| machete81 | 17.03.2012 04:24 |
OTL-Log Code:
OTL logfile created on: 17.03.2012 04:05:28 - Run 8
OTL by OldTimer - Version 3.2.34.0 Folder = C:\Users\Machete 81\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 56,93% Memory free
4,24 Gb Paging File | 3,10 Gb Available in Paging File | 73,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,35 Gb Total Space | 32,27 Gb Free Space | 10,64% Space Free | Partition Type: NTFS
Drive D: | 150,69 Gb Total Space | 95,61 Gb Free Space | 63,45% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 999,63 Gb Free Space | 53,66% Space Free | Partition Type: NTFS
Computer Name: MACHETE81-PC | User Name: Machete 81 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.03.17 02:34:57 | 003,905,920 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012.03.02 21:59:51 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Machete 81\Desktop\OTL.exe
PRC - [2011.08.24 14:21:14 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011.07.04 18:50:31 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.05.25 08:25:02 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.05.25 08:24:56 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.05.25 08:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.05.20 21:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.05.01 00:37:21 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.04 13:36:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 20:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.05.02 01:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe
PRC - [2008.05.02 01:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008.01.18 23:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.18 23:33:40 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.10.01 10:53:50 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.06.04 15:20:38 | 000,065,536 | ---- | M] () -- c:\Programme\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
PRC - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe
========== Modules (No Company Name) ==========
MOD - [2012.03.17 03:01:10 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012.03.17 03:01:10 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011.08.24 14:26:16 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011.08.24 14:26:16 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2007.04.05 10:40:32 | 000,443,488 | ---- | M] () -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 4\ContextHandler.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.02.09 11:59:08 | 001,529,152 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.02.09 11:59:06 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.08.24 14:21:14 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.07.04 18:50:31 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.07.03 17:24:29 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.05.25 08:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.05.20 21:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.05.01 00:37:21 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.05.02 01:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.06.04 15:20:38 | 000,065,536 | ---- | M] () [Auto | Running] -- c:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe -- (FSCLBaseUpdaterService)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Stopped] -- C:\Spiele\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Unknown | Running] -- -- (SYMTDI)
DRV - File not found [Kernel | Unknown | Running] -- -- (SymEvent)
DRV - [2012.02.09 11:48:24 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.08.24 14:21:07 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.08.24 14:21:06 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011.07.04 18:50:43 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.04 18:50:43 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.05.25 08:24:42 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.06.17 13:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.24 11:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2009.09.10 15:58:26 | 000,021,648 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OlyCamComm.sys -- (OlyCamComm)
DRV - [2009.09.04 13:16:14 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/12/29 19:27:57] [Kernel | Auto | Running] -- C:\Programme\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2009.06.28 15:35:04 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.06.28 15:35:03 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008.04.01 18:38:54 | 000,715,248 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.02.29 02:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008.02.29 02:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007.09.17 22:17:36 | 000,098,816 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.07.02 16:37:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007.07.02 16:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007.06.13 22:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2007.01.23 13:36:46 | 000,299,776 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hcw88tse.sys -- (HCW88TSE)
DRV - [2007.01.23 13:25:30 | 000,207,872 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hcw88bda.sys -- (HCW88BDA)
DRV - [2007.01.23 13:25:14 | 000,011,904 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | System | Running] -- C:\Windows\System32\drivers\hcw88aud.sys -- (HCW88AUD)
DRV - [2006.08.28 17:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006.08.28 17:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com?o=15015&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http:google.de"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Machete 81\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc;version=0.8.6e: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Machete 81\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Machete 81\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.20 22:42:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.10 08:28:43 | 000,000,000 | ---D | M]
