verzweifelt2 | 24.05.2010 01:26 | OTL:
as Code:
OTL logfile created on: 24.05.2010 00:58:25 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Alexander\Desktop\Downloads\OLD
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 226,38 Gb Total Space | 83,32 Gb Free Space | 36,81% Space Free | Partition Type: NTFS
Drive D: | 222,90 Gb Total Space | 222,80 Gb Free Space | 99,96% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ALEXANDER-PC
Current User Name: Alexander
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\Alexander\Desktop\Downloads\OLD\OTL.exe (OldTimer Tools)
PRC - C:\Users\Alexander\AppData\Local\Temp\~e5.0001 (Macrovision Europe Ltd.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\System32\UAService7.exe (Sony DADC Austria AG.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
PRC - C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Programme\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe (acer)
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\KOEI\SAMURAI WARRIORS 2\SW2.exe (KOEI Co., Ltd.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - C:\Programme\Acer\Acer VCM\acp2HID.exe (Acer Inc.)
PRC - C:\Programme\Common Files\AccSys\accsvc.exe (AccSys GmbH)
========== Modules (SafeList) ==========
MOD - C:\Users\Alexander\Desktop\Downloads\OLD\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\rswin_3697.dll ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\Windows\System32\UAService7.exe (Sony DADC Austria AG.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (IGBASVC) -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (accsvc) -- C:\Programme\Common Files\AccSys\accsvc.exe (AccSys GmbH)
========== Driver Services (SafeList) ==========
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (CyberLink Corp.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (AlfaFF) -- C:\Windows\system32\Drivers\AlfaFF.sys (Alfa Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (Point32) -- C:\Windows\System32\drivers\point32k.sys (Microsoft Corporation)
DRV - (vfs101x) -- C:\Windows\System32\drivers\vfs101x.sys (Validity Sensors, Inc.)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies)
DRV - (NPPTNT2) -- C:\Windows\System32\npptNT2.sys (INCA Internet Co., Ltd.)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\..\URLSearchHook: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Programme\Eazel-DE\tbEaze.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Nachrichten - Service - Shopping bei t-online.de
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - File not found
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.21 19:06:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.21 19:05:00 | 000,000,000 | ---D | M]
[2010.04.21 19:06:24 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Mozilla\Extensions
[2010.05.19 22:46:29 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oshd8s1y.default\extensions
[2010.04.21 20:17:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oshd8s1y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.21 19:05:00 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.04.30 07:57:06 | 000,002,226 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 209.212.147.138 google.com
O1 - Hosts: 209.212.147.138 google.com.au
O1 - Hosts: 209.212.147.138 Google
O1 - Hosts: 209.212.147.138 google.be
O1 - Hosts: 209.212.147.138 Google
O1 - Hosts: 209.212.147.138 google.com.br
O1 - Hosts: 209.212.147.138 Google
O1 - Hosts: 209.212.147.138 google.ca
O1 - Hosts: 209.212.147.138 Google
O1 - Hosts: 209.212.147.138 google.ch
O1 - Hosts: 209.212.147.138 Google
O1 - Hosts: 209.212.147.138 google.de
O1 - Hosts: 209.212.147.138 Google
O1 - Hosts: 209.212.147.138 google.dk
O1 - Hosts: 209.212.147.138 Google
O1 - Hosts: 209.212.147.138 google.fr
O1 - Hosts: 209.212.147.138 Google
O1 - Hosts: 209.212.147.138 google.ie
O1 - Hosts: 209.212.147.138 Google
O1 - Hosts: 209.212.147.138 google.it
O1 - Hosts: 209.212.147.138 Google
O1 - Hosts: 209.212.147.138 google.co.jp
O1 - Hosts: 24 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - File not found
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - File not found
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - File not found
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - File not found
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - File not found
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Eazel-DE Toolbar) - {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} - C:\Programme\Eazel-DE\tbEaze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - File not found
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - File not found
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [EPSON Stylus DX4000 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE File not found
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe (GreenTree Applications, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WLConfig] C:\Program Files\WLAN Monitor\WLConfig.exe (AccSys GmbH)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Acer03.JPG
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Acer03.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.02.28 09:12:28 | 000,156,054 | R--- | M] () - F:\autorun.bmp -- [ UDF ]
