Anitvir Virus? ; Aufforderung zur Zahlung von 50 €
Hallo Trojaner Board,
ich habe seit gestern Nacht ein Trojaner auf dem PC, dort werde ich gebeten 50 euro zu zahlen.
hatte blackscreen mit der fehlermeldung. nach dem OTL Scan im abgesicherten Modus,geht jetzt mein normaler Modus( habe antivir ausgeschaltet),gehe davon aus,dass es mit dem programm zu tun hat.
Hier die Fehlermeldung: http://www.trojaner-board.de/members...picture304.jpg
Hier die Loggs von OTL:
Extras: Code:
OTL Extras logfile created on: 15.03.2012 14:37:42 - Run 3
OTL by OldTimer - Version 3.2.37.0 Folder = C:\Documents and Settings\Administrator\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,17 Gb Available Physical Memory | 79,34% Memory free
5,74 Gb Paging File | 5,26 Gb Available in Paging File | 91,68% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286,97 Gb Total Space | 208,88 Gb Free Space | 72,79% Space Free | Partition Type: NTFS
Drive D: | 644,53 Gb Total Space | 348,72 Gb Free Space | 54,10% Space Free | Partition Type: NTFS
Computer Name: XP64-SP2 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.vbe [@ = VBEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.vbs [@ = VBSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsf [@ = WSFFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsh [@ = WSHFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\WINDOWS\system32\mshtml.dll,PrintHTML "%1"
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\Program Files (x86)\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\Program Files (x86)\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"57103:TCP" = 57103:TCP:*:Enabled:Pando Media Booster
"57103:UDP" = 57103:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"2286:UDP" = 2286:UDP:*:Enabled:Windows Media Format SDK (wmplayer.exe)
"2287:UDP" = 2287:UDP:*:Enabled:Windows Media Format SDK (wmplayer.exe)
"57103:TCP" = 57103:TCP:*:Enabled:Pando Media Booster
"57103:UDP" = 57103:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" = C:\Program Files (x86)\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe
"C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" = C:\Program Files (x86)\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files (x86)\ICQ7.6\ICQ.exe" = C:\Program Files (x86)\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" = C:\Program Files (x86)\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe
"C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" = C:\Program Files (x86)\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files (x86)\ICQ7.6\ICQ.exe" = C:\Program Files (x86)\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe" = C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" = C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" = C:\Program Files (x86)\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe
"C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" = C:\Program Files (x86)\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Steam\steamapps\shengiboy619\half-life 2 deathmatch\hl2.exe" = C:\Program Files (x86)\Steam\steamapps\shengiboy619\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2
"C:\Documents and Settings\Administrator\Desktop\Programme\SFT Loader\leecher.exe" = C:\Documents and Settings\Administrator\Desktop\Programme\SFT Loader\leecher.exe:*:Enabled:SFT Loader -- (velocode)
"C:\Program Files (x86)\SopCast\adv\SopAdver.exe" = C:\Program Files (x86)\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files (x86)\SopCast\SopCast.exe" = C:\Program Files (x86)\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files (x86)\Java\jre6\bin\java.exe" = C:\Program Files (x86)\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App
"C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EX00.640\leecher.exe" = C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EX00.640\leecher.exe:*:Enabled:SFT Loader
"C:\Documents and Settings\Administrator\Desktop\teamspeak3-server_win64\ts3server_win64.exe" = C:\Documents and Settings\Administrator\Desktop\teamspeak3-server_win64\ts3server_win64.exe:*:Enabled:TeamSpeak 3 Server
"C:\Program Files (x86)\TVUPlayer\TVUPlayer.exe" = C:\Program Files (x86)\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component
"C:\Program Files (x86)\QIP Infium\infium.exe" = C:\Program Files (x86)\QIP Infium\infium.exe:*:Enabled:QIP Infium -- (QIP)
"C:\Program Files (x86)\Steam\Steam.exe" = C:\Program Files (x86)\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\Games\Borlands\Binaries\Borderlands.exe" = D:\Games\Borlands\Binaries\Borderlands.exe:*:Enabled:Borderlands
"C:\Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World
"C:\Documents and Settings\walera\Local Settings\Temp\Rar$EX00.203\teamspeak3-server_win64\ts3server_win64.exe" = C:\Documents and Settings\walera\Local Settings\Temp\Rar$EX00.203\teamspeak3-server_win64\ts3server_win64.exe:*:Enabled:TeamSpeak 3 Server
"C:\Program Files (x86)\teamspeak3-server_win64\ts3server_win64.exe" = C:\Program Files (x86)\teamspeak3-server_win64\ts3server_win64.exe:*:Enabled:TeamSpeak 3 Server
"C:\Documents and Settings\walera\Desktop\Programme\SFT Loader\leecher.exe" = C:\Documents and Settings\walera\Desktop\Programme\SFT Loader\leecher.exe:*:Enabled:SFT Loader
"C:\WINDOWS\SysWOW64\PnkBstrA.exe" = C:\WINDOWS\SysWOW64\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\SysWOW64\PnkBstrB.exe" = C:\WINDOWS\SysWOW64\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe" = C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade
"D:\Games\Left4Dead\hl2.exe" = D:\Games\Left4Dead\hl2.exe:*:Enabled:hl2
"C:\Program Files (x86)\Activision\Prototype\prototypef.exe" = C:\Program Files (x86)\Activision\Prototype\prototypef.exe:*:Enabled:Prototype(TM) -- (Activision)
"D:\Games\Fifa 11\Game\fifa.exe" = D:\Games\Fifa 11\Game\fifa.exe:*:Enabled:FIFA 11
"D:\Games\PES 11\pes2011.exe" = D:\Games\PES 11\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011 -- (Konami Digital Entertainment Co., Ltd.)
