Trojaner-Board - Internet Explorer öffnet sich von selber mit Werbung, brauche hil.e(Neu,wenig Ahnung)

Code:

OTL logfile created on: 20.05.2010 22:35:22 - Run 1

OTL by OldTimer - Version 3.2.5.0     Folder = C:\Users\Bloodangel\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 73,00% Memory free

12,00 Gb Paging File | 10,00 Gb Available in Paging File | 85,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 225,95 Gb Total Space | 189,82 Gb Free Space | 84,01% Space Free | Partition Type: NTFS

Drive D: | 931,51 Gb Total Space | 763,81 Gb Free Space | 82,00% Space Free | Partition Type: NTFS

Drive E: | 226,71 Gb Total Space | 226,61 Gb Free Space | 99,96% Space Free | Partition Type: NTFS

Drive F: | 313,72 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: PORNOSTATION

Current User Name: Bloodangel

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Include 64bit Scans

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Standard

Quick Scan

 
 ========== Processes (SafeList) ==========

 

PRC - [2010.05.20 22:33:41 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Bloodangel\Desktop\OTL.exe

PRC - [2010.05.19 15:20:28 | 000,177,152 | ---- | M] () -- C:\Windows\Dvifea.exe

PRC - [2010.05.15 14:38:27 | 000,298,608 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

PRC - [2009.12.18 11:30:04 | 000,093,568 | ---- | M] (North Star com.) -- C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe

PRC - [2009.12.09 11:24:16 | 000,076,320 | ---- | M] () -- C:\OEM\USBDECTION\USBS3S4Detection.exe

PRC - [2009.12.04 12:46:13 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe

PRC - [2009.12.04 12:38:16 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2009.11.10 18:05:34 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razerhid.exe

PRC - [2009.10.13 12:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2009.10.13 12:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

PRC - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe

PRC - [2009.07.18 05:12:12 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10c.exe

PRC - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe

PRC - [2007.08.16 17:05:16 | 000,274,432 | ---- | M] (razercfg MFC Application) -- C:\Program Files (x86)\Razer\Lachesis\OSD.exe

PRC - [2007.06.05 10:37:12 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Lachesis\razerofa.exe

 

 
 ========== Modules (SafeList) ==========

 

MOD - [2010.05.20 22:33:41 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Bloodangel\Desktop\OTL.exe

MOD - [2009.07.14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll

MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx

MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2009.11.18 07:45:38 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009.07.14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)

SRV:64bit: - [2009.07.14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)

SRV:64bit: - [2009.07.14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)

SRV:64bit: - [2009.07.14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)

SRV:64bit: - [2009.07.14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)

SRV:64bit: - [2009.07.14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)

SRV:64bit: - [2009.07.14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)

SRV:64bit: - [2009.07.14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)

SRV:64bit: - [2009.07.14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)

SRV:64bit: - [2009.07.14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)

SRV:64bit: - [2009.07.14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)

SRV:64bit: - [2009.07.14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)

SRV:64bit: - [2009.07.14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)

SRV:64bit: - [2009.07.14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)

SRV:64bit: - [2009.07.14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)

SRV:64bit: - [2009.07.14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)

SRV:64bit: - [2009.07.14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)

SRV:64bit: - [2009.07.14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)

SRV:64bit: - [2009.07.14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)

SRV:64bit: - [2009.07.14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)

SRV:64bit: - [2009.07.14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)

SRV:64bit: - [2009.07.14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)

SRV - [2010.05.15 14:45:15 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2010.02.10 06:40:49 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2009.12.09 11:24:16 | 000,076,320 | ---- | M] () [Auto | Running] -- C:\OEM\USBDECTION\USBS3S4Detection.exe -- (USBS3S4Detection)

SRV - [2009.12.04 12:46:13 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)

SRV - [2009.12.04 12:38:20 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)

SRV - [2009.10.13 12:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)

SRV - [2009.08.29 03:05:56 | 000,044,312 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)

SRV - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -- (Greg_Service)

SRV - [2009.08.25 20:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)

SRV - [2009.07.14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)

SRV - [2009.07.14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)

SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)

SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)

SRV - [2009.07.13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)

SRV - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)

SRV - [2009.06.10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)

SRV - [2008.12.08 16:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2010.05.19 19:04:37 | 000,583,296 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\cchpx64.sys -- (ccHP)

DRV:64bit: - [2010.05.19 17:20:18 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)

DRV:64bit: - [2010.05.18 11:39:13 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2010.01.20 23:18:24 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\BHDrvx64.sys -- (BHDrvx64)

DRV:64bit: - [2009.12.04 12:46:14 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\srtsp64.sys -- (SRTSP)

DRV:64bit: - [2009.12.04 12:46:14 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\SymEFA64.sys -- (SymEFA)

DRV:64bit: - [2009.12.04 12:46:14 | 000,278,576 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\symtdi.sys -- (SYMTDI)

DRV:64bit: - [2009.12.04 12:46:14 | 000,120,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\symfw.sys -- (SYMFW)

DRV:64bit: - [2009.12.04 12:46:14 | 000,056,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\symndisv.sys -- (SYMNDISV)

DRV:64bit: - [2009.12.04 12:46:14 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008000.029\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV:64bit: - [2009.12.04 12:46:14 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)

DRV:64bit: - [2009.11.18 08:21:18 | 006,171,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009.10.29 10:14:38 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)

DRV:64bit: - [2009.10.16 21:09:14 | 000,029,952 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Lachesis.sys -- (VaneFltr)

DRV:64bit: - [2009.10.13 12:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009.09.30 03:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009.09.23 11:11:04 | 000,283,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R)

DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,153,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)

DRV:64bit: - [2009.07.14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)

DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009.07.14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)

DRV:64bit: - [2009.07.14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)

DRV:64bit: - [2009.07.14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)

DRV:64bit: - [2009.07.14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)

DRV:64bit: - [2009.07.14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)

DRV:64bit: - [2009.07.14 03:43:13 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)

DRV:64bit: - [2009.07.14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)

DRV:64bit: - [2009.07.14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV:64bit: - [2009.07.14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)

DRV:64bit: - [2009.07.14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)

DRV:64bit: - [2009.07.14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)

DRV:64bit: - [2009.07.14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)

DRV:64bit: - [2009.07.14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)

DRV:64bit: - [2009.07.14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)

DRV:64bit: - [2009.07.14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)

DRV:64bit: - [2009.07.14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV:64bit: - [2009.07.14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)

DRV:64bit: - [2009.07.14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)

DRV:64bit: - [2009.07.14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)

DRV:64bit: - [2009.07.14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)

DRV:64bit: - [2009.07.14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)

DRV:64bit: - [2009.07.14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)

DRV:64bit: - [2009.07.14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)

DRV:64bit: - [2009.07.14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)

DRV:64bit: - [2009.07.14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)

DRV:64bit: - [2009.07.14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)

DRV:64bit: - [2009.07.14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2008.06.16 04:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV - [2010.05.18 20:45:56 | 001,773,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100520.002\EX64.SYS -- (NAVEX15)

DRV - [2010.05.18 20:45:56 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)

DRV - [2010.05.18 20:45:56 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2010.05.18 20:45:56 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100520.002\ENG64.SYS -- (NAVENG)

DRV - [2009.10.29 00:37:21 | 000,466,992 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100513.002\IDSviA64.sys -- (IDSVia64)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2009.07.14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)

DRV - [2009.06.10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)

DRV - [2009.06.10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ipower_g3710&r=173605107306p0485v1l5y44k1228p

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ipower_g3710&r=173605107306p0485v1l5y44k1228p

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ipower_g3710&r=173605107306p0485v1l5y44k1228p

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ipower_g3710&r=173605107306p0485v1l5y44k1228p

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ipower_g3710&r=173605107306p0485v1l5y44k1228p

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "google.de"

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010.05.20 12:34:30 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.05.16 11:23:52 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.05.16 11:23:52 | 000,000,000 | ---D | M]

 

[2010.05.16 11:23:59 | 000,000,000 | ---D | M] -- C:\Users\Bloodangel\AppData\Roaming\mozilla\Extensions