O32 - AutoRun File - [2008.05.02 05:04:30 | 000,267,536 | R--- | M] (KOEI Co., Ltd.) - F:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.03.19 02:45:18 | 000,000,197 | R--- | M] () - F:\AUTORUN.INF -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.05.21 23:20:24 | 000,000,000 | ---D | C] -- C:\Programme\KOEI
[2010.05.21 21:04:35 | 000,000,000 | ---D | C] -- C:\Programme\Eidos Interactive
[2010.05.19 22:23:06 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\Avira
[2010.05.19 15:52:23 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\Malwarebytes
[2010.05.19 15:52:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.19 15:52:12 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.19 15:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.19 15:52:11 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.05.19 15:46:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.05.19 15:46:25 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.05.19 15:46:25 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.05.19 15:46:25 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.05.19 15:46:25 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.05.19 15:46:25 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.05.19 15:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.05.17 17:58:21 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Documents\KOEI
[2010.05.14 16:41:59 | 000,000,000 | ---D | C] -- C:\Windows\Profiles
[2010.05.14 13:23:30 | 000,000,000 | ---D | C] -- C:\Programme\Rome - Total War
[2010.05.08 09:47:20 | 000,000,000 | ---D | C] -- C:\Programme\Eazel-DE
[2010.05.02 00:35:26 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Desktop\Tools
[2010.05.01 17:14:24 | 000,000,000 | ---D | C] -- C:\Programme\Bmp_zu_Avi_6_1
[2010.05.01 17:11:07 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Desktop\open office
[2010.05.01 17:10:37 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Desktop\spiele onlne
[2010.05.01 17:09:55 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Desktop\Spiele offline
[2010.04.30 07:49:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\MSPITTPE
[2010.04.27 15:36:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2010.04.27 15:17:11 | 000,000,000 | ---D | C] -- C:\Programme\2K Games
[2010.04.24 10:30:33 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Documents\Cooper's Revenge
[2009.02.02 20:35:44 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.05.24 00:58:50 | 002,097,152 | -HS- | M] () -- C:\Users\Alexander\NTUSER.DAT
[2010.05.24 00:12:50 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.24 00:12:50 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.23 18:47:41 | 000,032,251 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.05.23 17:07:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.23 14:17:22 | 000,625,582 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.23 14:17:21 | 001,541,724 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.23 14:17:21 | 000,664,282 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.05.23 14:17:21 | 000,142,622 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.05.23 14:17:21 | 000,117,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.23 14:13:14 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010.05.23 14:12:57 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.23 14:12:51 | 3218,042,880 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.23 13:20:42 | 000,524,288 | -HS- | M] () -- C:\Users\Alexander\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.05.23 13:20:42 | 000,065,536 | -HS- | M] () -- C:\Users\Alexander\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.05.23 11:49:28 | 000,032,251 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.05.23 11:08:52 | 002,385,713 | -H-- | M] () -- C:\Users\Alexander\AppData\Local\IconCache.db
[2010.05.21 23:20:20 | 000,001,609 | ---- | M] () -- C:\Users\Alexander\Desktop\SAMURAI WARRIORS 2.lnk
[2010.05.21 21:07:41 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Kontrakty.lnk
[2010.05.19 15:52:17 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.19 15:46:31 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.05.19 15:02:19 | 000,008,268 | ---- | M] () -- C:\Users\Alexander\AppData\Local\d3d9caps.dat
[2010.05.18 16:02:13 | 000,000,841 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.new
[2010.05.14 16:44:17 | 000,078,608 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2010.05.14 00:13:49 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.05.12 11:21:16 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.05.11 15:09:48 | 000,000,372 | ---- | M] () -- C:\Users\Alexander\Documents\cc_20100511_150935.reg
[2010.05.08 09:47:11 | 000,682,232 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.05.06 18:00:58 | 000,000,369 | ---- | M] () -- C:\Users\Alexander\Desktop\Musik.lnk
