documents\DSC00088asd.jpg
[2011.05.01 21:47:09 | 000,000,100 | -H-- | M] () -- C:\Users\Maxl\Documents\.picasa.ini
[2011.04.30 11:24:47 | 000,706,486 | ---- | M] () -- C:\Users\Maxl\Documents\DSC00090.JPG
[2011.04.30 01:25:24 | 001,302,341 | ---- | M] () -- C:\Users\Maxl\Documents\DSC00047.JPG
[2011.04.29 23:10:33 | 000,026,080 | ---- | M] () -- C:\Users\Maxl\Documents\6-81417d9e457c8a09395e72a98980f6ae.jpg
[2011.04.29 23:02:41 | 001,261,041 | ---- | M] () -- C:\Users\Maxl\Documents\DSC00088.JPG
[2011.04.28 00:28:01 | 000,000,878 | ---- | M] () -- C:\Users\Maxl\Desktop\Dreamload.lnk
[2011.04.27 15:40:11 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011.04.27 15:40:10 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2011.04.26 17:21:11 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib
[2011.04.26 01:34:32 | 000,001,779 | ---- | M] () -- C:\Users\Public\Desktop\Portal 2.lnk
[2011.04.25 21:18:42 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.04.25 21:18:02 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars Knights of the Old Republic II - The Sith Lords.lnk
[2011.04.25 20:21:15 | 000,001,882 | ---- | M] () -- C:\Users\Maxl\Desktop\Xilisoft MKV Converter 6.lnk
[2011.04.19 20:12:16 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.05.18 21:19:45 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.05.18 21:19:45 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.05.18 21:19:45 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.05.18 21:19:45 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.05.18 21:19:45 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.05.18 21:18:37 | 004,351,251 | R--- | C] () -- C:\Users\Maxl\Desktop\ComboFix.exe
[2011.05.18 21:08:30 | 000,000,718 | ---- | C] () -- C:\Users\Maxl\Desktop\ERUNT.lnk
[2011.05.18 20:01:13 | 3219,312,640 | -HS- | C] () -- C:\hiberfil.sys
[2011.05.18 18:49:28 | 000,008,470 | ---- | C] () -- C:\Users\Maxl\Desktop\OpenDocument Text (neu).odt
[2011.05.12 00:17:20 | 000,023,616 | ---- | C] () -- C:\Users\Maxl\Desktop\Neue Bitmap.bmp.jpg
[2011.05.09 19:15:08 | 020,533,281 | ---- | C] () -- C:\Users\Maxl\Documents\vlc-1.1.9-win32.exe
[2011.05.09 18:46:26 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.01 21:47:16 | 000,260,848 | ---- | C] () -- C:\Users\Maxl\Documents\DSC00088asd.jpg
[2011.05.01 21:47:09 | 000,000,100 | -H-- | C] () -- C:\Users\Maxl\Documents\.picasa.ini
[2011.04.30 11:24:25 | 000,706,486 | ---- | C] () -- C:\Users\Maxl\Documents\DSC00090.JPG
[2011.04.30 01:24:47 | 001,302,341 | ---- | C] () -- C:\Users\Maxl\Documents\DSC00047.JPG
[2011.04.29 23:10:32 | 000,026,080 | ---- | C] () -- C:\Users\Maxl\Documents\6-81417d9e457c8a09395e72a98980f6ae.jpg
[2011.04.29 23:02:05 | 001,261,041 | ---- | C] () -- C:\Users\Maxl\Documents\DSC00088.JPG
[2011.04.28 00:28:01 | 000,000,878 | ---- | C] () -- C:\Users\Maxl\Desktop\Dreamload.lnk
[2011.04.26 01:34:32 | 000,001,779 | ---- | C] () -- C:\Users\Public\Desktop\Portal 2.lnk
[2011.04.25 23:12:35 | 000,001,755 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.04.25 23:12:35 | 000,001,734 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2011.04.25 23:12:35 | 000,001,713 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.04.25 21:18:42 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.04.25 21:18:02 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars Knights of the Old Republic II - The Sith Lords.lnk
[2011.04.25 20:21:15 | 000,001,882 | ---- | C] () -- C:\Users\Maxl\Desktop\Xilisoft MKV Converter 6.lnk