[2010.05.16 11:23:59 | 000,000,000 | ---D | M] -- C:\Users\Bloodangel\AppData\Roaming\mozilla\Firefox\Profiles\axd6y652.default\extensions

[2010.05.20 12:34:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions

[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL (Symantec Corporation)

O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)

O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)

O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()

O4 - HKLM..\Run: [Lachesis] C:\Program Files (x86)\Razer\Lachesis\razerhid.exe ()

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)

O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll (Symantec Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2003.03.25 02:01:00 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>) - F:\autorun.exe -- [ CDFS ]

O32 - AutoRun File - [2003.03.25 02:00:00 | 000,000,047 | R--- | M] () - F:\autorun.inf -- [ CDFS ]

O32 - AutoRun File - [2003.03.25 02:01:00 | 000,001,042 | R--- | M] () - F:\autorun.ini -- [ CDFS ]

O33 - MountPoints2\{8b9ee651-15fd-11df-bd4f-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{8b9ee651-15fd-11df-bd4f-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2003.03.25 02:01:00 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>)

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009.07.14 05:20:14 | 000,000,000 | ---D | M]

NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)

NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)

NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)

NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)

NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)

NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 90 Days ==========

 

[2010.05.20 22:33:38 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Users\Bloodangel\Desktop\OTL.exe

[2010.05.20 22:16:32 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\Malwarebytes

[2010.05.20 22:16:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010.05.20 22:16:15 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010.05.20 22:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010.05.20 22:16:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010.05.20 22:15:47 | 006,153,352 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Bloodangel\Desktop\mbam-setup-1.46.exe

[2010.05.20 15:56:11 | 000,000,000 | ---D | C] -- C:\VundoFix Backups

[2010.05.20 15:54:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2010.05.20 15:54:29 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Bloodangel\Desktop\HJTInstall.exe

[2010.05.19 20:57:52 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\dvdcss

[2010.05.19 19:27:06 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\Documents\My Games

[2010.05.19 17:25:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared

[2010.05.19 17:20:24 | 000,031,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys

[2010.05.19 17:20:22 | 000,172,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2010.05.19 17:20:18 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Symantec Shared

[2010.05.19 17:20:18 | 000,000,000 | ---D | C] -- C:\Programme\Symantec

[2010.05.19 14:41:25 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\storage

[2010.05.19 14:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft

[2010.05.19 13:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft

[2010.05.18 13:46:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\3-D HUNTING 2010

[2010.05.18 13:46:01 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\Documents\3-D HUNTING 2010

[2010.05.18 13:46:01 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\3-D HUNTING 2010

[2010.05.18 13:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\3-D HUNTING 2010

[2010.05.18 13:45:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies

[2010.05.18 13:45:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA

[2010.05.18 13:45:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard

[2010.05.18 11:39:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite

[2010.05.18 11:38:04 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\DAEMON Tools Lite

[2010.05.18 11:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite

[2010.05.18 11:33:40 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\Nero

[2010.05.18 11:30:22 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\Media Player Classic

[2010.05.18 11:29:45 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\vlc

[2010.05.18 11:27:53 | 004,411,392 | ---- | C] (Gabest) -- C:\Programme\mplayerc.exe

[2010.05.18 11:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN

[2010.05.18 02:04:48 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\Documents\downloads

[2010.05.18 02:01:50 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\sabnzbd

[2010.05.18 02:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SABnzbd

[2010.05.17 16:05:50 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\WinRAR

[2010.05.17 16:05:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR

[2010.05.17 10:24:50 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\Documents\Meine empfangenen Dateien

[2010.05.16 21:00:29 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\TS3Client

[2010.05.16 20:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client

[2010.05.16 11:25:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared

[2010.05.16 11:25:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX

[2010.05.16 11:23:56 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\Mozilla

[2010.05.16 11:23:56 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\Mozilla

[2010.05.16 11:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2010.05.16 10:46:10 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\ICQ

[2010.05.16 10:46:09 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\AOL

[2010.05.16 10:46:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.1

[2010.05.16 03:07:54 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\Tracing