[2010.05.01 17:20:24 | 000,017,408 | ---- | M] () -- C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.01 12:15:44 | 000,138,184 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.05.01 12:15:22 | 000,215,016 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.04.30 08:13:34 | 000,324,848 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-184940.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-184939.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-184938.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-184937.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-184936.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-184935.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-184934.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-184933.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-150404.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-150403.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-150402.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-150401.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-150400.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-150359.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-150354.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081048.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081047.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081046.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081045.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081044.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081040.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081031.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081030.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081029.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081028.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081027.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081026.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081025.backup
[2010.04.30 07:57:06 | 000,002,873 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100430-081020.backup
[2010.04.30 07:57:06 | 000,002,226 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100514-024059.backup
[2010.04.30 07:57:06 | 000,002,226 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100514-024038.backup
[2010.04.30 07:57:06 | 000,002,226 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100514-004540.backup
[2010.04.30 07:57:06 | 000,002,226 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100504-162754.backup
[2010.04.30 07:57:06 | 000,002,226 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.28 18:29:17 | 000,000,136 | ---- | M] () -- C:\Users\Alexander\Desktop\Borderlands - Verknüpfung.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.05.21 23:20:20 | 000,001,609 | ---- | C] () -- C:\Users\Alexander\Desktop\SAMURAI WARRIORS 2.lnk
[2010.05.21 21:07:41 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Kontrakty.lnk
[2010.05.19 15:52:17 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.19 15:46:31 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.05.14 00:47:23 | 3218,042,880 | -HS- | C] () -- C:\hiberfil.sys
[2010.05.11 15:09:38 | 000,000,372 | ---- | C] () -- C:\Users\Alexander\Documents\cc_20100511_150935.reg
[2010.05.08 09:47:11 | 000,682,232 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.05.06 18:00:58 | 000,000,369 | ---- | C] () -- C:\Users\Alexander\Desktop\Musik.lnk
[2010.04.28 18:29:17 | 000,000,136 | ---- | C] () -- C:\Users\Alexander\Desktop\Borderlands - Verknüpfung.lnk
[2010.04.02 10:11:07 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010.04.01 01:25:57 | 000,000,217 | ---- | C] () -- C:\Windows\wininit.ini
[2010.03.05 02:11:22 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.02.14 16:27:53 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX4000EFDG.ini
[2009.12.18 17:14:51 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2009.12.18 17:14:51 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2009.12.02 22:12:41 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.11.26 09:04:29 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.20 11:17:51 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2009.05.16 21:19:14 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.05.16 21:19:05 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.05.04 10:49:28 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.02.18 22:46:16 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009.02.18 22:46:16 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009.02.18 22:45:02 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2009.02.02 20:33:57 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009.02.02 14:14:59 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2009.02.02 14:14:59 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2009.02.02 13:43:49 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.11.14 17:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007.01.26 08:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.12.15 06:17:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL
[2001.12.26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:05113FB9
< End of report >
ExtrasOTL: Code:
OTL Extras logfile created on: 24.05.2010 00:58:25 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Alexander\Desktop\Downloads\OLD
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 226,38 Gb Total Space | 83,32 Gb Free Space | 36,81% Space Free | Partition Type: NTFS
Drive D: | 222,90 Gb Total Space | 222,80 Gb Free Space | 99,96% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ALEXANDER-PC