"D:\Games\Medal of Honor - 10\MP\mohmpgame.exe" = D:\Games\Medal of Honor - 10\MP\mohmpgame.exe:*:Enabled:Medal of Honor: Multiplayer -- (EA Digital Illusions CE AB)
"D:\Games\Medal of Honor - 10\Binaries\moh.exe" = D:\Games\Medal of Honor - 10\Binaries\moh.exe:*:Enabled:Medal of Honor™ -- (Electronic Arts Inc.)
"D:\Games\NBA_2K11-FLT\nba2k11.exe" = D:\Games\NBA_2K11-FLT\nba2k11.exe:*:Enabled:NBA 2K11 -- (2K Sports)
"D:\Games\Call.of.Duty.Black.Ops.UNCUT.GERMAN-0x0007\Call of Duty Black Ops GERMAN Uncut\BlackOps.exe" = D:\Games\Call.of.Duty.Black.Ops.UNCUT.GERMAN-0x0007\Call of Duty Black Ops GERMAN Uncut\BlackOps.exe:*:Enabled:BlackOps
"C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe" = C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe:*:Enabled:TVersity Media Server -- ()
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" = C:\Program Files (x86)\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files (x86)\Steam\steamapps\shengiboy619\day of defeat source\hl2.exe" = C:\Program Files (x86)\Steam\steamapps\shengiboy619\day of defeat source\hl2.exe:*:Enabled:Day of Defeat: Source
"C:\Program Files (x86)\Steam\steamapps\shengiboy619\counter-strike source\hl2.exe" = C:\Program Files (x86)\Steam\steamapps\shengiboy619\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source
"C:\Program Files (x86)\Steam\steamapps\shengiboy619\counter-strike\hl.exe" = C:\Program Files (x86)\Steam\steamapps\shengiboy619\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"D:\Games\Portal 2\portal2.exe" = D:\Games\Portal 2\portal2.exe:*:Enabled:portal2 -- ()
"C:\Program Files (x86)\ICQ7.4\ICQ.exe" = C:\Program Files (x86)\ICQ7.4\ICQ.exe:*:Enabled:ICQ
"D:\Games\Postal 2 - Apocalypse Weekend\System\UCC.exe" = D:\Games\Postal 2 - Apocalypse Weekend\System\UCC.exe:*:Enabled:UCC -- ()
"D:\Games\Postal 2 - Apocalypse Weekend\System\postal2.exe" = D:\Games\Postal 2 - Apocalypse Weekend\System\postal2.exe:*:Enabled:postal2 -- ()
"D:\Games\Dead Rising 2\deadrising2.exe" = D:\Games\Dead Rising 2\deadrising2.exe:*:Enabled:Dead Rising 2 -- (CAPCOM CO., LTD.)
