Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   trojaner der alles heranzoomt habe keine ahnung:'( (https://www.trojaner-board.de/91740-trojaner-alles-heranzoomt-habe-keine-ahnung.html)

Kike1807 12.10.2010 10:55
trojaner der alles heranzoomt habe keine ahnung:'(
 
Liste der Anhänge anzeigen (Anzahl: 3)
ich habe einen trojaner auf meinem pc der ist echt blöd:'( alles ist heran gezoomt um die 300% mehr!! Ich kann so nich arbeiten auf meinem laptop habs schon mit vielen pctools ausprobiert... aber ich möchte nicht gerne geld dafür ausgeben... ich habe gehört das man die festplatte neu formatieren kann wie geht das was braucht man dafür und geht/lohnt es sich auch:confused: bitte um antwort.

ps hier 3 screenshots um euch zu zeigen wie ich das meine

markusg 12.10.2010 11:02
ootl:
Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
beide posten

Kike1807 12.10.2010 12:22
beim scann läuft was schief...:(
der macht nichts beim scann... kannst du mir mir vielleicht weiter helfen mach ich irgendetwas falsch?q.q bitte um hilfe:)

selbst geschaft^^ danke für deine hilfe:)

Kike1807 12.10.2010 12:28
muss ich denn auch CREATERESTOREPOINT kopieren?? denn ich kopiere es immer mit ein also bitte um hilfe:)

Kike1807 12.10.2010 12:43
fukntioniert aber leider nicht... was muss ich denn machen wenn das gescannt wurde?
denn es ist so geblieben schnell bitte ich muss wieder auf mienem laptop arbeiten:'(

Kike1807 12.10.2010 12:51
das steht dort:
OTL.Txt:OTL Logfile:
Code:
OTL logfile created on: 12.10.2010 13:24:11 - Run 1
OTL by OldTimer - Version 3.2.15.1    Folder = c:\Users\Steffen\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218,20 Gb Total Space | 74,24 Gb Free Space | 34,02% Space Free | Partition Type: NTFS
Drive D: | 14,65 Gb Total Space | 8,61 Gb Free Space | 58,77% Space Free | Partition Type: NTFS
 
Computer Name: KIKE-PC | User Name: Steffen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - c:\Users\Steffen\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Programme\PC Optimizer Pro\PCOptimizerPro.exe (Tweaking Tools Inc)
PRC - C:\Programme\Uniblue\RegistryBooster\registrybooster.exe (Uniblue Systems Limited)
PRC - C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
PRC - C:\Programme\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - c:\Users\Steffen\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Programme\PC Tools Security\PCTGMhk.dll (PC Tools)
MOD - C:\Programme\Xfire\xfire_toucan_43094.dll (Xfire Inc.)
MOD - C:\Programme\BearShare Applications\MediaBar\DataMngr\datamngr.dll ()
MOD - C:\Windows\System32\msvcr71.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\System32\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_062a651.dll ()
SRV - (sdCoreService) -- C:\Programme\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (sdAuxService) -- C:\Programme\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (XDva368) -- C:\Windows\System32\XDva368.sys File not found
DRV - (XDva367) -- C:\Windows\System32\XDva367.sys File not found
DRV - (XDva362) -- C:\Windows\System32\XDva362.sys File not found
DRV - (XDva359) -- C:\Windows\System32\XDva359.sys File not found
DRV - (XDva358) -- C:\Windows\System32\XDva358.sys File not found
DRV - (XDva354) -- C:\Windows\System32\XDva354.sys File not found
DRV - (XDva352) -- C:\Windows\System32\XDva352.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (PnkBstrK) -- C:\Windows\System32\drivers\PnkBstrK.sys ()
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (pctEFA) -- C:\Windows\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (35624452) -- C:\Windows\system32\DRIVERS\35624452.sys (Kaspersky Lab)
DRV - (setup_9.0.0.722_10.10.2010_06-36drv) -- C:\Windows\System32\drivers\3562445.sys (Kaspersky Lab)
DRV - (35624451) -- C:\Windows\System32\drivers\35624451.sys (Kaspersky Lab)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (LVUVC) Logitech Webcam 250(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2431245&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {038cb5c7-48ea-4af9-94e0-a1646542e62b}:2.7.2.0
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..keyword.URL: "hxxp://search.bearshare.com/web?src=ffb&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.19 15:00:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.19 15:00:29 | 000,000,000 | ---D | M]
 