[2011.04.22 18:37:53 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.04.22 18:37:51 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.04.19 20:12:16 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.04.12 19:45:48 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.02.08 22:17:21 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.02.06 16:50:44 | 000,339,968 | ---- | C] () -- C:\Windows\vsnpstd.exe
[2011.02.06 16:50:44 | 000,015,541 | ---- | C] () -- C:\Windows\snpstd.ini
[2011.02.06 16:50:37 | 000,390,784 | ---- | C] () -- C:\Windows\System32\drivers\snpstd.sys
[2011.02.06 16:50:33 | 000,020,480 | ---- | C] () -- C:\Windows\usnpstd.exe
[2010.12.29 14:56:29 | 000,148,811 | ---- | C] () -- C:\Windows\hppins20.dat
[2010.12.29 14:56:21 | 000,016,655 | ---- | C] () -- C:\Windows\hppmdl20.dat
[2010.10.08 15:06:01 | 000,000,680 | ---- | C] () -- C:\Users\Maxl\AppData\Local\d3d9caps.dat
[2010.06.12 17:00:44 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2010.06.12 17:00:44 | 000,339,968 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2010.06.12 17:00:43 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2010.05.30 13:29:35 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.05.30 13:29:33 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.05.30 13:29:33 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.05.30 13:29:32 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.05.24 14:17:27 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.05.24 14:17:27 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.05.24 13:42:35 | 000,089,341 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.05.24 13:42:35 | 000,089,341 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.05.23 17:52:43 | 000,031,744 | ---- | C] () -- C:\Users\Maxl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008.08.08 15:49:44 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.08.04 15:16:09 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008.08.04 15:16:09 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.08.04 12:08:00 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\VERSION.DAT
[2008.01.21 09:15:58 | 003,650,622 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 001,090,310 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.01.23 14:11:20 | 000,141,312 | ---- | C] () -- C:\Windows\System32\QFClient2.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,358,544 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 001,502,722 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,983,274 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.05.18 21:38:20 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2011.02.13 17:26:59 | 000,000,000 | ---D | M] -- C:\BDS
[2008.08.04 11:38:08 | 000,000,000 | ---D | M] -- C:\Boot
[2011.04.12 19:52:16 | 000,000,000 | ---D | M] -- C:\CloneDVDTemp
[2011.05.18 21:38:19 | 000,000,000 | ---D | M] -- C:\ComboFix
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.05.23 17:41:01 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.05.12 01:28:50 | 000,000,000 | ---D | M] -- C:\Downloads
[2011.04.28 00:28:43 | 000,000,000 | ---D | M] -- C:\dreamloaddata
[2011.04.29 16:28:33 | 000,000,000 | ---D | M] -- C:\Games
[2011.05.07 12:12:16 | 000,000,000 | ---D | M] -- C:\Movies
[2008.08.04 13:59:13 | 000,000,000 | R--D | M] -- C:\MSOCache
[2011.04.19 20:32:53 | 000,000,000 | ---D | M] -- C:\Musik
[2010.05.24 13:36:39 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2011.05.18 21:08:29 | 000,000,000 | R--D | M] -- C:\Programme
[2011.05.09 18:42:00 | 000,000,000 | ---D | M] -- C:\ProgramData