"D:\Games\Need for Speed Hot Pursuit\Launcher.exe" = D:\Games\Need for Speed Hot Pursuit\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit -- (Electronic Arts)
"D:\Games\Need for Speed Hot Pursuit\NFS11.exe" = D:\Games\Need for Speed Hot Pursuit\NFS11.exe:*:Enabled:Need for Speed(TM) Hot Pursuit Application -- (Electronic Arts)
"C:\Documents and Settings\Administrator\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\Administrator\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files (x86)\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files (x86)\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- ()
"C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- ()
"C:\Program Files (x86)\Steam\steamapps\retsche10\counter-strike source\hl2.exe" = C:\Program Files (x86)\Steam\steamapps\retsche10\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
"C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe" = C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- ()
"D:\Games\dead_island_reloaded\Dead Island\deadislandgame.exe" = D:\Games\dead_island_reloaded\Dead Island\deadislandgame.exe:*:Enabled:DeadIsland -- (Techland)
"C:\Program Files (x86)\ICQ7.5\ICQ.exe" = C:\Program Files (x86)\ICQ7.5\ICQ.exe:*:Enabled:ICQ
"C:\Program Files (x86)\ICQ7.6\ICQ.exe" = C:\Program Files (x86)\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
"C:\Program Files (x86)\Net Tools\nettools5.exe" = C:\Program Files (x86)\Net Tools\nettools5.exe:*:Enabled:Net Tools by Mohammad Ahmadi Bidakhvidi
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe" = C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" = C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files (x86)\ICQ6.5\ICQ.exe" = C:\Program Files (x86)\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe
"C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" = C:\Program Files (x86)\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Steam\steamapps\shengiboy619\half-life 2 deathmatch\hl2.exe" = C:\Program Files (x86)\Steam\steamapps\shengiboy619\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2
"C:\Documents and Settings\Administrator\Desktop\Programme\SFT Loader\leecher.exe" = C:\Documents and Settings\Administrator\Desktop\Programme\SFT Loader\leecher.exe:*:Enabled:SFT Loader -- (velocode)
"C:\Program Files (x86)\SopCast\adv\SopAdver.exe" = C:\Program Files (x86)\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files (x86)\SopCast\SopCast.exe" = C:\Program Files (x86)\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files (x86)\Java\jre6\bin\java.exe" = C:\Program Files (x86)\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EX00.640\leecher.exe" = C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EX00.640\leecher.exe:*:Enabled:SFT Loader
"C:\Documents and Settings\Administrator\Desktop\teamspeak3-server_win64\ts3server_win64.exe" = C:\Documents and Settings\Administrator\Desktop\teamspeak3-server_win64\ts3server_win64.exe:*:Enabled:TeamSpeak 3 Server
"C:\Program Files (x86)\TVUPlayer\TVUPlayer.exe" = C:\Program Files (x86)\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component
"C:\Program Files (x86)\QIP Infium\infium.exe" = C:\Program Files (x86)\QIP Infium\infium.exe:*:Enabled:QIP Infium -- (QIP)
"C:\Program Files (x86)\Steam\Steam.exe" = C:\Program Files (x86)\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\Games\Borlands\Binaries\Borderlands.exe" = D:\Games\Borlands\Binaries\Borderlands.exe:*:Enabled:Borderlands
"C:\Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Application Data\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World
"C:\Documents and Settings\walera\Local Settings\Temp\Rar$EX00.203\teamspeak3-server_win64\ts3server_win64.exe" = C:\Documents and Settings\walera\Local Settings\Temp\Rar$EX00.203\teamspeak3-server_win64\ts3server_win64.exe:*:Enabled:TeamSpeak 3 Server
"C:\Program Files (x86)\teamspeak3-server_win64\ts3server_win64.exe" = C:\Program Files (x86)\teamspeak3-server_win64\ts3server_win64.exe:*:Enabled:TeamSpeak 3 Server
"C:\Documents and Settings\walera\Desktop\Programme\SFT Loader\leecher.exe" = C:\Documents and Settings\walera\Desktop\Programme\SFT Loader\leecher.exe:*:Enabled:SFT Loader
"C:\WINDOWS\SysWOW64\PnkBstrA.exe" = C:\WINDOWS\SysWOW64\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\SysWOW64\PnkBstrB.exe" = C:\WINDOWS\SysWOW64\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe" = C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade
"D:\Games\Left4Dead\hl2.exe" = D:\Games\Left4Dead\hl2.exe:*:Enabled:hl2
"C:\Program Files (x86)\Activision\Prototype\prototypef.exe" = C:\Program Files (x86)\Activision\Prototype\prototypef.exe:*:Enabled:Prototype(TM) -- (Activision)
"D:\Games\Fifa 11\Game\fifa.exe" = D:\Games\Fifa 11\Game\fifa.exe:*:Enabled:FIFA 11
"D:\Games\PES 11\pes2011.exe" = D:\Games\PES 11\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011 -- (Konami Digital Entertainment Co., Ltd.)