[2010.07.17 13:44:11 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Extensions
[2010.10.11 21:38:28 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions
[2010.10.05 13:52:03 | 000,000,000 | ---D | M] (ToggleEN Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}
[2010.09.03 14:53:43 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.08.04 03:42:11 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.07.20 01:38:36 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2010.10.11 21:38:13 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\battlefieldheroespatcher@ea.com
[2010.04.12 14:01:54 | 000,002,476 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\FireFox\Profiles\di5rjcbj.default\searchplugins\BearShareWebSearch.xml
[2010.06.08 11:29:10 | 000,000,927 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\FireFox\Profiles\di5rjcbj.default\searchplugins\conduit.xml
[2010.10.11 21:38:28 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.15 11:18:07 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.11.10 03:30:56 | 000,189,592 | ---- | M] (MGame) -- C:\Programme\Mozilla Firefox\plugins\NPMFireLauncher.dll
[2010.09.19 15:00:22 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.12 14:01:54 | 000,002,476 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2010.09.19 15:00:22 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.19 15:00:22 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.19 15:00:22 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.19 15:00:22 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O2 - BHO: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Programme\BearShare Applications\MediaBar\DataMngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O3 - HKLM\..\Toolbar: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DataMngr] C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PC Optimizer Pro] C:\Program Files\PC Optimizer Pro\StartApps.exe (Tweaking Tools)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [NexonEULauncher]  File not found
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Programme\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk = C:\Users\Steffen\Desktop\Virus Removal Tool\setup_9.0.0.722_10.10.2010_06-36\startup.exe ()
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\gameboxchrome {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll) - C:\Programme\BearShare Applications\MediaBar\DataMngr\datamngr.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{807ea3fa-7850-11df-849d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{807ea3fa-7850-11df-849d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger -  File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo - vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - lvcodec2.dll (Logitech Inc.)
Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.XFR1 - xfcodec.dll ()
Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.12 10:33:45 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2010.10.12 10:33:45 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2010.10.12 10:33:44 | 000,247,824 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010.10.12 10:33:44 | 000,102,184 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010.10.12 10:33:40 | 000,237,632 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010.10.12 10:33:40 | 000,159,296 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010.10.12 10:33:29 | 000,123,968 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplfw.sys
[2010.10.12 10:33:29 | 000,087,400 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-PacketFilter.sys
[2010.10.12 10:33:29 | 000,031,960 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-DNS.sys
[2010.10.12 10:33:28 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010.10.12 10:32:59 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PC Tools
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\Programme\PC Tools Security
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\PC Tools
[2010.10.12 10:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010.10.11 22:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.10.11 22:10:48 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\3562445.sys
[2010.10.11 22:10:48 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\35624451.sys
[2010.10.11 22:10:48 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\35624452.sys
[2010.10.11 22:10:47 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Desktop\Virus Removal Tool
[2010.10.11 21:56:12 | 000,000,000 | ---D | C] -- C:\Programme\OMFGZ Infinite Dll Injector
[2010.10.11 21:55:57 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2010.10.11 21:55:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2010.10.11 21:55:44 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Desktop\OMFGZ Infinite Dll Injector
[2010.10.11 21:54:33 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Users\Steffen\Desktop\setup.exe
[2010.10.09 10:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2010.10.08 21:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2010.10.05 14:12:56 | 000,000,000 | ---D | C] -- C:\Programme\GameBox
[2010.10.05 13:51:59 | 000,000,000 | ---D | C] -- C:\Programme\ConduitEngine
[2010.10.05 13:51:56 | 000,000,000 | ---D | C] -- C:\Programme\ToggleEN
[2010.10.05 13:38:45 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2010.10.04 21:32:41 | 000,000,000 | ---D | C] -- C:\Programme\Hurrican
[2010.10.04 16:06:03 | 000,000,000 | ---D | C] -- C:\Programme\Cheatbook 07.2009
[2010.10.04 15:34:04 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\Fallout3
[2010.10.04 15:33:33 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.10.04 15:14:30 | 000,000,000 | ---D | C] -- C:\Programme\Bethesda Softworks
[2010.10.04 15:14:25 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.10.04 15:14:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.10.04 15:14:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.10.04 15:14:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.10.04 15:14:24 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.10.04 15:14:23 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.10.04 15:14:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.10.04 15:14:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.10.04 15:14:21 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.10.04 15:14:20 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.10.04 15:14:20 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.10.04 15:14:19 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.10.04 15:14:17 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.10.04 13:42:16 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.10.04 13:42:16 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.10.04 13:40:29 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.10.04 13:40:29 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.10.04 13:40:29 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.10.04 13:39:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010.10.04 13:39:46 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Games for Windows - LIVE
[2010.10.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\Cross Fire