[2009.01.25 13:22:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Machete 81\AppData\Roaming\mozilla\Extensions
[2011.11.05 17:27:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Machete 81\AppData\Roaming\mozilla\Firefox\Profiles\r10enxb0.default\extensions
[2011.03.31 23:01:55 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Machete 81\AppData\Roaming\mozilla\Firefox\Profiles\r10enxb0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.17 02:23:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.11.11 17:44:18 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.03.17 02:23:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.02.20 22:42:39 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.17 02:23:20 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.04.10 18:28:26 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012.02.17 21:16:43 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.17 21:16:43 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.17 21:16:43 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.17 21:16:43 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
O1 HOSTS File: ([2011.03.27 19:49:31 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - D:\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download All by FlashGet - D:\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - D:\FlashGet universal\ComDlls\Bholink.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Machete 81\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Machete 81\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save YouTube Video as MP3 - Reg Error: Value error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: winamp.com ([client] https in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4EBF793-506B-451D-9089-69550F5DD742}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Machete 81\Pictures\Naturbilder\Natural Scenery\8.jpg
O24 - Desktop BackupWallPaper: C:\Users\Machete 81\Pictures\Naturbilder\Natural Scenery\8.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.03.17 02:35:24 | 000,000,000 | ---D | C] -- C:\Users\Machete 81\Desktop\TrojanerOdysee2012
[2012.03.17 02:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.03.17 02:23:46 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.03.17 02:23:46 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.03.17 02:23:45 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.03.17 02:22:14 | 017,205,024 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Machete 81\Desktop\jre-6u31-windows-i586-s.exe
[2012.03.17 01:48:52 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.03.17 01:48:51 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.03.17 01:48:51 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.03.17 01:48:51 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.03.17 01:48:51 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.03.17 01:48:50 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.03.13 22:14:38 | 002,063,920 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Machete 81\Desktop\TDSSKiller.exe
[2012.03.13 21:53:36 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012.03.10 16:20:00 | 000,100,864 | ---- | C] (GMER) -- C:\kwddiuoc.sys
[2012.03.05 19:44:44 | 003,628,016 | ---- | C] (Piriform Ltd) -- C:\Users\Machete 81\Desktop\ccsetup316.exe
[2012.03.02 21:59:56 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\Machete 81\Desktop\OTL.exe
[2012.03.02 00:34:50 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Machete 81\Desktop\mbam-setup-1.60.1.1000.exe
[2012.03.01 18:51:21 | 000,000,000 | R--D | C] -- C:\Users\Machete 81\Desktop\Apps
[2012.03.01 18:07:12 | 000,028,992 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2012.03.01 17:55:05 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012.03.01 17:55:05 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012.03.01 17:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012.03.01 17:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2012.03.01 17:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.03.01 17:51:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.03.01 17:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIP ST
[2012.03.01 17:35:30 | 000,000,000 | ---D | C] -- C:\Vista Icon Pack ST
[2012.03.01 17:21:26 | 000,000,000 | R--D | C] -- C:\Users\Machete 81\Desktop\Handykram
[2012.03.01 17:18:24 | 000,000,000 | ---D | C] -- C:\Users\Machete 81\Downloads\Documents\Steuererkl
[2012.02.24 08:19:08 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2012.02.17 20:59:43 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.02.17 20:59:43 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.17 20:59:43 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.17 20:59:43 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.17 20:59:43 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.17 20:59:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.17 20:59:42 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.17 20:59:42 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.17 20:59:42 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[1 C:\Users\Machete 81\AppData\Roaming\*.tmp files -> C:\Users\Machete 81\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.03.17 03:16:33 | 000,928,216 | ---- | M] () -- C:\Users\Machete 81\Desktop\Norton_Removal_Tool.exe