[2010.05.23 17:41:01 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.07.07 01:50:04 | 000,000,000 | ---D | M] -- C:\Programs
[2011.05.18 21:38:19 | 000,000,000 | ---D | M] -- C:\Qoobox
[2011.05.18 21:40:33 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.11.09 23:56:28 | 000,000,000 | ---D | M] -- C:\Temp
[2010.05.23 17:45:16 | 000,000,000 | R--D | M] -- C:\Users
[2011.05.18 21:38:18 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %PROGRAMFILES%\*. >
[2011.05.18 20:00:16 | 000,000,000 | ---D | M] -- C:\Programme\7-Zip
[2008.08.04 14:07:43 | 000,000,000 | ---D | M] -- C:\Programme\Activation Assistant for the 2007 Microsoft Office suites
[2008.08.04 12:58:44 | 000,000,000 | ---D | M] -- C:\Programme\Adobe
[2011.04.27 02:03:58 | 000,000,000 | ---D | M] -- C:\Programme\Aerosoft
[2011.04.10 11:28:31 | 000,000,000 | ---D | M] -- C:\Programme\AMD
[2010.05.30 13:23:16 | 000,000,000 | ---D | M] -- C:\Programme\Apple Software Update
[2010.10.04 19:24:44 | 000,000,000 | ---D | M] -- C:\Programme\Avidemux 2.5
[2011.05.09 18:46:20 | 000,000,000 | ---D | M] -- C:\Programme\Avira
[2011.03.20 14:34:50 | 000,000,000 | ---D | M] -- C:\Programme\BitTorrent
[2011.04.27 15:40:13 | 000,000,000 | ---D | M] -- C:\Programme\BRS
[2008.08.08 15:18:33 | 000,000,000 | ---D | M] -- C:\Programme\Buhl
[2011.04.29 16:53:06 | 000,000,000 | ---D | M] -- C:\Programme\Codemasters
[2010.05.31 00:32:27 | 000,000,000 | ---D | M] -- C:\Programme\ColdCut
[2011.05.18 21:29:39 | 000,000,000 | ---D | M] -- C:\Programme\Common Files
[2010.09.23 20:13:01 | 000,000,000 | ---D | M] -- C:\Programme\ConvertHelper
[2010.10.04 19:26:05 | 000,000,000 | ---D | M] -- C:\Programme\CutAssistant
[2010.09.30 17:41:16 | 000,000,000 | ---D | M] -- C:\Programme\DAEMON Tools Lite
[2008.08.08 15:17:49 | 000,000,000 | ---D | M] -- C:\Programme\DataDesign
[2010.09.13 01:08:59 | 000,000,000 | ---D | M] -- C:\Programme\DivX
[2010.12.11 02:47:51 | 000,000,000 | ---D | M] -- C:\Programme\DRAGON
[2010.12.25 16:28:02 | 000,000,000 | ---D | M] -- C:\Programme\Dream MKV Converter
[2011.04.28 00:30:05 | 000,000,000 | ---D | M] -- C:\Programme\Dreamload LLC
[2011.04.12 19:45:39 | 000,000,000 | ---D | M] -- C:\Programme\Elaborate Bytes
[2010.11.21 15:38:36 | 000,000,000 | ---D | M] -- C:\Programme\Emsisoft Anti-Malware
[2010.11.13 12:20:37 | 000,000,000 | ---D | M] -- C:\Programme\Emulator
[2011.05.18 21:08:33 | 000,000,000 | ---D | M] -- C:\Programme\ERUNT
[2010.05.23 17:41:01 | 000,000,000 | -HSD | M] -- C:\Programme\Gemeinsame Dateien
[2010.09.26 01:42:40 | 000,000,000 | ---D | M] -- C:\Programme\Google
[2011.01.10 19:07:38 | 000,000,000 | ---D | M] -- C:\Programme\GoogleEULA
[2011.04.16 13:48:24 | 000,000,000 | ---D | M] -- C:\Programme\GrabIt
[2010.12.25 16:20:10 | 000,000,000 | ---D | M] -- C:\Programme\HamsterSoft
[2010.12.29 15:08:38 | 000,000,000 | ---D | M] -- C:\Programme\HP
[2011.03.29 13:18:36 | 000,000,000 | ---D | M] -- C:\Programme\ICQ7.1
[2011.04.05 19:14:42 | 000,000,000 | ---D | M] -- C:\Programme\IDM
[2011.04.27 02:03:58 | 000,000,000 | -H-D | M] -- C:\Programme\InstallShield Installation Information
[2008.08.04 12:21:48 | 000,000,000 | ---D | M] -- C:\Programme\Intel
[2010.05.30 13:24:44 | 000,000,000 | ---D | M] -- C:\Programme\Internet Explorer
[2011.05.08 19:53:40 | 000,000,000 | ---D | M] -- C:\Programme\Java
[2011.04.25 23:14:34 | 000,000,000 | ---D | M] -- C:\Programme\JDownloader
[2011.02.03 13:01:49 | 000,000,000 | ---D | M] -- C:\Programme\JEdit
[2010.05.30 13:29:59 | 000,000,000 | ---D | M] -- C:\Programme\K-Lite Codec Pack