[2010.10.02 21:11:52 | 000,000,000 | ---D | C] -- C:\CFLog
[2010.10.02 20:46:14 | 000,000,000 | ---D | C] -- C:\Programme\Z8Games
[2010.10.02 12:40:47 | 000,000,000 | ---D | C] -- C:\Download
[2010.10.02 12:40:26 | 000,000,000 | ---D | C] -- C:\Nexon
[2010.10.02 12:40:25 | 000,438,272 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2010.09.29 16:09:19 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\My Games
[2010.09.27 18:38:50 | 000,000,000 | ---D | C] -- C:\Programme\EA Games
[2010.09.23 20:43:43 | 000,000,000 | ---D | C] -- C:\Programme\ReviverSoft
[2010.09.23 20:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ReviverSoft
[2010.09.23 20:42:14 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\OpenCandy
[2010.09.23 20:42:12 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\OpenCandy
[2010.09.23 14:36:03 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.09.23 14:36:03 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.09.23 14:36:02 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.09.20 18:32:26 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\DivX
[2010.09.20 18:32:08 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine
[2010.09.20 18:31:45 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DivX Shared
[2010.09.20 18:30:08 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.09.20 18:29:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.09.19 20:03:45 | 000,000,000 | ---D | C] -- C:\Programme\HyCam2
[2010.09.19 14:54:39 | 000,000,000 | ---D | C] -- C:\Fraps
[2010.09.19 14:38:39 | 000,000,000 | ---D | C] -- C:\Programme\Game Cam
[2010.09.18 17:55:55 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\HyperCam3
[2010.09.18 17:13:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Solveig Multimedia
[2010.09.18 17:13:11 | 000,000,000 | ---D | C] -- C:\Programme\HyperCam 3
[2010.09.18 17:08:01 | 000,000,000 | ---D | C] -- C:\Programme\CamStudio
[2010.09.16 16:39:49 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\Doom_(1993)_(Id_Software)
[2010.09.16 16:32:05 | 000,000,000 | ---D | C] -- C:\Programme\DOOM 3
[2010.09.16 14:14:38 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\PriceGong
[2010.09.16 14:14:38 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\bearsharemediabartb
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\XfireXO
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\softonic-de3
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\DVDVideoSoftTB
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\Conduit
[2010.09.15 17:01:58 | 736,407,212 | ---- | C] (InstallShield Software Corporation) -- C:\Users\Steffen\Desktop\S4League.exe
[2010.09.14 15:45:37 | 000,000,000 | ---D | C] -- C:\Programme\VTFEdit
[2010.09.14 15:05:48 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\System32\D3DX81ab.dll
[2010.09.14 15:05:47 | 000,000,000 | ---D | C] -- C:\Programme\Cheat Engine
[2010.09.14 14:07:12 | 000,000,000 | ---D | C] -- C:\Programme\AutoIt3
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.12 13:22:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.12 13:15:46 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.12 13:15:41 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.12 12:37:59 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001UA.job
[2010.10.12 10:34:10 | 001,186,460 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2010.10.12 10:29:25 | 000,507,360 | ---- | M] () -- C:\Users\Steffen\Desktop\sdsetup.exe
[2010.10.11 23:09:15 | 000,001,532 | -HS- | M] () -- C:\Windows\setup_9.0.0.722_10.10.2010_06-36drv.spi
[2010.10.11 22:12:46 | 000,002,169 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk
[2010.10.11 22:04:52 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-Steffen-Startup.job
[2010.10.11 22:03:09 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.11 22:03:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2010.10.11 22:02:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.11 22:02:51 | 3181,760,512 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.11 21:55:57 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2010.10.11 21:55:57 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2010.10.11 21:54:36 | 000,000,303 | ---- | M] () -- C:\Windows\ST6UNST.000
[2010.10.11 16:37:59 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001Core.job
[2010.10.09 16:50:01 | 000,011,975 | ---- | M] () -- C:\Users\Steffen\Documents\selbst gemachte limonade machen(^-^).docx
[2010.10.09 16:44:28 | 000,001,744 | ---- | M] () -- C:\Users\Steffen\Desktop\Mozilla Firefox.lnk
[2010.10.08 21:05:03 | 000,001,580 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2010.10.07 20:48:33 | 1779,088,160 | -H-- | M] () -- C:\Users\Steffen\Desktop\LOCO_Setup.exe.part
[2010.10.05 13:40:30 | 000,000,788 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.10.04 21:32:49 | 000,000,841 | ---- | M] () -- C:\Users\Steffen\Desktop\Hurrican.lnk
[2010.10.04 15:33:33 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.10.03 17:38:31 | 000,001,019 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2010.10.02 12:40:25 | 000,438,272 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2010.09.28 20:08:09 | 000,374,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.09.28 13:46:29 | 000,138,184 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.09.28 13:46:08 | 000,215,016 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.09.27 18:54:12 | 000,138,056 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\PnkBstrK.sys
[2010.09.27 18:53:50 | 002,427,248 | ---- | M] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.09.23 20:46:32 | 000,000,794 | ---- | M] () -- C:\Users\Steffen\Desktop\Cheat Engine.lnk
[2010.09.23 14:44:26 | 000,670,934 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.23 14:44:26 | 000,631,636 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.23 14:44:26 | 000,144,082 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.23 14:44:26 | 000,118,262 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.21 15:03:36 | 000,006,756 | ---- | M] () -- C:\Users\Steffen\AppData\Local\d3d9caps.dat
[2010.09.20 18:58:06 | 000,008,192 | ---- | M] () -- C:\Users\Steffen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.20 18:32:47 | 000,001,398 | ---- | M] () -- C:\Users\Steffen\Desktop\DivX Movies.lnk
[2010.09.20 18:32:20 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.09.20 18:32:02 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.09.19 20:25:46 | 000,000,516 | ---- | M] () -- C:\Users\Steffen\Desktop\Fraps.lnk
[2010.09.19 12:59:29 | 000,009,554 | ---- | M] () -- C:\video.pass
[2010.09.18 17:13:14 | 000,000,842 | ---- | M] () -- C:\Users\Steffen\Desktop\HyperCam 3.lnk
[2010.09.18 17:08:16 | 000,000,813 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2010.09.15 17:34:33 | 736,407,212 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Steffen\Desktop\S4League.exe
[2010.09.15 16:53:55 | 000,001,699 | ---- | M] () -- C:\Users\Steffen\Desktop\Notepad.lnk
[2010.09.14 15:45:38 | 000,000,740 | ---- | M] () -- C:\Users\Steffen\Desktop\VTFEdit.lnk
[2010.09.14 14:30:59 | 000,000,291 | ---- | M] () -- C:\Users\Steffen\SciTE.session
[2010.09.14 14:08:34 | 000,031,076 | ---- | M] () -- C:\Users\Steffen\abbrev.properties
 