[2012.03.17 02:56:37 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.17 02:56:37 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.17 02:56:29 | 000,395,560 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.17 02:56:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.17 02:54:37 | 2146,754,560 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.17 02:23:19 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.03.17 02:23:19 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.03.17 02:23:18 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.03.17 02:23:17 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.03.17 02:22:16 | 017,205,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Machete 81\Desktop\jre-6u31-windows-i586-s.exe
[2012.03.13 22:22:15 | 000,008,592 | ---- | M] () -- C:\Users\Machete 81\AppData\Local\d3d9caps.dat
[2012.03.13 22:13:32 | 002,044,822 | ---- | M] () -- C:\Users\Machete 81\Desktop\tdsskiller.zip
[2012.03.13 22:04:59 | 000,000,020 | ---- | M] () -- C:\Users\Machete 81\defogger_reenable
[2012.03.13 22:03:26 | 000,050,477 | ---- | M] () -- C:\Users\Machete 81\Desktop\Defogger.exe
[2012.03.10 16:55:05 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe
[2012.03.10 16:20:00 | 000,100,864 | ---- | M] (GMER) -- C:\kwddiuoc.sys
[2012.03.10 14:13:44 | 000,302,592 | ---- | M] () -- C:\Users\Machete 81\Desktop\z22uc1oi.exe
[2012.03.09 21:07:56 | 000,211,456 | ---- | M] () -- C:\Users\Machete 81\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.09 17:12:06 | 002,063,920 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Machete 81\Desktop\TDSSKiller.exe
[2012.03.08 21:19:25 | 000,747,252 | ---- | M] () -- C:\Users\Machete 81\Downloads\Documents\cc_20120308_211906.reg
[2012.03.05 19:45:49 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.03.05 19:44:40 | 003,628,016 | ---- | M] (Piriform Ltd) -- C:\Users\Machete 81\Desktop\ccsetup316.exe
[2012.03.02 21:59:51 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Machete 81\Desktop\OTL.exe
[2012.03.02 16:02:24 | 000,005,528 | ---- | M] () -- C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe081.dll
[2012.03.02 16:02:22 | 000,000,080 | ---- | M] () -- C:\Users\Machete 81\AppData\Roaming\blckdom.res
[2012.03.02 00:35:33 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.02 00:34:42 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Machete 81\Desktop\mbam-setup-1.60.1.1000.exe
[2012.03.01 19:18:18 | 000,000,365 | ---- | M] () -- C:\Users\Machete 81\Desktop\Öffentlich - Verknüpfung.lnk
[2012.03.01 19:11:31 | 000,001,755 | ---- | M] () -- C:\Users\Machete 81\Desktop\,,.lnk
[2012.03.01 19:05:09 | 000,001,274 | ---- | M] () -- C:\Users\Machete 81\Desktop\DL.lnk
[2012.03.01 18:58:10 | 000,001,251 | ---- | M] () -- C:\Users\Machete 81\Desktop\....lnk
[2012.03.01 18:56:41 | 000,001,246 | ---- | M] () -- C:\Users\Machete 81\Desktop\..lnk
[2012.03.01 17:43:35 | 000,001,243 | ---- | M] () -- C:\Users\Machete 81\Desktop\...lnk
[2012.02.28 20:15:31 | 000,005,528 | ---- | M] () -- C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll
[2012.02.24 13:44:45 | 000,005,416 | ---- | M] () -- C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe078.dll
[2012.02.21 12:47:34 | 009,759,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.21 12:47:34 | 003,409,688 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.21 12:47:34 | 003,064,054 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.21 12:47:34 | 002,787,586 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Users\Machete 81\AppData\Roaming\*.tmp files -> C:\Users\Machete 81\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.03.17 03:16:37 | 000,928,216 | ---- | C] () -- C:\Users\Machete 81\Desktop\Norton_Removal_Tool.exe
[2012.03.13 22:13:22 | 002,044,822 | ---- | C] () -- C:\Users\Machete 81\Desktop\tdsskiller.zip
[2012.03.13 22:04:30 | 000,000,020 | ---- | C] () -- C:\Users\Machete 81\defogger_reenable
[2012.03.13 22:03:31 | 000,050,477 | ---- | C] () -- C:\Users\Machete 81\Desktop\Defogger.exe
[2012.03.13 21:43:25 | 2146,754,560 | -HS- | C] () -- C:\hiberfil.sys
[2012.03.10 16:55:15 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe
[2012.03.10 14:13:47 | 000,302,592 | ---- | C] () -- C:\Users\Machete 81\Desktop\z22uc1oi.exe
[2012.03.08 21:19:11 | 000,747,252 | ---- | C] () -- C:\Users\Machete 81\Downloads\Documents\cc_20120308_211906.reg
[2012.03.05 19:45:49 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.03.02 16:02:24 | 000,005,528 | ---- | C] () -- C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe081.dll
[2012.03.02 00:35:33 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.01 19:18:18 | 000,000,365 | ---- | C] () -- C:\Users\Machete 81\Desktop\Öffentlich - Verknüpfung.lnk
[2012.03.01 19:11:31 | 000,001,755 | ---- | C] () -- C:\Users\Machete 81\Desktop\,,.lnk
[2012.03.01 17:54:51 | 000,001,884 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.02.28 20:15:31 | 000,005,528 | ---- | C] () -- C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll
[2012.02.24 13:44:45 | 000,005,416 | ---- | C] () -- C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe078.dll
[2012.02.24 08:29:58 | 000,000,080 | ---- | C] () -- C:\Users\Machete 81\AppData\Roaming\blckdom.res
[2012.02.24 08:20:03 | 000,001,793 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.02.24 08:20:03 | 000,001,737 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2012.02.24 08:20:03 | 000,001,716 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.08.31 20:56:42 | 000,000,399 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2011.08.31 20:56:39 | 000,040,960 | ---- | C] () -- C:\Windows\98Setup.exe
[2011.07.17 13:10:40 | 000,000,088 | RHS- | C] () -- C:\ProgramData\5C9A236D9A.sys
[2011.07.17 13:10:39 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.05.20 21:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.03.25 15:30:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.03.25 15:30:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.03.25 15:30:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.03.25 15:30:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.03.25 15:30:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.01.21 00:29:26 | 000,000,760 | ---- | C] () -- C:\Users\Machete 81\AppData\Roaming\setup_ldm.iss