"D:\Games\Medal of Honor - 10\MP\mohmpgame.exe" = D:\Games\Medal of Honor - 10\MP\mohmpgame.exe:*:Enabled:Medal of Honor: Multiplayer -- (EA Digital Illusions CE AB)
"D:\Games\Medal of Honor - 10\Binaries\moh.exe" = D:\Games\Medal of Honor - 10\Binaries\moh.exe:*:Enabled:Medal of Honor™ -- (Electronic Arts Inc.)
"D:\Games\NBA_2K11-FLT\nba2k11.exe" = D:\Games\NBA_2K11-FLT\nba2k11.exe:*:Enabled:NBA 2K11 -- (2K Sports)
"D:\Games\Call.of.Duty.Black.Ops.UNCUT.GERMAN-0x0007\Call of Duty Black Ops GERMAN Uncut\BlackOps.exe" = D:\Games\Call.of.Duty.Black.Ops.UNCUT.GERMAN-0x0007\Call of Duty Black Ops GERMAN Uncut\BlackOps.exe:*:Enabled:BlackOps
"C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe" = C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe:*:Enabled:TVersity Media Server -- ()
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" = C:\Program Files (x86)\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files (x86)\Steam\steamapps\shengiboy619\day of defeat source\hl2.exe" = C:\Program Files (x86)\Steam\steamapps\shengiboy619\day of defeat source\hl2.exe:*:Enabled:Day of Defeat: Source
"C:\Program Files (x86)\Steam\steamapps\shengiboy619\counter-strike source\hl2.exe" = C:\Program Files (x86)\Steam\steamapps\shengiboy619\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source
"C:\Program Files (x86)\Steam\steamapps\shengiboy619\counter-strike\hl.exe" = C:\Program Files (x86)\Steam\steamapps\shengiboy619\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"D:\Games\Portal 2\portal2.exe" = D:\Games\Portal 2\portal2.exe:*:Enabled:portal2 -- ()
"C:\Program Files (x86)\ICQ7.4\ICQ.exe" = C:\Program Files (x86)\ICQ7.4\ICQ.exe:*:Enabled:ICQ
"D:\Games\Postal 2 - Apocalypse Weekend\System\UCC.exe" = D:\Games\Postal 2 - Apocalypse Weekend\System\UCC.exe:*:Enabled:UCC -- ()
"D:\Games\Postal 2 - Apocalypse Weekend\System\postal2.exe" = D:\Games\Postal 2 - Apocalypse Weekend\System\postal2.exe:*:Enabled:postal2 -- ()
"D:\Games\Dead Rising 2\deadrising2.exe" = D:\Games\Dead Rising 2\deadrising2.exe:*:Enabled:Dead Rising 2 -- (CAPCOM CO., LTD.)
"D:\Games\Need for Speed Hot Pursuit\Launcher.exe" = D:\Games\Need for Speed Hot Pursuit\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit -- (Electronic Arts)
"D:\Games\Need for Speed Hot Pursuit\NFS11.exe" = D:\Games\Need for Speed Hot Pursuit\NFS11.exe:*:Enabled:Need for Speed(TM) Hot Pursuit Application -- (Electronic Arts)
"C:\Documents and Settings\Administrator\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\Administrator\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" = C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files (x86)\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files (x86)\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- ()
"C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- ()
"C:\Program Files (x86)\Steam\steamapps\retsche10\counter-strike source\hl2.exe" = C:\Program Files (x86)\Steam\steamapps\retsche10\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
"C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe" = C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- ()
"D:\Games\dead_island_reloaded\Dead Island\deadislandgame.exe" = D:\Games\dead_island_reloaded\Dead Island\deadislandgame.exe:*:Enabled:DeadIsland -- (Techland)
"C:\Program Files (x86)\ICQ7.5\ICQ.exe" = C:\Program Files (x86)\ICQ7.5\ICQ.exe:*:Enabled:ICQ
"C:\Program Files (x86)\ICQ7.6\ICQ.exe" = C:\Program Files (x86)\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
"C:\Program Files (x86)\Net Tools\nettools5.exe" = C:\Program Files (x86)\Net Tools\nettools5.exe:*:Enabled:Net Tools by Mohammad Ahmadi Bidakhvidi
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D5E29E9-0914-A86D-8E67-DBAFF954DD8A}" = ATI Catalyst Install Manager
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}" = GEAR driver installer for x64 (Intel64 and AMD64)
"{523C35EE-B401-1EAA-D162-9BFC5CD2CE21}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6EE201F8-D9D1-2D19-CBDA-1031E767B46A}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0300D4E-9907-46B1-BB5D-552FD226F975}" = Microsoft Windows German User Interface Pack
"{D16193A3-921A-4134-B381-597C8F4B8EBD}" = PaperPort Image Printer
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows x64
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11-64" = Windows Media Format 11 runtime
"wmp11-64" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0468A4CF-069D-86B6-84BD-F8E4F86E2631}" = Catalyst Control Center Graphics Previews Common
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0D93041A-03EC-11DA-BFBD-00065BBDC0B5}" = MSN Messenger 7.5
"{1148E85C-E1AF-48E0-A29C-68DACE07E054}" = Pro Evolution Soccer 2011
"{1960E0DF-6A10-422A-A4DD-79E748C36A49}" = Microsoft LifeCam
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1CC15F50-9681-1653-62F6-7D263D072E25}" = Catalyst Control Center Graphics Previews Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{24F5BFDD-18E0-41F6-8A68-A22C742FC4A1}" = TubeBox!