========== Files Created - No Company Name ==========
 
[2010.10.12 10:33:48 | 001,186,460 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2010.10.12 10:29:40 | 000,507,360 | ---- | C] () -- C:\Users\Steffen\Desktop\sdsetup.exe
[2010.10.11 22:21:21 | 000,001,532 | -HS- | C] () -- C:\Windows\setup_9.0.0.722_10.10.2010_06-36drv.spi
[2010.10.11 22:12:46 | 000,002,169 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk
[2010.10.11 21:54:36 | 000,000,303 | ---- | C] () -- C:\Windows\ST6UNST.000
[2010.10.09 16:50:00 | 000,011,975 | ---- | C] () -- C:\Users\Steffen\Documents\selbst gemachte limonade machen(^-^).docx
[2010.10.09 16:44:28 | 000,001,744 | ---- | C] () -- C:\Users\Steffen\Desktop\Mozilla Firefox.lnk
[2010.10.08 21:05:03 | 000,001,580 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2010.10.05 13:38:46 | 000,000,788 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.10.04 21:32:49 | 000,000,841 | ---- | C] () -- C:\Users\Steffen\Desktop\Hurrican.lnk
[2010.10.03 17:38:31 | 000,001,019 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2010.10.02 16:33:18 | 000,001,114 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001UA.job
[2010.10.02 16:33:16 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001Core.job
[2010.10.02 16:28:15 | 1779,088,160 | -H-- | C] () -- C:\Users\Steffen\Desktop\LOCO_Setup.exe.part
[2010.09.27 18:53:49 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.09.23 20:44:18 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\Registry Reviver-Steffen-Startup.job
[2010.09.20 18:32:47 | 000,001,398 | ---- | C] () -- C:\Users\Steffen\Desktop\DivX Movies.lnk
[2010.09.20 18:32:20 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.09.20 18:32:02 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.09.19 20:25:46 | 000,000,516 | ---- | C] () -- C:\Users\Steffen\Desktop\Fraps.lnk
[2010.09.18 17:13:14 | 000,000,842 | ---- | C] () -- C:\Users\Steffen\Desktop\HyperCam 3.lnk
[2010.09.18 17:08:16 | 000,000,813 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2010.09.15 16:53:55 | 000,001,699 | ---- | C] () -- C:\Users\Steffen\Desktop\Notepad.lnk
[2010.09.14 15:45:38 | 000,000,740 | ---- | C] () -- C:\Users\Steffen\Desktop\VTFEdit.lnk
[2010.09.14 15:05:50 | 000,000,794 | ---- | C] () -- C:\Users\Steffen\Desktop\Cheat Engine.lnk
[2010.09.14 15:05:48 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.09.14 14:30:59 | 000,000,291 | ---- | C] () -- C:\Users\Steffen\SciTE.session
[2010.09.14 14:08:34 | 000,031,076 | ---- | C] () -- C:\Users\Steffen\abbrev.properties
[2010.09.09 13:05:37 | 000,008,192 | ---- | C] () -- C:\Users\Steffen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.01 19:00:53 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010.08.20 16:15:50 | 000,000,552 | ---- | C] () -- C:\Users\Steffen\AppData\Local\d3d8caps.dat
[2010.07.24 19:58:48 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.24 19:58:47 | 000,138,056 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\PnkBstrK.sys
[2010.07.09 21:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.06.15 10:27:16 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010.06.15 10:27:13 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2010.06.15 10:15:51 | 000,006,756 | ---- | C] () -- C:\Users\Steffen\AppData\Local\d3d9caps.dat
[2010.06.14 21:35:23 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1576.dll
[2009.08.07 19:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.05.08 10:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009.04.30 16:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
========== LOP Check ==========
 