[2010.05.15 22:26:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer

[2010.05.15 22:26:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer

[2010.05.15 22:26:01 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\InstallShield

[2010.05.15 19:31:04 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\Diagnostics

[2010.05.15 19:02:08 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\Adobe

[2010.05.15 18:27:39 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\teamspeak2

[2010.05.15 18:27:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Teamspeak2_RC2

[2010.05.15 18:08:58 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\ElevatedDiagnostics

[2010.05.15 18:03:57 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\Razer

[2010.05.15 14:44:03 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\Desktop\Downloads

[2010.05.15 14:41:42 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Desktop\PB Desktopmüll

[2010.05.15 14:41:29 | 000,029,952 | ---- | C] (Razer (Asia-Pacific) Pte Ltd) -- C:\Windows\SysNative\drivers\Lachesis.sys

[2010.05.15 14:37:10 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\Adobe

[2010.05.15 14:37:00 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\Google

[2010.05.15 14:37:00 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\Google

[2010.05.15 14:08:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam

[2010.05.15 14:01:48 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\ATI

[2010.05.15 14:01:48 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\ATI

[2010.05.15 14:01:08 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\Macromedia

[2010.05.15 14:00:56 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Searches

[2010.05.15 14:00:49 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\Identities

[2010.05.15 14:00:47 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Contacts

[2010.05.15 14:00:46 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\VirtualStore

[2010.05.15 13:59:56 | 000,000,000 | ---D | C] -- C:\Programme\PB Accessory Store

[2010.05.15 13:59:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Vorlagen

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\AppData\Local\Verlauf

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\AppData\Local\Temporary Internet Files

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Startmenü

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\SendTo

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Recent

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Netzwerkumgebung

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Lokale Einstellungen

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Documents\Eigene Videos

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Documents\Eigene Musik

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Eigene Dateien

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Documents\Eigene Bilder

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Druckumgebung

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Cookies

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\AppData\Local\Anwendungsdaten

[2010.05.15 13:59:09 | 000,000,000 | -HSD | C] -- C:\Users\Bloodangel\Anwendungsdaten

[2010.05.15 13:59:08 | 000,000,000 | --SD | C] -- C:\Users\Bloodangel\AppData\Roaming\Microsoft

[2010.05.15 13:59:08 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Videos

[2010.05.15 13:59:08 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Saved Games

[2010.05.15 13:59:08 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Pictures

[2010.05.15 13:59:08 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Music

[2010.05.15 13:59:08 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Links

[2010.05.15 13:59:08 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Favorites

[2010.05.15 13:59:08 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Downloads

[2010.05.15 13:59:08 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Documents

[2010.05.15 13:59:08 | 000,000,000 | R--D | C] -- C:\Users\Bloodangel\Desktop

[2010.05.15 13:59:08 | 000,000,000 | -H-D | C] -- C:\Users\Bloodangel\AppData

[2010.05.15 13:59:08 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\Temp

[2010.05.15 13:59:08 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Local\Microsoft

[2010.05.15 13:59:08 | 000,000,000 | ---D | C] -- C:\Users\Bloodangel\AppData\Roaming\Media Center Programs

[2010.05.15 13:58:48 | 000,000,000 | -HSD | C] -- C:\Recovery

[2010.05.15 13:58:47 | 000,000,000 | -HSD | C] -- C:\Programme

[2010.05.15 13:58:47 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien

[2010.05.15 13:58:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos

[2010.05.15 13:58:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik

[2010.05.15 13:58:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder

[2010.05.15 13:58:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen

[2010.05.15 13:58:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü

[2010.05.15 13:58:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten

[2010.05.15 13:58:46 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen

[2010.05.15 13:58:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente

[2010.05.15 13:58:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten

 
 ========== Files - Modified Within 90 Days ==========

 

[2010.05.20 22:35:54 | 001,079,002 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008000.029\Cat.DB

[2010.05.20 22:35:35 | 001,572,864 | -HS- | M] () -- C:\Users\Bloodangel\NTUSER.DAT

[2010.05.20 22:33:41 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Bloodangel\Desktop\OTL.exe