Current User Name: Alexander
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UACDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4048881090-1659008515-1093974334-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1016F7FC-232B-4A10-9498-D257E1CEA9A4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{181A0E63-7CEF-4115-8BBA-549F6D6D984F}" = lport=49796 | protocol=6 | dir=in | name=akamai netsession interface |
"{3EB1C72D-2F12-46A3-8799-6B099A8DA98B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9437D6BA-7B9F-425E-8388-AF56FAF19E13}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{98FDF637-2740-410D-A00E-8C278684B89A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9BF365B2-791C-4424-870D-881D30EB9EAF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A6A777C7-2AA6-401C-89FB-6B7E1E3C7251}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C2CDEBE7-729D-45F2-9388-B04CA7B88C84}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C8B4F1D3-3E10-43E6-833B-CFCCE38E209E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D6E3226C-55F5-4C07-8FF0-29F8E3C1F999}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{E73116BE-1C5C-4D34-BD1E-3FC4EE342D9D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FEAF83DA-A36D-4B2F-8857-A58F21F96726}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A0AEB69-ED22-4680-B8A8-059EFD9E04E3}" = protocol=17 | dir=in | app=c:\program files\reality pump\two worlds\twoworlds.exe |
"{0AF93532-80D1-4B3A-AE11-DCB1F89DD597}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1D48F493-455B-4F94-987E-730A26BA55CF}" = protocol=6 | dir=in | app=c:\program files\reality pump\two worlds\twoworlds_radeon.exe |
"{29A8E325-BF7A-48F8-BA04-CEF8139C8486}" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars empire at war\gamedata\sweaw.exe |
"{300EAF25-CAC2-4D1D-A6D2-E866B23B3A08}" = protocol=17 | dir=in | app=c:\programdata\9f61198\ms9f61.exe |
"{332B7C57-A1B3-494A-A2CB-C4C8A9C636B4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{37FBB3EF-501B-4346-9C30-F0717C3AE00C}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{3FAA9224-B6FF-4D08-AA44-7F8B0211C6C1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3FBCF60D-2644-4095-A47F-6320F0C53462}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{43DDBAE3-5B57-4078-A5FD-B241BC9A25FB}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{47162ED4-7FB1-4E3B-8C02-CE965D5E98E6}" = protocol=17 | dir=in | app=c:\program files\reality pump\two worlds\twoworlds_radeon.exe |
"{53FFC09A-11AE-426A-9BD5-C23B4FB80C8D}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{5486A161-CD2A-4F22-B4FE-D34591704460}" = protocol=17 | dir=in | app=c:\maxga\snowboundonline\run.exe |
"{584AE418-D3A2-4C4A-B034-FA2D709ABED6}" = protocol=6 | dir=in | app=c:\program files\electronic arts\aufstieg des hexenkönigs\game.dat |
"{5EC3488B-7C81-49DE-9FE8-DA4E63800D9F}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{6F2FBE05-1A71-484D-BDF5-1CA2DADFFAAC}" = protocol=6 | dir=in | app=c:\programdata\9f61198\ms9f61.exe |
"{737FEE92-63AB-4C19-9963-65E27CB69C78}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{7D43BDC8-22AD-45B3-A8E7-C341360B2B4C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{84852F32-3AC6-45A9-8579-8D8A33FEDFD9}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{874BA9C0-8BA2-4208-B131-375B7801E153}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9081C0FA-9F26-4D16-9FCB-CE392F9123C5}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{96D467AA-0074-4D75-8D2A-88E005F1D271}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{97DAA7AF-7B9B-4112-9D98-E0076E576D20}" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars empire at war\gamedata\sweaw.exe |
"{9B25EDCC-7B4C-463F-BD30-271BA94E26ED}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{9FAC8AF7-33B6-4498-9673-A3C2210F9C25}" = protocol=6 | dir=in | app=c:\program files\reality pump\two worlds\twoworlds.exe |
"{A14EC720-BBBD-47D4-B93A-84D6564C272E}" = protocol=17 | dir=in | app=c:\program files\gamigo\heroes in the sky\his.exe |
"{A62F828F-0C0F-47E0-B834-CD14FC5BFB00}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{AC09670F-E6A1-4DD5-AB41-798C30CE3FEE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ADDF9CCF-F4EB-4BFC-A87E-5D23B099B28D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{AE17C580-2866-417E-8DB8-87E8C3BDCDC6}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{B2CA5242-F31E-4A99-98D8-A84C4D7B8DB6}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{B44B8EFA-B764-46A4-8073-15D99453AA1B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{B667FEBA-6F53-4687-B98A-02D80E7B5D6C}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{B92D464A-0283-45E9-920C-2BDB3C4724B5}" = protocol=17 | dir=in | app=c:\program files\electronic arts\aufstieg des hexenkönigs\game.dat |
"{BBC93393-460A-4834-865C-7E730B996292}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{BC8A7034-2F13-4A2C-A2DD-51A5C705E145}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{C0771445-C4CE-42B9-BB15-A042357323F3}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{C0F832F5-3D98-4166-BEAD-5D0D98BF25CE}" = protocol=6 | dir=in | app=c:\program files\gamigo\heroes in the sky\his.exe |