[2010.10.08 18:50:22 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\ICQ
[2010.10.05 14:41:48 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\Teeworlds
[2010.08.04 23:06:42 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\UseNeXT
[2010.09.16 14:15:25 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\bearsharemediabartb
[2010.09.01 19:01:33 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\Leadertech
[2010.07.20 01:43:25 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\MusicNet
[2010.09.23 20:42:12 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\OpenCandy
[2010.09.16 14:14:38 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\PriceGong
[2010.08.04 22:54:40 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\Uniblue
[2010.07.20 01:31:58 | 000,000,296 | ---- | M] () -- C:\Windows\Tasks\BearShare NAG.job
[2010.10.11 22:04:52 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\Registry Reviver-Steffen-Startup.job
[2010.10.11 22:03:09 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2010.10.11 22:02:03 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
<  >
 
========== Files - Unicode (All) ==========
[2010.10.09 10:42:32 | 000,000,000 | ---D | M](C:\Users\Steffen\Documents\?? ???) -- C:\Users\Steffen\Documents\넥슨 플러그
[2010.10.09 10:42:32 | 000,000,000 | ---D | C](C:\Users\Steffen\Documents\?? ???) -- C:\Users\Steffen\Documents\넥슨 플러그
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
--- --- ---





Extras.Txt:OTL Logfile:
Code:
OTL Extras logfile created on: 12.10.2010 13:24:11 - Run 1
OTL by OldTimer - Version 3.2.15.1    Folder = c:\Users\Steffen\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218,20 Gb Total Space | 74,24 Gb Free Space | 34,02% Space Free | Partition Type: NTFS
Drive D: | 14,65 Gb Total Space | 8,61 Gb Free Space | 58,77% Space Free | Partition Type: NTFS
 