[2010.05.20 22:30:01 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Packard Bell Registration Reminder.job

[2010.05.20 22:16:19 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.05.20 22:15:52 | 006,153,352 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Bloodangel\Desktop\mbam-setup-1.46.exe

[2010.05.20 21:50:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010.05.20 15:54:37 | 000,002,105 | ---- | M] () -- C:\Users\Bloodangel\Desktop\HijackThis.lnk

[2010.05.20 15:54:29 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\Bloodangel\Desktop\HJTInstall.exe

[2010.05.20 14:50:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010.05.20 12:41:36 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010.05.20 12:41:36 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010.05.20 12:38:50 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010.05.20 12:38:50 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2010.05.20 12:38:50 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010.05.20 12:38:50 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2010.05.20 12:38:50 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010.05.20 12:34:23 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.05.20 12:34:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.05.20 12:34:17 | 529,879,039 | -HS- | M] () -- C:\hiberfil.sys

[2010.05.20 12:24:19 | 002,272,113 | -H-- | M] () -- C:\Users\Bloodangel\AppData\Local\IconCache.db

[2010.05.19 19:04:37 | 000,583,296 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008000.029\cchpx64.sys

[2010.05.19 19:04:35 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008000.029\isolate.ini

[2010.05.19 17:56:18 | 000,020,206 | ---- | M] () -- C:\Users\Bloodangel\Desktop\Microsoft Office Word Document (neu).docx

[2010.05.19 17:20:18 | 000,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2010.05.19 17:20:18 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2010.05.19 17:20:18 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2010.05.19 15:20:28 | 000,177,152 | ---- | M] () -- C:\Windows\Dvifea.exe

[2010.05.18 13:38:38 | 000,000,662 | ---- | M] () -- C:\Users\Bloodangel\Desktop\Downloads - Verknüpfung.lnk

[2010.05.18 12:12:25 | 000,000,355 | ---- | M] () -- C:\Users\Bloodangel\Desktop\Computer.lnk

[2010.05.18 11:39:13 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys

[2010.05.17 20:09:50 | 000,049,305 | ---- | M] () -- C:\Users\Bloodangel\Desktop\jdjdjgfzjd.png

[2010.05.16 20:58:02 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk

[2010.05.16 12:59:54 | 000,000,206 | ---- | M] () -- C:\Users\Bloodangel\Desktop\Day of Defeat Source.url

[2010.05.16 12:29:32 | 000,001,419 | ---- | M] () -- C:\Users\Public\Desktop\Half-Life 2.lnk

[2010.05.16 12:29:32 | 000,001,419 | ---- | M] () -- C:\Users\Public\Desktop\Counter-Strike Source.lnk

[2010.05.16 11:23:56 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat

[2010.05.16 10:46:22 | 000,001,836 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.1.lnk

[2010.05.15 18:27:30 | 000,000,990 | ---- | M] () -- C:\Users\Bloodangel\Desktop\Teamspeak 2 RC2.lnk

[2010.05.15 15:10:08 | 000,000,208 | ---- | M] () -- C:\Users\Bloodangel\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url

[2010.05.15 14:46:40 | 000,000,643 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk

[2010.05.15 14:22:19 | 000,524,288 | -HS- | M] () -- C:\Users\Bloodangel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms

[2010.05.15 14:22:19 | 000,524,288 | -HS- | M] () -- C:\Users\Bloodangel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms

[2010.05.15 14:22:19 | 000,065,536 | -HS- | M] () -- C:\Users\Bloodangel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf

[2010.05.15 13:59:32 | 000,081,552 | ---- | M] () -- C:\Users\Bloodangel\AppData\Local\GDIPFONTCACHEV1.DAT

[2010.05.15 13:59:09 | 000,000,020 | -HS- | M] () -- C:\Users\Bloodangel\ntuser.ini

[2010.05.15 13:58:32 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf

[2010.05.15 13:58:32 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf

[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

 
 ========== Files Created - No Company Name ==========

 

[2010.05.20 22:16:19 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.05.20 15:54:37 | 000,002,105 | ---- | C] () -- C:\Users\Bloodangel\Desktop\HijackThis.lnk