"{25A4B97E-DDAE-3B29-E0EF-F6E6AC21EF71}" = Catalyst Control Center InstallProxy
"{25B9C7BE-5CFD-6173-D3E1-6E4C9EBD8658}" = Catalyst Control Center Graphics Light
"{26999308-FF96-5FBF-B2DB-12E66346FA3A}" = CCC Help German
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 23
"{2927733E-A961-BA53-03C5-03774A081030}" = ccc-core-static
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 3.209.00
"{30148775-0642-7507-58EA-3CDB7E828BA2}" = Catalyst Control Center Core Implementation
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3972209B-4946-9B49-1911-0AC122FB8073}" = CCC Help Russian
"{40261D0A-A385-4C1A-A7DE-5F270D9B1031}" = Nero 7 Ultra Edition
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{43165058-0CD3-F336-0B4E-879A03DC8F50}" = Catalyst Control Center Graphics Full Existing
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010
"{43F18082-D8A1-5A37-829D-CF1C4ED9ED2A}" = CCC Help Portuguese
"{4761EB82-E8BD-45A4-B19B-586FA9D1D7E6}" = Camtasia Studio 6
"{4905D4CA-7295-F988-AE8A-B04675295133}" = CCC Help Thai
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{55A83F62-4CC7-8A5F-0FB0-FE55B53B3ED1}" = CCC Help Finnish
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B31B7DD-ED2E-F515-C900-B2E91138A34F}" = ccc-core-preinstall
"{5C65178E-D3DE-BBBE-AAC3-F6B35E3CE9AD}" = CCC Help Spanish
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5F032DC8-A020-D42E-F2E6-41C748A92A06}" = Catalyst Control Center Graphics Full New
"{618A812B-3099-8DB2-C8E4-95D15A7B7CD5}" = Catalyst Control Center HydraVision Full
"{6A7E75AF-C2C7-4B1E-FE46-E0979833D6D5}" = CCC Help Spanish
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B48554C-9089-4177-A38D-B8FE122F11FC}" = TubeBox!