[2010.07.19 21:11:02 | 000,000,219 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010.05.30 23:03:44 | 000,000,876 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2010.04.23 22:23:47 | 000,000,468 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.04.23 22:23:47 | 000,000,030 | ---- | C] () -- C:\Windows\System32\brss01a.ini
[2010.04.23 22:23:47 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.04.23 22:18:13 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf05a.dat
[2010.04.22 22:19:19 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
========== LOP Check ==========
[2008.10.19 00:51:33 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\Ankh - Heart of Osiris
[2008.03.13 14:16:18 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\Audacity
[2011.04.10 00:25:53 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\BITS
[2008.11.29 14:13:54 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\DAEMON Tools Pro
[2011.10.15 17:24:14 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\DVDVideoSoft
[2011.03.31 23:01:55 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.01.19 18:08:29 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\elsterformular
[2011.04.10 18:28:42 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\Foxit
[2010.03.20 17:11:06 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\Free Audio Editor
[2010.04.26 12:34:16 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\FreeFLVConverter
[2011.05.28 13:05:16 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\go
[2011.02.10 14:15:17 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\gtk-2.0
[2010.10.16 19:17:47 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\Leadertech
[2011.07.31 19:25:43 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\MAGIX
[2010.03.20 15:52:52 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\NCH Swift Sound
[2010.10.24 02:05:49 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\OpenOffice.org
[2009.02.25 02:33:54 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\PeerNetworking
[2011.01.23 01:59:00 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\ProtectDisc
[2010.07.10 03:08:47 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\SparweltGutschein
[2008.12.15 18:53:29 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\Template
[2012.03.01 18:07:05 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\TuneUp Software
[2010.03.22 16:38:34 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2009.06.28 15:37:56 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\Ubisoft
[2010.07.04 23:25:57 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\VoozieMaker
[2010.09.12 13:12:48 | 000,000,000 | ---D | M] -- C:\Users\Machete 81\AppData\Roaming\Xilisoft
[2010.12.11 20:29:03 | 000,000,212 | ---- | M] () -- C:\Windows\Tasks\olycamdetect.exe_20101211_202902_0886.job
[2010.12.11 23:33:36 | 000,000,212 | ---- | M] () -- C:\Windows\Tasks\olycamdetect.exe_20101211_233336_0744.job
[2010.10.27 01:38:16 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2008.03.22 22:46:17 | 000,307,910 | ---- | C] ()(C:\Users\Machete 81\Downloads\Documents\? 4Basti.amr) -- C:\Users\Machete 81\Downloads\Documents\ 4Basti.amr
[2008.03.18 21:10:04 | 000,307,910 | ---- | M] ()(C:\Users\Machete 81\Downloads\Documents\? 4Basti.amr) -- C:\Users\Machete 81\Downloads\Documents\ 4Basti.amr
< End of report >
Extras.Txt Code:
OTL Extras logfile created on: 17.03.2012 04:05:28 - Run 8
OTL by OldTimer - Version 3.2.34.0 Folder = C:\Users\Machete 81\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 56,93% Memory free
4,24 Gb Paging File | 3,10 Gb Available in Paging File | 73,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,35 Gb Total Space | 32,27 Gb Free Space | 10,64% Space Free | Partition Type: NTFS
Drive D: | 150,69 Gb Total Space | 95,61 Gb Free Space | 63,45% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 999,63 Gb Free Space | 53,66% Space Free | Partition Type: NTFS
Computer Name: MACHETE81-PC | User Name: Machete 81 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\Mein CEWE FOTOBUCH\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mein CEWE FOTOBUCH] -- "C:\Program Files\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"D:\FlashGet universal\FlashGet.exe" = D:\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"D:\FlashGet universal\LiveUpdate.exe" = D:\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"D:\FlashGet universal\LiveUpdateEx.exe" = D:\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B97D4C3-D840-452A-8C63-47E2F8E6EDF5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0F2FD710-DA98-4C93-BD76-804A97FE498C}" = lport=138 | protocol=17 | dir=in | app=system |
"{102D1E55-E56E-43CE-B9AF-CB9771FA3B15}" = lport=137 | protocol=17 | dir=in | app=system |
"{1BD9E6B7-5A2D-456D-9C04-3C4FB9E71BFB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1C7829E9-1585-4B6F-9B52-4B76E50B375D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DDCDABD-1B6B-42C2-8D00-8929C3749389}" = rport=139 | protocol=6 | dir=out | app=system |
"{213CC10A-5CF9-4BD3-99DB-FDE5773EA072}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{22F2CDB8-24E6-4073-95FB-629CACB4537C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2CB57AED-0F96-47DE-8F80-10590A3BA0C5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4546667E-1244-4C38-8FE3-DC67A589C99F}" = rport=445 | protocol=6 | dir=out | app=system |
"{59ABE83B-24B7-4870-A703-BAAD94500984}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{61D74005-F7E4-447F-872D-F051806DF0DA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64567F94-2ADE-46ED-8712-7F4E822FA0A9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66CA1113-5FF9-4773-8C8B-03CD584ACB9B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6940F09E-DEF1-4AF3-9B9C-1F65CEC785C6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{752469A8-B52F-45BF-825A-25A3E91ECD5B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{806CF8E1-45E2-419F-81DB-590A77431C7B}" = lport=139 | protocol=6 | dir=in | app=system |