[2010.05.19 17:38:58 | 000,020,206 | ---- | C] () -- C:\Users\Bloodangel\Desktop\Microsoft Office Word Document (neu).docx

[2010.05.19 17:20:22 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2010.05.19 17:20:22 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2010.05.19 15:20:31 | 000,177,152 | ---- | C] () -- C:\Windows\Dvifea.exe

[2010.05.18 13:38:38 | 000,000,662 | ---- | C] () -- C:\Users\Bloodangel\Desktop\Downloads - Verknüpfung.lnk

[2010.05.18 12:12:25 | 000,000,355 | ---- | C] () -- C:\Users\Bloodangel\Desktop\Computer.lnk

[2010.05.18 11:39:13 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys

[2010.05.17 20:09:02 | 000,049,305 | ---- | C] () -- C:\Users\Bloodangel\Desktop\jdjdjgfzjd.png

[2010.05.16 20:58:02 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk

[2010.05.16 12:59:54 | 000,000,206 | ---- | C] () -- C:\Users\Bloodangel\Desktop\Day of Defeat Source.url

[2010.05.16 12:29:32 | 000,001,419 | ---- | C] () -- C:\Users\Public\Desktop\Half-Life 2.lnk

[2010.05.16 12:29:32 | 000,001,419 | ---- | C] () -- C:\Users\Public\Desktop\Counter-Strike Source.lnk

[2010.05.16 11:23:56 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2010.05.16 10:46:22 | 000,001,836 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.1.lnk

[2010.05.15 22:07:45 | 000,000,386 | ---- | C] () -- C:\Windows\tasks\Packard Bell Registration Reminder.job

[2010.05.15 18:27:30 | 000,000,990 | ---- | C] () -- C:\Users\Bloodangel\Desktop\Teamspeak 2 RC2.lnk

[2010.05.15 15:10:08 | 000,000,208 | ---- | C] () -- C:\Users\Bloodangel\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url

[2010.05.15 14:39:56 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010.05.15 14:39:56 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010.05.15 14:08:16 | 000,000,643 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk

[2010.05.15 13:59:09 | 000,524,288 | -HS- | C] () -- C:\Users\Bloodangel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms

[2010.05.15 13:59:09 | 000,524,288 | -HS- | C] () -- C:\Users\Bloodangel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms

[2010.05.15 13:59:09 | 000,262,144 | -HS- | C] () -- C:\Users\Bloodangel\ntuser.dat.LOG1

[2010.05.15 13:59:09 | 000,065,536 | -HS- | C] () -- C:\Users\Bloodangel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf

[2010.05.15 13:59:09 | 000,000,020 | -HS- | C] () -- C:\Users\Bloodangel\ntuser.ini

[2010.05.15 13:59:09 | 000,000,000 | -HS- | C] () -- C:\Users\Bloodangel\ntuser.dat.LOG2

[2010.05.15 13:59:08 | 001,572,864 | -HS- | C] () -- C:\Users\Bloodangel\NTUSER.DAT

[2009.08.03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

 
 ========== LOP Check ==========

 

[2010.05.18 11:42:41 | 000,000,000 | ---D | M] -- C:\Users\Bloodangel\AppData\Roaming\DAEMON Tools Lite

[2010.05.20 12:24:19 | 000,000,000 | ---D | M] -- C:\Users\Bloodangel\AppData\Roaming\ICQ

[2010.05.15 23:11:17 | 000,000,000 | ---D | M] -- C:\Users\Bloodangel\AppData\Roaming\Razer

[2010.05.16 21:15:53 | 000,000,000 | ---D | M] -- C:\Users\Bloodangel\AppData\Roaming\TS3Client

[2010.05.20 22:30:01 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\Packard Bell Registration Reminder.job

[2009.07.14 07:08:49 | 000,008,174 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %SYSTEMDRIVE%\*.* >

[2009.12.04 11:59:47 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2010.05.20 12:34:17 | 529,879,039 | -HS- | M] () -- C:\hiberfil.sys