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71AFFCBF-0864-C19D-0C07-5DF67BA0382D}" = CCC Help Turkish
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1" = Flyff
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.3.0
"{81DD0597-29EB-4FA0-8223-4F41362B2E72}" = NBA 2K11
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{8425081E-FEFF-6E4B-408E-53345859896C}" = CCC Help English
"{8946D1C8-B1A3-2D2D-731A-E9D29B9FE5CF}" = CCC Help German
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{8F75F503-B422-1608-4688-9B7AEBAE72A5}" = CCC Help French
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90FE2C60-A4C3-D61D-790A-9493EE405AEA}" = CCC Help Swedish
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ADAA5D11-5D8F-31EC-1992-693239110308}" = CCC Help French
"{AFADD3B4-021C-9005-7BC2-6D1CD5D6C148}" = CCC Help Italian
"{B21C00B6-2B53-BB00-B4FE-27316019A9C5}" = CCC Help Chinese Traditional
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B43FFAD8-47AD-4F8D-F14B-F4AECD521171}" = Catalyst Control Center
"{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
"{BD7CDF5A-315E-A085-CF42-921B37D7A507}" = CCC Help Hungarian
"{BE9269F2-562B-7BC7-9BE9-16EF8B52B403}" = Catalyst Control Center Localization All
"{BF243C52-D0D2-A777-D388-DFCCF00FFC23}" = CCC Help Dutch
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam-Software
"{C7370250-3AA3-23F8-DE52-21701C911BBD}" = CCC Help Korean
"{C7DA1638-A3B9-0AF6-B1B3-5ACBC08E7204}" = CCC Help Polish
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE709472-FCC6-698B-2F25-EA0531EAE88B}" = CCC Help English
"{CF283C0A-B5D9-EB97-E2F4-32E88FD8233F}" = CCC Help Portuguese
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D472CC91-8FFC-B07C-F755-363498CF7724}" = CCC Help Danish
"{D68E33C8-F508-F069-FF15-59B2BF50B0D3}" = CCC Help Japanese
"{D82DC9BA-D752-2D34-4412-3984C4D9BA27}" = Catalyst Control Center Localization All
"{E236A12C-FE29-49C4-C10C-F9AFF2EE8D39}" = CCC Help Chinese Standard
"{EFA83B92-06EA-D90D-1342-A7872D97B89F}" = CCC Help Italian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FAFD1909-311F-2035-6C97-7151A3B485C5}" = CCC Help Greek
"{FD433CFA-5819-54FC-005C-140926CDBB6F}" = CCC Help Czech
"{FF97034A-E1FE-CC80-E5D4-549796B72E36}" = CCC Help Norwegian
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"AnyDVD" = AnyDVD
"Avira AntiVir Desktop" = Avira Free Antivirus
"AviSynth" = AviSynth 2.5
"DivX Setup" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.9.908
"GameSaike SixaxisDriver_is1" = SixaxisDriver 0.91
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"HxD Hex Editor_is1" = HxD Hex Editor version 1.7.7.0
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.7.0
"Mafia II_is1" = Mafia II
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"NetTools_is1" = NetTools 5.0
"OpenAL" = OpenAL
"Postal 2" = Postal 2
"Postal 2 - Apocalypse Weekend_is1" = Postal 2 - Apocalypse Weekend
"Postal 2 - Share The Pain_is1" = Postal 2 - Share The Pain
"Postal 2_is1" = Portal 2
"PriceGong" = PriceGong 2.1.0
"PS3 Video 9" = PS3 Video 9 6
"PunkBusterSvc" = PunkBuster Services
"SopCast" = SopCast 3.2.9
"Steam App 10" = Counter-Strike
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 300" = Day of Defeat: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"TVersity Codec Pack" = TVersity Codec Pack 1.4
"TVersity Media Server" = TVersity Media Server 1.9.3
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 1.1.11
"WinPcapInst" = WinPcap 3.0
"YouTube Downloader App" = YouTube Downloader App 3.00
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP Infium" = QIP Infium 2.0.9034
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 15.03.2012 08:57:34 | Computer Name = XP64-SP2 | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 15.03.2012 09:28:06 | Computer Name = XP64-SP2 | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 15.03.2012 09:28:06 | Computer Name = XP64-SP2 | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 15.03.2012 09:28:10 | Computer Name = XP64-SP2 | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 15.03.2012 09:28:10 | Computer Name = XP64-SP2 | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 15.03.2012 09:31:37 | Computer Name = XP64-SP2 | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 15.03.2012 09:31:37 | Computer Name = XP64-SP2 | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 15.03.2012 09:31:40 | Computer Name = XP64-SP2 | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 15.03.2012 09:31:40 | Computer Name = XP64-SP2 | Source = Userenv | ID = 1041
Description = Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}"
nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich
durch eine fehlerhafte Registrierung verursacht.