[2011.03.24 16:19:52 | 000,000,000 | ---D | M] -- C:\Programme\Left 4 Dead 2
[2008.08.08 15:17:50 | 000,000,000 | ---D | M] -- C:\Programme\LetsTrade
[2010.11.17 17:48:53 | 000,000,000 | ---D | M] -- C:\Programme\Logitech
[2011.03.29 13:17:07 | 000,000,000 | ---D | M] -- C:\Programme\LogMeIn Hamachi
[2011.04.05 19:11:18 | 000,000,000 | ---D | M] -- C:\Programme\Longman
[2011.04.25 23:57:40 | 000,000,000 | ---D | M] -- C:\Programme\LucasArts
[2011.04.27 03:01:54 | 000,000,000 | ---D | M] -- C:\Programme\m-r-software
[2011.05.18 20:37:28 | 000,000,000 | ---D | M] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.05.24 14:16:58 | 000,000,000 | ---D | M] -- C:\Programme\MarkAny
[2010.05.24 04:31:05 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Games
[2011.04.27 15:29:03 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Games for Windows - LIVE
[2008.08.04 14:00:28 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Office
[2011.04.29 21:40:11 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Silverlight
[2008.08.04 14:00:31 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Works
[2008.08.04 14:00:23 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft.NET
[2010.10.09 12:13:11 | 000,000,000 | ---D | M] -- C:\Programme\MixVibesHOME7DEMO
[2010.11.01 12:35:18 | 000,000,000 | ---D | M] -- C:\Programme\MobMapUpdater
[2008.01.21 04:35:17 | 000,000,000 | ---D | M] -- C:\Programme\Movie Maker
[2011.05.09 18:47:37 | 000,000,000 | ---D | M] -- C:\Programme\Movie Subtitles Searcher
[2011.05.18 20:38:43 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox
[2011.05.09 18:54:49 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Thunderbird
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Programme\MSBuild
[2008.08.04 14:08:38 | 000,000,000 | ---D | M] -- C:\Programme\MSXML 4.0
[2008.08.04 13:30:45 | 000,000,000 | ---D | M] -- C:\Programme\Nero
[2011.04.17 10:52:33 | 000,000,000 | ---D | M] -- C:\Programme\NewsLeecher
[2010.09.30 17:54:20 | 000,000,000 | ---D | M] -- C:\Programme\NVIDIA Corporation
[2011.04.27 15:40:11 | 000,000,000 | ---D | M] -- C:\Programme\OpenAL
[2010.07.11 14:18:34 | 000,000,000 | ---D | M] -- C:\Programme\OpenOffice.org 3
[2011.02.13 20:30:31 | 000,000,000 | ---D | M] -- C:\Programme\Orbitdownloader
[2011.05.09 18:42:00 | 000,000,000 | ---D | M] -- C:\Programme\Pando Networks
[2010.07.09 13:37:55 | 000,000,000 | ---D | M] -- C:\Programme\PokerStars.NET
[2010.12.10 15:16:46 | 000,000,000 | ---D | M] -- C:\Programme\PopCap Games
[2011.04.27 03:17:46 | 000,000,000 | ---D | M] -- C:\Programme\QuickPar
[2010.05.30 13:24:44 | 000,000,000 | ---D | M] -- C:\Programme\QuickTime
[2010.10.12 17:35:29 | 000,000,000 | ---D | M] -- C:\Programme\Real
[2008.08.04 12:07:59 | 000,000,000 | ---D | M] -- C:\Programme\Realtek
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Programme\Reference Assemblies
[2010.05.24 14:17:58 | 000,000,000 | ---D | M] -- C:\Programme\Samsung
[2011.02.08 22:11:11 | 000,000,000 | R--D | M] -- C:\Programme\Skype
[2011.04.12 19:47:31 | 000,000,000 | ---D | M] -- C:\Programme\SlySoft
[2010.10.09 11:41:40 | 000,000,000 | ---D | M] -- C:\Programme\SpacialAudio
[2011.04.29 18:46:56 | 000,000,000 | ---D | M] -- C:\Programme\SQUARE ENIX - Eidos Interactive
[2011.05.18 21:11:28 | 000,000,000 | ---D | M] -- C:\Programme\Steam
[2011.04.23 18:46:42 | 000,000,000 | ---D | M] -- C:\Programme\SystemRequirementsLab
[2010.06.13 15:52:08 | 000,000,000 | ---D | M] -- C:\Programme\Teamspeak2_RC2
[2011.02.27 15:56:01 | 000,000,000 | ---D | M] -- C:\Programme\TmNationsForever