"{96ED15EE-4291-4895-B5A9-5E287BD44256}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{99DA131A-3CA5-4431-91DF-272FA55ECA26}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9CFC36EA-B43B-461F-BB97-8B077AD0C21A}" = rport=137 | protocol=17 | dir=out | app=system |
"{A592195F-3853-447D-97CC-04A56390286F}" = lport=3074 | protocol=6 | dir=in | name=xbox |
"{B284701C-DA75-46EA-9F4D-89525C5BED8F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B789B512-15D7-4935-89C4-203C1AB66F38}" = rport=138 | protocol=17 | dir=out | app=system |
"{BECC43A2-56E1-434F-B815-3142EB394004}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C3F12391-F406-4FC8-8EDA-8F658822B581}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D3F7E48D-01C6-4D2E-B9CF-DE67514692FF}" = lport=445 | protocol=6 | dir=in | app=system |
"{E2A96DAB-A929-41D4-B053-78CAD86D5545}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F010680A-11D9-4480-82F0-B25ABC5A8CFF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{045D0F5B-F82F-4C2B-8EE5-D0FC4084D816}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{04758101-B3F9-4BDD-8D3D-841C2660EAC4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0614E0E1-FEE1-47BC-A2AB-A414B31C8CC4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{08EBB26F-C52B-410E-A1C7-9448C23010C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B0863C0-3E55-43AF-B9A9-EB08A7C24A95}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B8E0619-FA84-43B0-91AA-2AE504CB7AA6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1186921C-3036-41DF-80ED-965280E2C839}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{12CC7ED6-2795-4C88-A8B8-156C4E37AE56}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{164E2CA5-7D20-48AD-B6F6-C6BDE354FEBC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{171BEE58-157F-4BE5-8394-64CEA8D020FE}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{1A6D6D10-0DC6-49D1-B078-E31D50F1D222}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22390F94-5690-4028-B35D-2E5F94EC224A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24494E33-0BD3-4640-8425-29458F42BF85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{259AEB18-A001-4329-8DD8-143ECBB5F0CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25EE09B7-B0BA-4875-92BE-B591083113C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2707859D-DD2D-40B1-A0BD-88AD1A9A867C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A57D064-CB30-4D98-8762-0A0162D2D36C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2AC80058-DFA8-4D35-85A3-64496D2883E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C18CB93-96A5-4031-ABCC-7933FFA8DBA6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C236274-B307-4EEA-8165-1431A5EECE49}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D18454C-00DA-4B46-BF34-7B8FAEAFD686}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{2E7F3BAF-EA97-4CEC-813C-50EB064BC40C}" = protocol=6 | dir=in | app=d:\program files\steam\steam.exe |
"{3348DDC0-154D-4CFC-B753-8DFD9420C5C2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33FFBAFD-40C1-423D-9E36-8A80B4976493}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{34F7FEED-5A34-4169-B4A5-EB926551FAAB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3550F539-3454-4A03-80DF-91944DB8EA36}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{36D34AAB-8F69-4E07-B7C7-96AC28EEC003}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{37805A21-C448-4852-8E36-6A15283E00E6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3AFBFC11-A486-4E74-8EB6-1753624725F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3CD37345-D80C-4328-A79C-3ADE666A64E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44340A1D-975C-4BCF-AFF7-61E7274051FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{49F50F32-4D7D-4EDB-991E-A1BEC19CA342}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4A5A2922-F660-44CB-ACCC-39261DCAD9B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{50802897-8042-4289-8690-6CF354C3F5C2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{564709A0-BE91-4B7A-A0DC-497019E2FA10}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{58D3916A-7CF0-4A95-A2C0-007D818F548A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58E39A2D-8DE4-4377-A87B-5500DB7781B5}" = protocol=6 | dir=in | app=c:\users\machete 81\appdata\local\temp\7zs3533.tmp\symnrt.exe |
"{59EB79A6-2A57-4094-BD8F-5BB5606BA4F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B8CAEFF-B4CC-43E9-B771-6C2717A3A349}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C373DE3-A7AE-4A91-89CF-6A8A0D5E742C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E36D34D-A8D8-4186-ADA0-1E0E92C46921}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E55062F-9EEA-4895-821E-5F3B1C85D409}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{622D0098-FAB5-4C89-8380-9886B0479135}" = protocol=17 | dir=in | app=d:\program files\steam\steam.exe |
"{64342821-097D-451D-8FE1-D36F92355ABC}" = protocol=6 | dir=out | app=system |
"{66B62E80-4858-4429-9997-2BF7EF8C3943}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{67DE7D5E-DECB-44E2-ADBB-A9778177DE53}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{689B3037-F52B-4753-8953-4DBA398773C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6D05A97F-4587-48A2-8E33-2CAFE9CEF4D8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6DDB2E27-94B9-46AC-9746-5ABF74698700}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6FD74FC8-F9CE-4E2D-8D76-04C00D43FBFE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{715FB247-4C77-44C5-9213-C93113D479F4}" = protocol=17 | dir=in | app=c:\users\machete 81\appdata\local\temp\7zs3533.tmp\symnrt.exe |