"{C38114EC-6269-4BE1-B3E0-058EC4AA5CA7}" = protocol=6 | dir=in | app=c:\maxga\snowboundonline\run.exe |
"{CDF5D316-4602-461C-A6D8-D2AC15326B9E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{D5B0875A-CDBE-4A61-9B8A-B56E1D34A3C4}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{DAFD5104-235D-415D-8700-83291785225F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{EBFF1E75-256D-459A-868D-289BBE4517CF}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{F2C48181-1098-4676-9727-7E52E659451C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{F436D455-97D1-4126-874F-D445BAAA2773}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{F7FF5B2D-5400-4038-8F23-A25ACCD2D59C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{FA2686A9-B7B4-421B-AB8A-400B4EADA0A2}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{FFFF78C0-68DF-41F4-B433-E37D03CF90B9}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{035168F4-03E9-4736-93BC-4F5808E2F190}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin |
"TCP Query User{0484AE44-EC56-462E-9426-1FA4365E6F73}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands (2).exe" = protocol=6 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands (2).exe |
"TCP Query User{46A6BFEA-061A-4F13-BAF6-D12E42723463}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=6 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe |
"TCP Query User{67C4A3E2-4B30-4FC9-8809-2D02B451DEA8}C:\program files\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2client.bin |
"TCP Query User{75A55F2D-60A4-4FEC-A99C-3AE519DC7195}C:\program files\namco bandai games\warhammer mark of chaos multiplayer demo\warhammer.exe" = protocol=6 | dir=in | app=c:\program files\namco bandai games\warhammer mark of chaos multiplayer demo\warhammer.exe |
"TCP Query User{7FD6EF3B-31A6-43EF-BB19-BE58B656E7A9}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:\program files\thq\dawn of war - soulstorm\soulstorm.exe |
"TCP Query User{B468AC48-9D18-444B-90FF-46F4D00DAA64}C:\users\alexander\downloads\fogdownloader-rom_2_1_0_1871.exe" = protocol=6 | dir=in | app=c:\users\alexander\downloads\fogdownloader-rom_2_1_0_1871.exe |
"TCP Query User{B7609E2E-98F7-44F3-B483-872CBC06805E}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{CE3DF856-0F5D-404C-8D4D-34B4132B88DE}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{E52D19AA-31D0-44B6-A439-22CE9C0AEA16}C:\users\alexander\appdata\local\microsoft\windows\temporary internet files\content.ie5\d5kvuko9\fogdownloader-rom_2_1_0_1871[1].exe" = protocol=6 | dir=in | app=c:\users\alexander\appdata\local\microsoft\windows\temporary internet files\content.ie5\d5kvuko9\fogdownloader-rom_2_1_0_1871[1].exe |
"TCP Query User{F74DD939-E89B-4D2D-850C-9C7CCFD4B066}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{06A02A0F-019F-4056-8982-007026152AC6}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{16C9E14D-B5FA-4CFE-9D41-FBEDBBF27B94}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{1D6B52DE-462E-440B-A525-C1D59ED81BC5}C:\program files\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2client.bin |
"UDP Query User{285F0BAA-BFC3-432C-B55D-AC5FB3ED7EE0}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:\program files\thq\dawn of war - soulstorm\soulstorm.exe |
"UDP Query User{63C1C15B-56BD-4DC2-888A-3F304A88A5A0}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=17 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe |
"UDP Query User{6EC2F0FD-FB01-47EA-B2C3-980EED93F7F7}C:\users\alexander\appdata\local\microsoft\windows\temporary internet files\content.ie5\d5kvuko9\fogdownloader-rom_2_1_0_1871[1].exe" = protocol=17 | dir=in | app=c:\users\alexander\appdata\local\microsoft\windows\temporary internet files\content.ie5\d5kvuko9\fogdownloader-rom_2_1_0_1871[1].exe |
"UDP Query User{8240DB16-96A4-4D70-BA20-732CFE4443EB}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin |
"UDP Query User{AE4E2CC5-4394-40ED-954B-0C5A72F84FC4}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands (2).exe" = protocol=17 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands (2).exe |
"UDP Query User{B5988F9A-910F-4E5D-BDC9-46AFBE199402}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{C64457D0-0929-4C9A-93B7-CB7DCA14D19A}C:\program files\namco bandai games\warhammer mark of chaos multiplayer demo\warhammer.exe" = protocol=17 | dir=in | app=c:\program files\namco bandai games\warhammer mark of chaos multiplayer demo\warhammer.exe |
"UDP Query User{EA06AD31-3DA6-403C-A21E-833B810B49E4}C:\users\alexander\downloads\fogdownloader-rom_2_1_0_1871.exe" = protocol=17 | dir=in | app=c:\users\alexander\downloads\fogdownloader-rom_2_1_0_1871.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{20533183-D42D-4261-A125-956736FBEA8C}" = Dawn of War - Soulstorm
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi-Software
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2808E975-BD01-47DD-9852-54E3C622BDDC}" = WLAN Monitor
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{37155929-A51F-4BAB-B141-50B341F3299C}" = Desperados 2
"{3BDD2DA8-99F9-4EC9-9992-128BDAE30537}" = Hitman Kontrakty
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{66A9D30D-1464-4C7F-B2F3-507DADAF2595}" = Microsoft IntelliPoint 6.3