[2010.12.29 21:47:51 | 000,000,000 | ---D | M] -- C:\Programme\TrueCrypt
[2011.04.22 18:22:11 | 000,000,000 | ---D | M] -- C:\Programme\Ubisoft
[2008.08.04 13:07:14 | 000,000,000 | ---D | M] -- C:\Programme\Ulead Systems
[2006.11.02 15:01:55 | 000,000,000 | -H-D | M] -- C:\Programme\Uninstall Information
[2011.04.26 01:11:08 | 000,000,000 | ---D | M] -- C:\Programme\Valve
[2010.05.24 15:28:17 | 000,000,000 | ---D | M] -- C:\Programme\VideoLAN
[2010.10.09 12:05:50 | 000,000,000 | ---D | M] -- C:\Programme\VirtualDJ
[2011.05.11 16:34:34 | 000,000,000 | ---D | M] -- C:\Programme\Webcam Simulator
[2010.09.06 14:47:50 | 000,000,000 | ---D | M] -- C:\Programme\Winamp
[2010.05.23 17:51:13 | 000,000,000 | ---D | M] -- C:\Programme\Winamp Detect
[2008.01.21 04:35:18 | 000,000,000 | ---D | M] -- C:\Programme\Windows Calendar
[2008.01.21 04:35:15 | 000,000,000 | ---D | M] -- C:\Programme\Windows Collaboration
[2008.01.21 04:35:09 | 000,000,000 | ---D | M] -- C:\Programme\Windows Defender
[2008.01.21 04:35:14 | 000,000,000 | ---D | M] -- C:\Programme\Windows Journal
[2010.05.24 04:31:01 | 000,000,000 | ---D | M] -- C:\Programme\Windows Live
[2010.05.24 04:30:52 | 000,000,000 | ---D | M] -- C:\Programme\Windows Live SkyDrive
[2008.08.13 09:16:30 | 000,000,000 | ---D | M] -- C:\Programme\Windows Mail
[2008.01.21 04:35:15 | 000,000,000 | ---D | M] -- C:\Programme\Windows Media Player
[2010.05.23 17:41:01 | 000,000,000 | ---D | M] -- C:\Programme\Windows NT
[2008.01.21 04:35:14 | 000,000,000 | ---D | M] -- C:\Programme\Windows Photo Gallery
[2008.08.08 15:07:56 | 000,000,000 | ---D | M] -- C:\Programme\Windows Sidebar
[2010.05.23 20:56:40 | 000,000,000 | ---D | M] -- C:\Programme\WinRAR
[2011.04.18 12:01:25 | 000,000,000 | ---D | M] -- C:\Programme\World of Warcraft
[2011.04.25 20:20:44 | 000,000,000 | ---D | M] -- C:\Programme\Xilisoft
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: EXPLORER.EXE >
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\ERDNT\cache\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: REGEDIT.EXE >
[2008.01.21 04:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\ERDNT\cache\regedit.exe
[2008.01.21 04:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.21 04:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\ERDNT\cache\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
< MD5 for: WINLOGON.EXE >
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\ERDNT\cache\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< >
< End of report >
--- --- ---
Extras.txtOTL Logfile: Code:
OTL Extras logfile created on: 18.05.2011 21:39:54 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Maxl\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,16 Gb Total Space | 113,71 Gb Free Space | 19,74% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 12,37 Gb Free Space | 61,86% Space Free | Partition Type: FAT32
Computer Name: MAXL-PC | User Name: Maxl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DE6B45E-7DDC-48E7-94B8-E9C34F9A60EC}" = rport=137 | protocol=17 | dir=out | app=system |
"{101BEBE4-2A43-46BB-B463-F4D283DE8A24}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{104D84CD-2773-4BA9-98DC-2C1D6450822F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{21E2512F-C410-4907-A4B0-B07C1260214E}" = lport=139 | protocol=6 | dir=in | app=system |
"{4509C0EB-DC9C-4B30-9289-4F022EB14CF7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{47DB870B-E94B-4211-9BDE-D109AABD9079}" = rport=445 | protocol=6 | dir=out | app=system |