"{724AE84B-6120-4F17-87D0-346620B7D3CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{724B3A19-3FC8-4961-8DA5-EA578258A6F3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{72B8BA8B-1B16-49C9-9589-FC49C45CB16C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73E1AD91-065D-49D0-B93B-071B09CACF60}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74A43D91-388E-4C04-8110-7FC568BF6F86}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7701D70D-6110-4988-80B3-DEF57F4DF188}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{79BA966B-EDD1-418C-BED2-B911404ED313}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7A8F9DC6-271A-40EB-B606-3A20E4C936C5}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{7B333CE5-F9CD-4554-9068-E2618C44DD20}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7C735A83-1C4B-48F5-8209-EB3B262784FF}" = protocol=17 | dir=in | app=c:\users\machete 81\appdata\local\temp\7zse582.tmp\symnrt.exe |
"{816165EB-9D23-40BF-AEBF-6B5BE4ADA43F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{829C9A20-F460-41EA-8B76-874172D48B40}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86C28F8A-B72E-4D0D-A9AD-02B5B9A2D4E3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{89835FAB-93B7-4D16-B2A2-4C7C34BEF9FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{89CDAB74-35A9-40E1-9639-4D154CC3EF44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8CE352CB-B0C3-4697-9CCA-1B2D2C506425}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90DDB494-1316-47A4-B674-78E240A1A0FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{91264671-1AA1-4397-9928-E2695C6EBC2D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{912BDF7B-9B2D-4F5F-AADE-29DC3A8A43C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{919AD030-5D4D-47BA-B633-40D7CF7DC9CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{959B0F02-6C0D-476E-B069-CF6553DAB5E2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9619A50B-FBC3-4B86-A7E3-EAA486C1A49C}" = protocol=17 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{96EA8C50-965E-4F9E-811E-CCE93888BFE4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{977C2266-ECF4-41CE-88E7-CBF72399B3B6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9DA55D1A-D2CE-4923-9E9E-FEECF0BA5868}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9EA4DBBB-DCD6-4337-B395-4B5B9146181A}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{9F02B04C-A374-4C59-AA2A-8C4DF403E051}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9F2181F6-D4DB-451C-8D30-33AE9A61B1FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9FAAF4C3-7D39-46F4-A7D1-74AC420E174B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A875CC5B-8776-4708-8FAC-68F170F7709B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8DF47FD-846F-4A8F-AAA0-81CB672FE370}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{A9792BCA-17AE-4D8F-815E-665317468A60}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AFBE62D2-C76D-4CF7-8C0C-02EE2D66E256}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7D45E18-7C59-4178-9E01-727C1BFFD588}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B9AE10E7-0A0B-4C13-B316-93D381A66D3A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB26BBF2-47BA-4576-93A4-54F8EB3DA3CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BDB1CC27-0714-48DF-A6BB-175A95BD0E0A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BDEDCEC1-5DE5-4A1F-A8A4-8C0357C62B00}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF23A919-743A-43A6-8642-A72AE73CFD67}" = protocol=6 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{C05B72CC-B3DD-4CF3-80A7-F2E4A8CBAE48}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C296BA3C-1EE3-4D72-A210-E62D3952CD8C}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{C997E58C-5FA3-41B6-AB7E-0F73335F2ACC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA51F6EC-9575-484C-BD94-6C44CECE4E2C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D05B0F58-9962-403F-9EDC-1A0BAE70E12E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D45D9309-BDFF-4FF7-96C7-58C32B76EE72}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D585D8E0-58C4-4BA5-84F4-4C6B8779EFC2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6C09D8E-4DA8-42D8-9221-542CD4249FC9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DE206CDD-C56C-4A3F-90D3-FFBF69968B8E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E0F09885-846C-4E44-A823-9B4164D519EA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E186E6A7-5033-49B3-A8DE-3E5F52726D27}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E32F1C42-F82E-4C69-9ADE-149C019B8C2E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E4B3668E-F36F-41E1-A269-E00ADBFCFE71}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E6084C69-1CB9-4DC4-A28A-559AEEF639D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E7FBBE6C-B169-44FA-B4F4-54A718EA3D59}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E9BB054A-BAB3-4163-8352-57600A9C6094}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EC34750E-92B7-4DE0-AE4D-46C72D9732FD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ECD7B9F7-4E23-464F-A0E0-EBA4AD58954B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EFBD7BF4-CA20-41CB-A775-D28A4AE47559}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F06C3B19-80C2-4C9B-8924-2C0AD0801BEA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F18D825F-B77F-4F31-8F19-DA9BBC07DC0C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F1F8BA62-34C7-414E-A0E3-980DBFEA91D4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F6DA034C-68B5-4DE0-8A4C-2B39CA060864}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F799F199-77E0-49CB-9852-34BCEC001E18}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F79EA545-83E7-46C0-87B4-222A4C02C58D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F7EA93F2-35BB-4D50-8AC2-2E9989C138CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F8D47FFE-6313-4D13-9431-3F681B9A3CB1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F9DDBC7D-D5B8-4D58-A32A-698DD5F793CC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FAEBE2A7-754E-4CDA-95C4-10DA38FB6175}" = protocol=6 | dir=in | app=c:\users\machete 81\appdata\local\temp\7zse582.tmp\symnrt.exe |