Error - 15.03.2012 09:31:53 | Computer Name = XP64-SP2 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 0.0.0.0, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
[ OSession Events ]
Error - 09.11.2010 05:02:06 | Computer Name = XP64-SP2 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 29.12.2011 08:18:37 | Computer Name = XP64-SP2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 29.12.2011 08:19:50 | Computer Name = XP64-SP2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 29.12.2011 08:38:39 | Computer Name = XP64-SP2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 29.12.2011 08:40:58 | Computer Name = XP64-SP2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 29.12.2011 08:42:00 | Computer Name = XP64-SP2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 29.12.2011 08:43:18 | Computer Name = XP64-SP2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 29.12.2011 08:44:34 | Computer Name = XP64-SP2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 29.12.2011 19:03:15 | Computer Name = XP64-SP2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 30.12.2011 06:26:50 | Computer Name = XP64-SP2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 30.12.2011 06:38:47 | Computer Name = XP64-SP2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
OTL: Code:
OTL logfile created on: 15.03.2012 14:37:42 - Run 3
OTL by OldTimer - Version 3.2.37.0 Folder = C:\Documents and Settings\Administrator\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,17 Gb Available Physical Memory | 79,34% Memory free
5,74 Gb Paging File | 5,26 Gb Available in Paging File | 91,68% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286,97 Gb Total Space | 208,88 Gb Free Space | 72,79% Space Free | Partition Type: NTFS
Drive D: | 644,53 Gb Total Space | 348,72 Gb Free Space | 54,10% Space Free | Partition Type: NTFS
Computer Name: XP64-SP2 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\WINDOWS\SysWOW64\PnkBstrB.exe ()
PRC - C:\WINDOWS\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files (x86)\Microsoft LifeCam\MSCamSvc.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\WINDOWS\SysWOW64\PnkBstrB.exe ()
MOD - C:\WINDOWS\SysWOW64\PnkBstrA.exe ()
MOD - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
========== Win32 Services (SafeList) ==========
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (TVersityMediaServer) -- C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe ()
SRV - (PnkBstrB) -- C:\WINDOWS\SysWOW64\PnkBstrB.exe ()
SRV - (Spooler) -- C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\WINDOWS\SysWOW64\PnkBstrA.exe ()
SRV - (NMSAccess) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (npggsvc) -- C:\WINDOWS\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (ATI Smart) -- C:\WINDOWS\SysWOW64\ati2saag.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (MSCamSvc) -- C:\Program Files (x86)\Microsoft LifeCam\MSCamSvc.exe (Microsoft Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (GEARAspiWDM) -- C:\WINDOWS\Sysnative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (AnyDVD) -- C:\WINDOWS\SysWOW64\Drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (StarOpen) -- C:\WINDOWS\SysWow64\drivers\StarOpen.sys ()
DRV - (mnmdd) -- C:\WINDOWS\SysWow64\mnmdd.dll (Microsoft Corporation)
DRV - (Winsock) -- C:\WINDOWS\SysWow64\winsock.dll (Microsoft Corporation)
DRV - (NPPTNT2) -- C:\WINDOWS\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
DRV - (NPF) -- C:\WINDOWS\SysWOW64\Drivers\npf.sys (Politecnico di Torino)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = hxxp://search.qip.ru/?query={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.qip.ru/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=PV&apn_dtid=&apn_uid=DFA3D23A-BBD0-4E03-91F0-D97334FE39CA&apn_sauid=7CAF5C9D-D03B-4815-AE7F-AEA2B24A26CE
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = hxxp://search.qip.ru/?query={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.9&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrator\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.20 22:46:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 13:45:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.25 19:53:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.1.0\FF [2010.09.26 22:57:08 | 000,000,000 | ---D | M]
[2010.01.27 11:39:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions
[2012.03.01 18:17:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\2r5pe3hm.default\extensions
[2010.05.27 16:25:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\2r5pe3hm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.12 20:33:02 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\2r5pe3hm.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2012.01.05 13:05:39 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\2r5pe3hm.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.26 19:32:26 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\2r5pe3hm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.12.23 20:52:08 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\2r5pe3hm.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.03.01 18:17:39 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\2r5pe3hm.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.02.04 20:30:26 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\2r5pe3hm.default\extensions\firefox@tvunetworks.com
[2011.04.27 19:09:57 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\askcom.xml
[2010.10.06 19:37:07 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\conduit.xml
[2012.03.12 14:27:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-1.xml
[2011.03.07 13:36:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-10.xml
[2011.03.11 21:37:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-11.xml
[2011.03.26 11:22:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-12.xml
[2011.04.29 20:11:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-13.xml
[2011.05.08 10:29:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-14.xml
[2011.06.22 12:28:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-15.xml
[2011.08.18 11:36:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-16.xml
[2011.11.10 12:06:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-17.xml
[2010.08.25 09:36:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-2.xml
[2010.09.09 15:59:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-3.xml
[2010.09.17 18:53:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-4.xml
[2010.09.26 23:23:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-5.xml
[2010.10.29 08:51:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-6.xml
[2010.10.30 13:00:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-7.xml
[2010.12.12 05:26:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-8.xml
[2011.03.04 07:40:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin-9.xml
[2011.03.30 13:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\icqplugin.xml
[2010.04.20 21:27:45 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2r5pe3hm.default\searchplugins\qip-search.xml
[2011.11.10 12:06:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.04.27 19:22:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\2R5PE3HM.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI
[2012.02.18 13:45:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.14 06:31:23 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.14 06:31:23 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.14 06:31:23 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.14 06:31:23 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.14 06:31:23 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.14 06:31:23 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
Hosts file not found
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files (x86)\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [SkypeM] C:\Documents and Settings\Administrator\Local Settings\Application Data\Skype\Skype.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - %SystemRoot%\system32\mswsock.dll File not found
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1274869229406 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.220.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5A18774-BA8D-45E2-B7CE-27B58D8018F7}: DhcpNameServer = 192.168.220.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found
O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - File not found
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found
O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.27 10:46:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.03.15 12:40:03 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012.02.25 00:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\MacroX
[2012.02.20 22:45:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus
[2012.02.18 14:03:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Avira
[2012.02.18 14:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2012.02.18 14:00:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.02.18 14:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[7 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.03.15 14:31:41 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.15 14:31:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.03.15 14:27:11 | 000,000,253 | RHS- | M] () -- C:\boot.ini
[2012.03.15 12:44:49 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012.03.15 09:52:00 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.15 03:02:20 | 000,000,970 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.02.25 00:58:45 | 000,001,352 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\AutoHotkey.ahk
[2012.02.23 11:30:12 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2012.02.16 10:06:54 | 001,151,562 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[7 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.02.25 00:58:45 | 000,001,352 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\AutoHotkey.ahk
[2012.02.09 22:23:53 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2011.12.23 19:31:49 | 000,005,504 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\StarOpen.sys
[2011.10.28 12:36:33 | 000,452,096 | ---- | C] () -- C:\WINDOWS\SysWow64\nmap.exe
[2011.10.28 12:36:33 | 000,290,816 | ---- | C] () -- C:\WINDOWS\SysWow64\nmapserv.exe
[2011.08.02 17:22:46 | 000,039,064 | -H-- | C] () -- C:\WINDOWS\SysWow64\mlfcache.dat
[2011.04.29 20:16:15 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.05 21:09:48 | 000,059,904 | ---- | C] () -- C:\WINDOWS\SysWow64\OVDecode.dll
[2011.02.06 16:24:53 | 000,000,411 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.12.25 16:26:42 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.01 10:25:53 | 000,000,037 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2010.10.07 05:56:37 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2010.08.20 11:36:48 | 000,158,840 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010.08.16 11:52:30 | 000,669,184 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc.exe
[2010.08.16 11:52:30 | 000,189,248 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2010.08.16 11:52:30 | 000,066,872 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\SysWow64\xlive.dll.cat
[2010.03.24 12:41:11 | 000,000,272 | ---- | C] () -- C:\WINDOWS\_delis32.ini
========== LOP Check ==========
[2010.11.17 13:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\2K Sports
[2010.11.29 21:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Bioshock2
[2011.12.23 19:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canneverbe Limited
[2010.01.27 13:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite
[2011.09.13 15:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoft
[2011.08.26 19:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers
[2012.02.02 22:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Electronic Arts
[2012.03.15 14:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICQ
[2011.08.02 18:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Jens Lorek
[2010.10.10 10:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2011.07.01 11:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\LolClient
[2011.05.15 21:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mael
[2010.09.09 17:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Need for Speed World
[2011.05.14 20:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Octoshape
[2012.03.07 15:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PriceGong
[2010.03.12 20:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\QIP
[2011.12.23 15:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Red Kawa
[2011.12.23 15:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Regensoft
[2011.04.29 01:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ScanSoft
[2012.01.20 10:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TS3Client
[2010.11.13 15:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TubeBox
[2010.07.06 07:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010.02.03 20:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011.12.23 19:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2010.10.09 17:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010.01.27 11:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.10.19 08:04:40 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\DSS
[2011.05.12 12:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2011.05.12 12:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010.01.28 11:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlashFXP
[2011.10.25 16:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010.10.09 10:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KONAMI
[2010.01.27 12:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010.03.05 14:20:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010.07.24 11:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2011.08.02 18:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010.01.29 07:44:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Redirected
[2010.01.27 11:33:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2012.02.09 22:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2011.05.12 12:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2010.01.27 12:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2012.03.15 14:30:25 | 000,032,526 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt
========== Purity Check ==========
< End of report >
Ich bedanke mich im voraus |