"{5B1CF9FD-ED14-4BC7-9E13-050D7B6647AE}" = rport=138 | protocol=17 | dir=out | app=system |
"{940621E8-8B83-4413-908D-C023781FC37E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BDDB8D7F-A2FF-4F17-B8D7-46D6A1F7DD57}" = lport=138 | protocol=17 | dir=in | app=system |
"{D8AFBC90-30D7-47D4-8156-934CC76E84B4}" = lport=137 | protocol=17 | dir=in | app=system |
"{DA61B32B-05D8-43BE-946B-12A6081F3EFD}" = rport=139 | protocol=6 | dir=out | app=system |
"{DA8AF75A-5863-4593-92A9-97A13FB7A87E}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06D43123-1818-4C4B-9636-E33C36215B90}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{08643B90-8AF3-4834-8F39-60D91FA64F1C}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{09C692A0-5307-4342-A41E-6662B28ABA72}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{09CF51DB-FE23-4B18-A2B5-89BDA2518B53}" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{0E1C3024-0A4A-4F13-B65F-1ED50A58534C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{111A9C40-7FD0-4CDD-AFED-FCDD2BCCEAA0}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{17334BE1-AE53-4142-80C0-3FA9953AD34A}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{1A303F31-98A8-406C-A0AA-89F96E264BE5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1B62B478-7279-446E-B5D6-2C6613C12698}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{200EC952-0D5C-44C5-B71F-3F2FFA17FCAB}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{26A063FB-677C-4EB6-91A3-C31A815A47A5}" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars the force unleashed 2\swtfu2.exe |
"{2C5E63D2-1352-475B-ADD5-EBDF83BA49BC}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{356A25FF-DDD5-4872-85E7-94555F4D4616}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{364A8C24-CFD9-44D2-A2B2-8DDD842D5509}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{39FC97D9-4501-4E17-A7B7-8A386C52EF2F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3AB13818-02E9-490C-A72D-28BF1C5FD172}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{40B80213-691C-4969-B5EA-238A40A747CE}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{44DA55D9-B665-4EEE-9ECD-86B427C135CA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4A83CDD1-101A-41D1-B240-4DD3D0B897FF}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{4CE9825C-CF4C-407C-9AAE-BFBB0650413F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{54048270-A1EC-4143-9F7E-CD388336E0EE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{574C31CB-872A-4F91-8410-C1B6DFD2AE2B}" = protocol=6 | dir=in | app=c:\program files\dragon age 2\dragonage2launcher.exe |
"{591A1128-6102-4EF2-8542-C7B0AE2F4570}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{5CFFF6BA-E5CC-4702-B356-BFF8DC49B3AE}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{5DBA3131-B6CC-4289-9563-F650719C24F8}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{5DCD091E-D6E4-4BA6-A83F-D1AFACC4CCBF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5ECA4AB6-ECD2-4E5C-816A-A6071C2A4B98}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{5F6BAB31-FF46-4743-AE13-1A6F3C6D3483}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{602DAFFF-6AF0-49EE-AB2D-80A0D95320DC}" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars the force unleashed 2\swtfu2.exe |