Computer Name: KIKE-PC | User Name: Steffen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4C8B1755-A67D-421A-A1C2-826F3EF80FCA}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface |
"{633F1973-8B42-4096-BABC-FB39393B3BDC}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{84CA6922-08B6-48E1-8343-708D274C5170}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{9624AB2E-F324-452E-B995-C2A459CA479A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C09B7C51-8FE6-41C6-8EDE-C214A30152F5}" = lport=2869 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03910F00-6DE6-43C5-B7E2-E5B034F59DBE}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{04025BF5-06D2-46C4-8B37-A036C16741E9}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{0738C38C-A8DC-4DBE-A8CE-63E5B5C16B71}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{08665967-A5A0-44B2-94EC-00CB732F5C3B}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{127FDA84-6990-4614-B509-56114A822423}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{201220D0-5350-43EB-84A3-9B2DA7FC6775}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{20C86574-F1CD-48BF-BA3E-AAB8888D975C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{21775559-A821-452E-BE2E-A563D3578317}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2ACD5085-6AE9-495E-AA3A-973BC6455B48}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{36F10B03-DAF4-46C3-9E02-BA2F5954F2A6}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{3E5BBF84-F048-48A0-A7ED-A491F4D69546}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{3F1A093F-0D90-47A3-A301-82D3E654104F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{4089CD84-0AC6-4E61-9622-7FAE9B5FC7DC}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4C7ADFA8-0F8A-45FB-A3A5-51D36678C702}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4DF08CAB-B385-4A70-AA2D-755FEF8B91B5}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{5937D2CF-2B27-4041-862B-87A0CE8C7A57}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63334128-68AD-4A74-AFC2-F96D71673435}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{68F1021E-434E-4E0E-9B1F-C0D0FAB51DC8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6942EC95-AE6C-4C5B-9BB2-A2E10E8E2266}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{738D68D6-791F-4092-85EB-961FF992CE8B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{77ACF2EB-97D5-436A-AA0E-BBE628476776}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78813B60-E022-48C5-AC8A-13F9EDD9CFF6}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{78B32F87-8223-4687-A64A-8B83C78F6039}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{89855C7B-1624-412F-9A22-F1E85FD0466D}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{9B679BB9-206B-4149-803D-EF71DEC85531}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{9EC0FFDE-A034-425D-AC82-37825E7249D0}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{ABBC2E29-792F-4A3D-A787-E6FE20D4929E}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B19B7414-08A7-4554-90CF-F275CDC52F48}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{B6BE9ABE-0595-442A-8C04-A60C3850A1F8}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{B6CA0FB9-08D0-4438-AE82-E35D8886C3B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7150442-7A73-48D5-9D3D-01579C484D98}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{B7DCAB15-A08C-4971-A93B-07BE313DA8BC}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{C4AFE685-1F9A-4836-BEF4-07B2A0E9A02F}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{D2E3F04B-E133-4CDB-8645-7447C94B81A1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{DE31BFBF-746F-48E1-ABA9-CEF5AD84F161}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E2CA6A41-6D90-455B-97C8-B837949617C8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E93E100A-AFA1-4AD1-A529-AE8E8CD60AA4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{EF4075CB-489D-46B3-B8A7-DC4E4F4FBD02}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{F5D9C5D7-7A8A-4701-87B2-433797BA4640}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"TCP Query User{29D2B9DC-E2CE-43DE-B7EE-CA2A255DC941}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{4A0FC996-1921-42BB-8A6A-067C24921906}C:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe |
"TCP Query User{C3BB8354-C1B5-47E1-B6FD-BAA384622A61}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"TCP Query User{EAC525EE-CA27-408F-AC08-32521FD7D7BD}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{0CF276FB-FB9F-4408-BA12-2C9CEE2E94C6}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{236957ED-EA89-4AA2-8C8C-3C6BB70F7953}C:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe |
"UDP Query User{7F3AC2AA-E66E-4506-BE8B-06AC37FF4BD6}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{B7C1BB9C-A722-4C58-AED6-14C02557AF64}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1B3EC2E9-67E3-4D10-B1B8-BD71D7DC8930}" = Eternia LastChaos
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{310945EF-6EC9-4D54-9E67-36EAF4AF7A95}" = S4 League_EU
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CBEA715-B6DD-4943-B505-5E435C2B6126}" = S4 League_EU
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{BC27061D-FFCE-4931-A05F-AC964CC026CA}" = Registry Reviver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D66F2695-E97D-4D42-A793-2F02ACB7E2A4}" = S4 League_EU
"{DB52432E-3AD8-41A5-A586-0F065FB6A31E}" = Game Cam
"{E285F3B1-A840-414F-9A95-47627A16E633}" = AvalonHeroesEU
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{EE53A1EB-B273-4657-B39E-93E0B29FA880}" = S4 League_EU
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"Akamai" = Akamai NetSession Interface
"AutoItv3" = AutoIt v3.3.6.1
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BearShare" = BearShare
"BearShare MediaBar" = MediaBar
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"CamStudio" = CamStudio
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"Cheatbook 07.2009" = Cheatbook 07.2009
"Combat Arms EU" = Combat Arms EU
"conduitEngine" = Conduit Engine
"Cross Fire_is1" = Cross Fire En
"Digital DJ Pro" = Digital DJ Pro 1.7.0
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FlorensiaEN" = FlorensiaEN 1.0
"Fraps" = Fraps (remove only)
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.0
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.8
"Game Cam" = Game Cam 2.54.0.47
"GameBox" = GameBox Toolbar
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Hurrican_is1" = Hurrican 1.0.0.4
"HyperCam 2" = HyperCam 2
"HyperCam 3" = HyperCam 3
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"OPERATION7" = OPERATION7
"PC Optimizer Pro" = PC Optimizer Pro
"PriceGong" = PriceGong 2.1.0
"PunkBusterSvc" = PunkBuster Services
"RegistryReviver" = Registry Reviver
"SciTE4AutoIt3" = SciTE4AutoIt3 2/28/2010
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Spyware Doctor" = Spyware Doctor 8.0
"ST6UNST #1" = OMFGZ Infinite Dll Injector
"Steam App 13140" = America's Army 3
"Steam App 310" = Team Fortress 2 Dedicated Server
"ToggleEN Toolbar" = ToggleEN Toolbar
"TweakUAC_is1" = TweakUAC
"Uninstall_is1" = Uninstall 1.0.0.1
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 1.1.4
"VTFEdit_is1" = VTFEdit 1.2.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12.10.2010 07:18:14 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:18:14 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:28:20 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:28:20 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
[ Broadcom Wireless LAN Events ]
Error - 20.08.2010 08:47:24 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 14:47:24, Fri, Aug 20, 10 Error - Unable to gain access to user store

 
Error - 29.08.2010 07:53:29 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 13:53:28, Sun, Aug 29, 10 Error - Unable to gain access to user store

 
Error - 30.08.2010 10:28:52 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 16:28:51, Mon, Aug 30, 10 Error - Unable to gain access to user store

 
Error - 06.09.2010 15:02:04 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 21:02:03, Mon, Sep 06, 10 Error - Unable to gain access to user store