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{798D4714-71DA-4871-87B5-E2D02C0FFC2B}" = SAMURAI WARRIORS 2
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7EC19307-7C22-47A8-922B-3FA965291260}" = OpenOffice.org 3.0
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83F12F73-D52E-40C0-93B1-463C311C4E17}" = Dawn Of War
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A2B3C27C-1F09-47C6-9A90-9683BEFD7963}" = Dawn of War - Soulstorm
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 3.0.6.3
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5BCBD49-202F-4238-8398-D83D423A48B4}" = Windows Live Anmelde-Assistent
"{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}" = pdfforge Toolbar v1.0
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = Aufstieg des Hexenkönigs™
"{C388D147-CCBA-411C-B9FC-2CC1B4EFB240}" = Pirates of the Caribbean
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D98C9637-93DA-44DB-B73A-B11A1192AB26}" = GameShadow
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E914A24F-2412-4374-B420-86D21D6D444A}" = LEGO Star Wars
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"7-Zip" = 7-Zip 4.65
"Acer Acer Bio Protection 6.0.00.15" = Acer Bio Protection
AAV 6.0.00.15
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bmp_zu_Avi_6_1_is1" = Version 6.1
"CCleaner" = CCleaner (remove only)
"Eazel-DE Toolbar" = Eazel-DE Toolbar
"Game Maker 8.0" = Game Maker 8.0
"GridVista" = Acer GridVista
"heroes in the sky" = heroes in the sky
"HijackThis" = HijackThis 2.0.2
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{E914A24F-2412-4374-B420-86D21D6D444A}" = LEGO Star Wars
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NeoSteam_DE" = NeoSteam_DE
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"PunkBusterSvc" = PunkBuster Services
"Softonic_Deutsch Toolbar" = Softonic_Deutsch Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Bard's Tale" = The Bard's Tale
"Two Worlds" = Two Worlds
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{798D4714-71DA-4871-87B5-E2D02C0FFC2B}" = SAMURAI WARRIORS 2
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.05.2010 02:56:32 | Computer Name = Alexander-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.05.2010 09:57:49 | Computer Name = Alexander-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.05.2010 13:26:53 | Computer Name = Alexander-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.05.2010 13:48:57 | Computer Name = Alexander-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung engine.exe, Version 2.0.0.0, Zeitstempel 0x426e2f24,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0x00378ed1, Prozess-ID 0xb90, Anwendungsstartzeit 01caf2c48c93c618.
Error - 13.05.2010 14:38:46 | Computer Name = Alexander-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.05.2010 14:53:06 | Computer Name = Alexander-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung engine.exe, Version 2.0.0.0, Zeitstempel 0x426e2f24,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0x089a8ed1, Prozess-ID 0x12f8, Anwendungsstartzeit 01caf2cd78f549db.
Error - 13.05.2010 14:56:06 | Computer Name = Alexander-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.05.2010 14:59:30 | Computer Name = Alexander-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung engine.exe, Version 2.0.0.0, Zeitstempel 0x426e2f24,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0x00388ed1, Prozess-ID 0x95c, Anwendungsstartzeit 01caf2ce4e33c8fc.
Error - 13.05.2010 15:04:44 | Computer Name = Alexander-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung engine.exe, Version 2.0.0.0, Zeitstempel 0x426e2f24,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0x003a8ed1, Prozess-ID 0x37c, Anwendungsstartzeit 01caf2cf0a64e0ec.
Error - 13.05.2010 15:05:09 | Computer Name = Alexander-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung engine.exe, Version 2.0.0.0, Zeitstempel 0x426e2f24,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0x00348ed1, Prozess-ID 0xdc0, Anwendungsstartzeit 01caf2cf31a1963c.
[ System Events ]
Error - 22.05.2010 12:30:35 | Computer Name = Alexander-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
Error - 22.05.2010 12:31:11 | Computer Name = Alexander-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 23.05.2010 03:21:04 | Computer Name = Alexander-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
Error - 23.05.2010 03:21:41 | Computer Name = Alexander-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 23.05.2010 05:48:48 | Computer Name = Alexander-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
Error - 23.05.2010 05:49:21 | Computer Name = Alexander-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 23.05.2010 08:12:37 | Computer Name = Alexander-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
Error - 23.05.2010 08:13:14 | Computer Name = Alexander-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 23.05.2010 11:08:14 | Computer Name = Alexander-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
0022FA0F96E0 wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 23.05.2010 18:54:31 | Computer Name = Alexander-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
0022FA0F96E0 wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
< End of report >
Hoffe ihr könnt mir helfen! |