"{FBC823D7-FBE3-4B44-8E06-84652CBEBF4C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC0B3799-7376-4710-A6F6-962BC9B2A260}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FF4D05AF-A441-412F-935F-2104EF42DD5E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{31355AF5-552F-451F-9CCF-2240EF6DD52C}D:\flashget universal\flashget.exe" = protocol=6 | dir=in | app=d:\flashget universal\flashget.exe |
"TCP Query User{34FDE753-7AFD-4B7B-9FE4-114170AA47DC}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"TCP Query User{499B4820-D8F7-491F-AC35-4E9F7CE72B2E}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"TCP Query User{6B4AF642-7806-4DE8-96F1-A1C0C68D229D}E:\setup.exe" = protocol=6 | dir=in | app=e:\setup.exe |
"TCP Query User{95E06D6A-8AFB-4D16-9F63-3612DCEBB306}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{E9EAFED8-F8D1-4ADE-ACAA-42E83970FE00}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{F1E9E252-55BE-4CA5-B4A0-53F046966A74}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{F538F40B-DB74-431C-BCA7-20B09C37F5C9}C:\users\machete 81\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\machete 81\program files\dna\btdna.exe |
"TCP Query User{F995EF0B-823D-4884-B55C-2D728FA2C354}C:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"UDP Query User{1D2DAE66-2704-4EED-8E98-4691A7D0F6FC}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{1DE2F066-389E-4AF4-BF02-8CFBCFE2C0E2}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{238501B8-F605-44F2-A2BD-B8C70325870E}E:\setup.exe" = protocol=17 | dir=in | app=e:\setup.exe |
"UDP Query User{25FDB9A4-81A6-4F33-B348-87EFDC1E6EE3}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{53165DFE-4380-4B54-A753-E6186DB0849D}D:\flashget universal\flashget.exe" = protocol=17 | dir=in | app=d:\flashget universal\flashget.exe |
"UDP Query User{5650E075-E8AB-46F1-B5D3-0B58559FCD60}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{AD2374D6-5737-4AEF-AD35-1A5C69557977}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{D67B791C-459C-44D6-A69A-4BDEEF56FF3F}C:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"UDP Query User{E9048B17-641B-4DCA-B5F7-503864F0252F}C:\users\machete 81\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\machete 81\program files\dna\btdna.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1A4E47DC-6701-4A85-AA16-C1F99A44598C}" = SpellForce 2 - Shadow Wars
"{1CD0C3C5-809D-4CFC-904A-1B67C6243637}" = Debugging Tools for Windows (x86)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2A1E27FF-BE53-45B4-950F-060236E98E3D}" = TMPGEnc Plus 2.5
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{305468A6-DE2D-43ba-A168-2F45A97A89DA}" = DJ_SF_03_D1500_Software_Min
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{38436888-9EAA-4cec-A56F-65B73D9D423C}" = D1500
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = CyberLink PowerDVD
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7595EEB5-6637-49B6-B191-DB5108F7ECB4}" = PC Camer@
"{761B4ADA-254C-461F-A446-A167E41FA6DD}" = Foxit PDF IFilter
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7FA32C2E-E218-4A04-966D-DECCB0B9C81E}" = MAGIX Speed 2 (MSI)
"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes
"{815D1E58-17F7-4DF4-BF8E-59D2EE575FCA}" = MAGIX Video deluxe 16 Plus Sonderedition
"{82C113AD-486F-4bd5-A2EA-2383AF57D084}" = D1500_Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8B8240B3-891D-4965-AA51-8799622D44FF}" = DJ_SF_03_D1500_ProductContext
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}" = FSCLounge
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{B1421599-A42D-47ef-B512-B9B0317BD599}" = DJ_SF_03_D1500_Software
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = USB PC Camera
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F31C9A68-7F07-4B96-AC58-F71D5DF3DA89}" = MAGIX Screenshare
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo WinOptimizer 4_is1" = Ashampoo WinOptimizer 4.35
"Audiograbber" = Audiograbber 1.83 SE
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Azureus" = Azureus
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX-Setup
"E77704EF5E71F4F18CADFBFA68595AFE036D5D97" = Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"ElsterFormular 13.0.0.8086p" = ElsterFormular
"FlashGet 2.0" = FlashGet 2.0
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Free Audio Editor" = Free Audio Editor
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"HOMESTUDENTR" = Microsoft Office Home and Student 2007-Testversion
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{7595EEB5-6637-49B6-B191-DB5108F7ECB4}" = PC Camer@
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"MAGIX_MSI_Videodeluxe16_plus" = MAGIX Video deluxe 16 Plus Sonderedition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mein CEWE FOTOBUCH" = Mein CEWE FOTOBUCH
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Steam App 8930" = Sid Meier's Civilization V
"SystemRequirementsLab" = System Requirements Lab
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Uninstall_is1" = Uninstall 1.0.0.1
"Vista Icon Pack ST_is1" = Vista Icon Pack ST
"VLC media player" = VideoLAN VLC media player 0.8.6e
"Voozie Maker" = Voozie Maker
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"Xilisoft Video Converter" = Xilisoft Video Converter 3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Move Media Player" = Move Media Player
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 06.07.2010 17:40:28 | Computer Name = Machete81-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.1.3776 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 15c4 Anfangszeit: 01cb1d538342fc73 Zeitpunkt der Beendigung:
4