 
Error - 07.09.2010 10:39:25 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 16:39:25, Tue, Sep 07, 10 Error - Unable to gain access to user store

 
Error - 26.09.2010 12:57:19 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 18:57:18, Sun, Sep 26, 10 Error - Unable to gain access to user store

 
Error - 01.10.2010 02:51:57 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 08:51:56, Fri, Oct 01, 10 Error - Unable to gain access to user store

 
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
--- --- ---

was soll ich jetzt tun?
endschuldigen wegen so vielen posts auf einmal^^

Kike1807 12.10.2010 12:55
das steht dort:
OTL.Txt:OTL Logfile:
Code:
OTL logfile created on: 12.10.2010 13:24:11 - Run 1
OTL by OldTimer - Version 3.2.15.1    Folder = c:\Users\Steffen\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218,20 Gb Total Space | 74,24 Gb Free Space | 34,02% Space Free | Partition Type: NTFS
Drive D: | 14,65 Gb Total Space | 8,61 Gb Free Space | 58,77% Space Free | Partition Type: NTFS
 
Computer Name: KIKE-PC | User Name: Steffen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - c:\Users\Steffen\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Programme\PC Optimizer Pro\PCOptimizerPro.exe (Tweaking Tools Inc)
PRC - C:\Programme\Uniblue\RegistryBooster\registrybooster.exe (Uniblue Systems Limited)
PRC - C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
PRC - C:\Programme\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - c:\Users\Steffen\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Programme\PC Tools Security\PCTGMhk.dll (PC Tools)
MOD - C:\Programme\Xfire\xfire_toucan_43094.dll (Xfire Inc.)
MOD - C:\Programme\BearShare Applications\MediaBar\DataMngr\datamngr.dll ()
MOD - C:\Windows\System32\msvcr71.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\System32\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_062a651.dll ()
SRV - (sdCoreService) -- C:\Programme\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (sdAuxService) -- C:\Programme\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (XDva368) -- C:\Windows\System32\XDva368.sys File not found
DRV - (XDva367) -- C:\Windows\System32\XDva367.sys File not found
DRV - (XDva362) -- C:\Windows\System32\XDva362.sys File not found
DRV - (XDva359) -- C:\Windows\System32\XDva359.sys File not found
DRV - (XDva358) -- C:\Windows\System32\XDva358.sys File not found
DRV - (XDva354) -- C:\Windows\System32\XDva354.sys File not found
DRV - (XDva352) -- C:\Windows\System32\XDva352.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (PnkBstrK) -- C:\Windows\System32\drivers\PnkBstrK.sys ()
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (pctEFA) -- C:\Windows\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (35624452) -- C:\Windows\system32\DRIVERS\35624452.sys (Kaspersky Lab)
DRV - (setup_9.0.0.722_10.10.2010_06-36drv) -- C:\Windows\System32\drivers\3562445.sys (Kaspersky Lab)
DRV - (35624451) -- C:\Windows\System32\drivers\35624451.sys (Kaspersky Lab)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (LVUVC) Logitech Webcam 250(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2431245&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {038cb5c7-48ea-4af9-94e0-a1646542e62b}:2.7.2.0
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..keyword.URL: "hxxp://search.bearshare.com/web?src=ffb&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.19 15:00:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.19 15:00:29 | 000,000,000 | ---D | M]
 