[2010.05.20 12:34:18 | 2138,161,151 | -HS- | M] () -- C:\pagefile.sys

[2009.12.04 12:18:22 | 000,002,188 | ---- | M] () -- C:\RHDSetup.log

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2009.07.14 03:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll

[2009.07.14 03:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll

[2009.07.14 03:15:28 | 000,186,368 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll

 
 < %systemroot%\Tasks\*.job /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\system32\drivers\*.sys /90 >

[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys

< End of report >

Code:

OTL Extras logfile created on: 20.05.2010 22:35:22 - Run 1

OTL by OldTimer - Version 3.2.5.0     Folder = C:\Users\Bloodangel\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 73,00% Memory free

12,00 Gb Paging File | 10,00 Gb Available in Paging File | 85,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 225,95 Gb Total Space | 189,82 Gb Free Space | 84,01% Space Free | Partition Type: NTFS

Drive D: | 931,51 Gb Total Space | 763,81 Gb Free Space | 82,00% Space Free | Partition Type: NTFS

Drive E: | 226,71 Gb Total Space | 226,61 Gb Free Space | 99,96% Space Free | Partition Type: NTFS

Drive F: | 313,72 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: PORNOSTATION

Current User Name: Bloodangel

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Include 64bit Scans

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Standard

Quick Scan

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{34F43E2A-9462-133B-068F-B6D9015616EB}" = ATI AVIVO64 Codecs

"{46035FCA-633D-8E15-24EE-B6E5359B0AE2}" = ccc-utility64

"{6B559E62-24D2-D29C-2C02-26B671BDA8A1}" = ATI Catalyst Install Manager

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"NVIDIA Drivers" = NVIDIA Drivers

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{071FC582-37F8-8726-C70A-0B3EBEE11B57}" = Catalyst Control Center Graphics Previews Vista

"{117E3AE2-10D1-41C1-9FA6-F4C382F767A8}_is1" = Packard Bell GameZone Console

"{129F4B4F-968D-3843-93A0-A0C5DB613584}" = CCC Help German

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising

"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{20643D71-C655-C070-47AD-24F291B3E1E8}" = Catalyst Control Center Core Implementation

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help

"{2541026d-50db-46b2-962c-69e74f8c4a12}" = Nero 9 Essentials

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie

"{2C73EAA3-3B76-2145-D3F8-0A8AF4DCB5C1}" = CCC Help Turkish

"{2F6DE91F-47B3-0824-D007-F9EDFA055E7C}" = CCC Help Finnish

"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed

"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver

"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3C6920EF-0089-3A24-9F9D-9A346AB2813F}" = Catalyst Control Center Graphics Full Existing

"{3D3407EE-CD37-BFCD-FD15-14A24C35B41E}" = CCC Help Swedish

"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker

"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger

"{4713E6B1-9270-5824-CD46-68EAE904F899}" = CCC Help Japanese

"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM

"{4F61136C-2A4D-4064-71AF-CF0C9DE552C3}" = CCC Help Chinese Standard

"{4FA47485-D671-D6BB-66CD-536598C460E8}" = Catalyst Control Center Localization All

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{52FD2375-841C-0551-0E2C-6DA65F73FB09}" = CCC Help Dutch

"{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57046DA6-882F-9A3F-CD74-5357AC9694B8}" = CCC Help Czech

"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress

"{5D1BCDDC-A969-2474-A777-4C52079C3778}" = CCC Help French

"{5EBD2FC6-FFB9-550B-7EB5-3848E062B4B2}" = CCC Help English

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call

"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works

"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction

"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{732A67B6-2581-4434-AE64-9A34CCF943D1}" = 3-D HUNTING 2010: Hunt Rare and Wild Animals

"{733C5FC0-F0C4-405B-A983-61C24CC60E39}_is1" = Photo Frame

"{75EF2300-2DA4-60E8-CFAC-04A8081322BE}" = CCC Help Hungarian

"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync

"{77277800-4738-946C-B360-19259007E99F}" = CCC Help Chinese Traditional

"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management

"{7F938BCD-7CC9-7949-DE47-F06CF95741B1}" = CCC Help Portuguese

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2

"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed

"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19

"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007

"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{935B9BF4-8006-BC16-B193-F6C13B83F6B2}" = CCC Help Danish