"{603A6028-6C32-458B-8D57-7AB8D045BF77}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{6605790D-E94C-4409-A7C1-C249FDB3599A}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{6D63AFDA-7A7F-471D-BAE2-EC76E63B1E16}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{711A7C45-297E-46BC-BE83-7198B4B576F3}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{71E069A4-9A1A-42E2-87F8-E96BEA84EBEB}" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{737BD13A-83D1-42BE-86E8-E28212122D79}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{7895AB0F-97EF-408D-8D35-8D4ED35EBAB8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7AC2BA9C-87D1-4982-BF35-8883B8327BD4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{7C9C1FE0-16C2-4A21-9D58-ED48D870502E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{82DE6601-2ACE-478E-890E-5422208460D7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\hit_pitt\counter-strike source\hl2.exe |
"{856F21C8-D0C2-447B-B99A-D0103EB1AB31}" = protocol=17 | dir=in | app=c:\program files\dragon age 2\bin_ship\dragonage2.exe |
"{8861954B-9757-41C8-881C-252170A65FE7}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{88B22B08-4B9B-4283-A4F1-4B7274E0CA21}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{925E0FEB-B584-4A1E-A31B-CF92013D7ECC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\hit_pitt\counter-strike source\hl2.exe |
"{9793F8AC-0647-4BBA-AB25-E1D93341673A}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{9996C112-02AD-44D8-9FC5-E7F8D2AC8216}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{99DF733C-32CC-4B7D-92FF-763DB036253A}" = protocol=6 | dir=in | app=c:\program files\dragon age 2\bin_ship\dragonage2.exe |
"{9FA8C3A2-F5E4-40F3-9BDF-D64D5D385565}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{A46A0FA4-8177-4DC9-8E2F-672B24CBDFF6}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{A6469983-F1E6-4C4F-BF4D-3B58B4EEDCEE}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{AA906F69-81EA-4883-AE8D-6FF173918895}" = protocol=6 | dir=in | app=c:\program files\codemasters\f1 2010\f1_2010_game.exe |
"{ACEC8EC1-67C8-4BDE-9712-7B5C3B5F17BF}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{B86AA195-1FB1-4FBD-B2FD-0F903444BB2F}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{BB334B48-8727-4DC4-92ED-6D95F5502986}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{BD6406FD-C145-4C91-B0B1-4621B77994F9}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{C033B7FA-9F88-40E4-9B28-097B9F4BBAEC}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{C30AC916-6EE7-4EB4-8DEC-5E05311D26A3}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{C8188B0D-717B-4189-88CD-5C7736057A00}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{DC20797D-ED5F-4D94-9A84-81F2EEFB13F2}" = protocol=17 | dir=in | app=c:\program files\dragon age 2\dragonage2launcher.exe |
"{DE95DADF-5EE7-4435-AA3D-257A365081D0}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{E22821C8-1237-4181-B9F7-CC733D435333}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{EBD4DC13-6F6B-4D68-9568-03F015ED9493}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{F231C38E-F13C-453B-A585-36DA86A909B1}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{F753E5C2-00D8-4087-9429-7A8B8672EAB8}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{FA922452-08D9-4A8A-9FF6-A199150813C7}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{FB1EED06-C8A4-4242-AF1E-7477079C0ED7}" = protocol=17 | dir=in | app=c:\program files\codemasters\f1 2010\f1_2010_game.exe |
"{FBEE7F72-E3D1-414A-9B2A-C0CEB72F3EC3}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2223FC2F-B862-4F83-BC9E-DDF2DADF2859}" = Intel(R) Network Connections 13.0.42.0
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{360022A4-9339-426B-8F36-1465CBAEABC0}" = D7300