Error - 06.07.2010 17:40:43 | Computer Name = Machete81-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung brsvc01a.exe, Version 1.0.0.3, Zeitstempel 0x3cb65dc7,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0x00000000, Prozess-ID 0x5e4, Anwendungsstartzeit 01cb1d469961e6fc.
Error - 06.07.2010 17:43:36 | Computer Name = Machete81-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 06.07.2010 17:43:36 | Computer Name = Machete81-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 06.07.2010 17:48:31 | Computer Name = Machete81-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 06.07.2010 17:48:31 | Computer Name = Machete81-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.07.2010 18:44:59 | Computer Name = Machete81-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 07.07.2010 18:45:01 | Computer Name = Machete81-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 08.07.2010 14:48:59 | Computer Name = Machete81-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 08.07.2010 14:48:59 | Computer Name = Machete81-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ Media Center Events ]
Error - 21.03.2010 18:47:07 | Computer Name = Machete81-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 23.04.2010 20:33:37 | Computer Name = Machete81-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 13.06.2010 10:55:04 | Computer Name = Machete81-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 19.08.2010 17:05:19 | Computer Name = Machete81-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 13.10.2010 21:44:15 | Computer Name = Machete81-PC | Source = Recording | ID = 19
Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 10/14/2010 03:44:15
automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen.
Error - 22.10.2010 20:31:07 | Computer Name = Machete81-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 23.10.2010 19:56:49 | Computer Name = Machete81-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 05.11.2010 15:28:56 | Computer Name = Machete81-PC | Source = Recording | ID = 19
Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 11/05/2010 20:28:56
automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen.
Error - 28.11.2010 13:51:21 | Computer Name = Machete81-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 01.05.2011 15:09:17 | Computer Name = Machete81-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
[ System Events ]
Error - 16.03.2012 21:03:55 | Computer Name = Machete81-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 16.03.2012 21:31:19 | Computer Name = Machete81-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 16.03.2012 21:31:56 | Computer Name = Machete81-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 16.03.2012 21:31:58 | Computer Name = Machete81-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 16.03.2012 21:42:41 | Computer Name = Machete81-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 16.03.2012 21:57:10 | Computer Name = Machete81-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 16.03.2012 21:58:41 | Computer Name = Machete81-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 16.03.2012 21:58:42 | Computer Name = Machete81-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 16.03.2012 22:23:22 | Computer Name = Machete81-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 16.03.2012 22:48:24 | Computer Name = Machete81-PC | Source = Service Control Manager | ID = 7034
Description =
< End of report >
Und AntiVir haut immer fleißig Meldungen raus über die Datei: Code:
Exportierte Ereignisse:
17.03.2012 04:25 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 04:10 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe078.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 04:10 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 04:10 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe081.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 04:09 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe078.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 04:09 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 04:09 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe081.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 03:51 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 03:43 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 03:17 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 03:13 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 03:13 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 03:01 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 02:58 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 02:04 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 02:04 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 02:02 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 02:02 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 01:56 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 01:56 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 01:56 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 01:56 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 01:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
17.03.2012 01:40 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe080.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
13.03.2012 22:14 [Guard] AntiVir Guard deaktiviert
AntiVir Guard wurde deaktiviert.
29.02.2012 12:49 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Local\temp\Photo.class'
wurde ein Virus oder unerwünschtes Programm 'EXP/CVE-2010-0840' [exploit]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
26.02.2012 15:09 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
26.02.2012 15:09 [Guard] Malware gefunden
In der Datei 'C:\Users\Machete 81\AppData\Roaming\BAcroIEHelpe.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.Banker.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
|