"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)

"{978B28B9-2ED2-C511-5D4C-D72A7D4AEF3E}" = CCC Help Polish

"{9882AE13-E333-3118-45F8-EEDA43BCF63B}" = CCC Help Norwegian

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A07D7AF9-BA12-D49D-9771-A102A4D5BD13}" = Catalyst Control Center InstallProxy

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A6D42D59-7188-3DE9-8572-3F83165FBB6C}" = CCC Help Russian

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI

"{ACB583B7-8900-DBA7-CB86-789D1755C77E}" = CCC Help Greek

"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player

"{B7060593-A94C-96E2-115A-11EAA79AEAF8}" = CCC Help Spanish

"{B789926B-4CB9-2345-075B-1BEE87C53A71}" = CCC Help Italian

"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter

"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail

"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup

"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX

"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis

"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0

"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help

"{CC407F63-7F0A-D8E0-E4F8-4B36E7E1E577}" = CCC Help Thai

"{D1BBB9C9-800C-ADD3-F847-FF5582DCF68F}" = CCC Help Korean

"{D23E10BC-2CE3-A967-385C-446922563356}" = Catalyst Control Center Graphics Light

"{D45EC259-4A19-4656-B588-C2C360DD18EA}" = Half-Life(R) 2

"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade

"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer

"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help

"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer

"{EAF6BE5A-8587-045A-4753-2D273007FDDD}" = Catalyst Control Center Graphics Full New

"{EE10D76C-39B7-40A8-A24C-1BEEACBED160}" = Catalyst Control Center - Branding

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter

"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials

"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool

"{FFD412C4-7E27-9167-1C5D-E40803B7AEC7}" = ccc-core-static

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0

"HijackThis" = HijackThis 2.0.2

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"Identity Card" = Identity Card

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Metaboli" = Metaboli

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"NIS" = Norton Internet Security

"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch

"Packard Bell InfoCentre" = Packard Bell InfoCentre

"Packard Bell Registration" = Packard Bell Registration

"Packard Bell Screensaver" = Packard Bell ScreenSaver

"Packard Bell Software Suite SE" = Packard Bell Software Suite SE

"Packard Bell Welcome Center" = Welcome Center

"SABnzbd" = SABnzbd (remove only)

"Steam App 10180" = Call of Duty: Modern Warfare 2

"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer

"Steam App 300" = Day of Defeat: Source

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"VLC media player" = VLC media player 1.0.5

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 19.05.2010 04:52:47 | Computer Name = Pornostation | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 19.05.2010 04:52:47 | Computer Name = Pornostation | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 19.05.2010 04:52:47 | Computer Name = Pornostation | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 19.05.2010 04:52:47 | Computer Name = Pornostation | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 19.05.2010 22:41:25 | Computer Name = Pornostation | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files

 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder

 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

 des "version"-Attributs im assemblyIdentity-Element ist ungültig.

 

Error - 19.05.2010 22:42:01 | Computer Name = Pornostation | Source = SideBySide | ID = 16842787

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei

 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die 

im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente

 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

Definition:

 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie

 das Programm "sxstrace.exe" für eine detaillierte Diagnose.

 

Error - 19.05.2010 22:42:21 | Computer Name = Pornostation | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 19.05.2010 22:42:21 | Computer Name = Pornostation | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 19.05.2010 22:42:21 | Computer Name = Pornostation | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 19.05.2010 22:42:21 | Computer Name = Pornostation | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".

Die

 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

[ System Events ]

Error - 15.05.2010 08:45:19 | Computer Name = Pornostation | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 Steam Client Service erreicht.

 

Error - 15.05.2010 08:45:19 | Computer Name = Pornostation | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%1053

 

Error - 15.05.2010 17:10:58 | Computer Name = Pornostation | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am ?15.?05.?2010 um 23:09:05 unerwartet heruntergefahren.

 

 

< End of report >