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{47948554-90C6-4AAC-8CFA-D23CE11C1031}" = Nero 8 Essentials
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = Trust Webcam 15082
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{6009F2FC-EC56-4e28-B91C-0BA5104D6419}" = SF_CDA_Software
"{629F65FB-7F3C-4D66-A1C0-20722744B7B6}" = Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM)
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66712EEE-ECBC-4CA6-A474-dream-mkv-converter}_is1" = Dream MKV Converter 3.0.3.2
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{714B6179-84C4-4FBE-B934-B6CF75ED37A5}" = D6100_D7100_D7300_Help
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8944ED10-DBF2-4FA9-8B5D-D7E1B046C761}_is1" = ColdCut
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9718521B-A345-4ad9-A52B-74D1435FB708}" = SF_CDA_ProductContext
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{981DE354-9301-440f-AAFC-025AA2354A93}" = HP Deskjet & Photosmart Printer Driver Software 8.0.A
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AE850A4-B89D-4875-A159-B1B64D717EFB}" = OMSI - Der Omnibussimulator
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C5A8DF48-580B-44D3-B2B2-E965A9368F28}" = LEGO® Harry Potter™: Die Jahre 1-4
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: The Complete Saga
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = Trust Webcam
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"7-Zip" = 7-Zip 4.65
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AnyDVD" = AnyDVD
"Avidemux 2.5" = Avidemux 2.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent
"CloneDVD2" = CloneDVD2
"DRAGON" = DRAGON 1.6
"Dreamload" = Dreamload
"ERUNT_is1" = ERUNT 1.1j
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"Google Chrome" = Google Chrome
"GrabIt_is1" = GrabIt 1.7.1 Beta (build 960)
"Hamster Free Video Converter_is1" = HamsterFreeVideoConverter
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: Die Komplette Saga
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Jeopardy!®_Editor_1.0.21.0" = Classroom Jeopardy! Editor 1.05
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.0 (Full)
"Left4Dead2-hohesC_is1" = Left 4 Dead 2 Version 2.0.4.8
"LEGO Star Wars III The Clone Wars" = LEGO Star Wars III The Clone Wars
"LetsTrade" = LetsTrade Komponenten
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MixVibesHomedemo.exe" = MixVibes HOME DEMO uninstall
"MobMap_is1" = MobMap 4.01
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"NewsLeecher_is1" = NewsLeecher v4.0 Final
"NSIS_ldoce5" = Longman Dictionary of Contemporary English 5th Edition
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Orbit_is1" = Orbit Downloader
"Picasa 3" = Picasa 3
"Plants vs. Zombies" = Plants vs. Zombies
"PokerStars.net" = PokerStars.net
"Postal 2_is1" = Portal 2
"PROSetDX" = Intel(R) Network Connections 13.0.42.0
"PunkBusterSvc" = PunkBuster Services
"QUICKfind" = QUICKfind server v1.1
"QuickPar" = QuickPar 0.9
"RealPlayer 12.0" = RealPlayer
"SAMPDJ" = SAM Party DJ v4
"SP6" = Logitech SetPoint 6.15
"Steam App 17510" = Age of Chivalry
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TmNationsForever_is1" = TmNationsForever
"TrueCrypt" = TrueCrypt
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Detect" = Winamp Detector Plug-in
"Xilisoft MKV Converter 6" = Xilisoft MKV Converter 6
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
--- --- ---
Habe nun auch ca 20 Links geöffnet über Google und keine Werbeseite wurde mehr angezeigt! Scheint geholfen zu haben.
Vielen vielen Dank !!! |