[2010.07.17 13:44:11 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Extensions
[2010.10.11 21:38:28 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions
[2010.10.05 13:52:03 | 000,000,000 | ---D | M] (ToggleEN Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}
[2010.09.03 14:53:43 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.08.04 03:42:11 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.07.20 01:38:36 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2010.10.11 21:38:13 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\battlefieldheroespatcher@ea.com
[2010.04.12 14:01:54 | 000,002,476 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\FireFox\Profiles\di5rjcbj.default\searchplugins\BearShareWebSearch.xml
[2010.06.08 11:29:10 | 000,000,927 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\FireFox\Profiles\di5rjcbj.default\searchplugins\conduit.xml
[2010.10.11 21:38:28 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.15 11:18:07 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.11.10 03:30:56 | 000,189,592 | ---- | M] (MGame) -- C:\Programme\Mozilla Firefox\plugins\NPMFireLauncher.dll
[2010.09.19 15:00:22 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.12 14:01:54 | 000,002,476 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2010.09.19 15:00:22 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.19 15:00:22 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.19 15:00:22 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.19 15:00:22 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O2 - BHO: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Programme\BearShare Applications\MediaBar\DataMngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O3 - HKLM\..\Toolbar: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DataMngr] C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PC Optimizer Pro] C:\Program Files\PC Optimizer Pro\StartApps.exe (Tweaking Tools)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [NexonEULauncher]  File not found
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Programme\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk = C:\Users\Steffen\Desktop\Virus Removal Tool\setup_9.0.0.722_10.10.2010_06-36\startup.exe ()
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\gameboxchrome {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll) - C:\Programme\BearShare Applications\MediaBar\DataMngr\datamngr.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{807ea3fa-7850-11df-849d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{807ea3fa-7850-11df-849d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000 begin_of_the_skype_highlighting**************056-444553540000******end_of_the_skype_highlighting} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger -  File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo - vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - lvcodec2.dll (Logitech Inc.)
Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.XFR1 - xfcodec.dll ()
Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.12 10:33:45 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2010.10.12 10:33:45 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2010.10.12 10:33:44 | 000,247,824 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010.10.12 10:33:44 | 000,102,184 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010.10.12 10:33:40 | 000,237,632 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010.10.12 10:33:40 | 000,159,296 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010.10.12 10:33:29 | 000,123,968 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplfw.sys
[2010.10.12 10:33:29 | 000,087,400 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-PacketFilter.sys
[2010.10.12 10:33:29 | 000,031,960 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-DNS.sys
[2010.10.12 10:33:28 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010.10.12 10:32:59 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PC Tools
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\Programme\PC Tools Security
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\PC Tools
[2010.10.12 10:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010.10.11 22:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.10.11 22:10:48 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\3562445.sys
[2010.10.11 22:10:48 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\35624451.sys
[2010.10.11 22:10:48 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\35624452.sys
[2010.10.11 22:10:47 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Desktop\Virus Removal Tool
[2010.10.11 21:56:12 | 000,000,000 | ---D | C] -- C:\Programme\OMFGZ Infinite Dll Injector
[2010.10.11 21:55:57 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2010.10.11 21:55:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2010.10.11 21:55:44 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Desktop\OMFGZ Infinite Dll Injector
[2010.10.11 21:54:33 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Users\Steffen\Desktop\setup.exe
[2010.10.09 10:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2010.10.08 21:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2010.10.05 14:12:56 | 000,000,000 | ---D | C] -- C:\Programme\GameBox
[2010.10.05 13:51:59 | 000,000,000 | ---D | C] -- C:\Programme\ConduitEngine
[2010.10.05 13:51:56 | 000,000,000 | ---D | C] -- C:\Programme\ToggleEN
[2010.10.05 13:38:45 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2010.10.04 21:32:41 | 000,000,000 | ---D | C] -- C:\Programme\Hurrican
[2010.10.04 16:06:03 | 000,000,000 | ---D | C] -- C:\Programme\Cheatbook 07.2009
[2010.10.04 15:34:04 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\Fallout3
[2010.10.04 15:33:33 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.10.04 15:14:30 | 000,000,000 | ---D | C] -- C:\Programme\Bethesda Softworks
[2010.10.04 15:14:25 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.10.04 15:14:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.10.04 15:14:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.10.04 15:14:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.10.04 15:14:24 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.10.04 15:14:23 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.10.04 15:14:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.10.04 15:14:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.10.04 15:14:21 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.10.04 15:14:20 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.10.04 15:14:20 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.10.04 15:14:19 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.10.04 15:14:17 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.10.04 13:42:16 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.10.04 13:42:16 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.10.04 13:40:29 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.10.04 13:40:29 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.10.04 13:40:29 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.10.04 13:39:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010.10.04 13:39:46 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Games for Windows - LIVE
[2010.10.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\Cross Fire
[2010.10.02 21:11:52 | 000,000,000 | ---D | C] -- C:\CFLog
[2010.10.02 20:46:14 | 000,000,000 | ---D | C] -- C:\Programme\Z8Games
[2010.10.02 12:40:47 | 000,000,000 | ---D | C] -- C:\Download
[2010.10.02 12:40:26 | 000,000,000 | ---D | C] -- C:\Nexon
[2010.10.02 12:40:25 | 000,438,272 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2010.09.29 16:09:19 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\My Games
[2010.09.27 18:38:50 | 000,000,000 | ---D | C] -- C:\Programme\EA Games
[2010.09.23 20:43:43 | 000,000,000 | ---D | C] -- C:\Programme\ReviverSoft
[2010.09.23 20:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ReviverSoft
[2010.09.23 20:42:14 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\OpenCandy
[2010.09.23 20:42:12 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\OpenCandy
[2010.09.23 14:36:03 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.09.23 14:36:03 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.09.23 14:36:02 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.09.20 18:32:26 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\DivX
[2010.09.20 18:32:08 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine
[2010.09.20 18:31:45 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DivX Shared
[2010.09.20 18:30:08 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.09.20 18:29:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.09.19 20:03:45 | 000,000,000 | ---D | C] -- C:\Programme\HyCam2
[2010.09.19 14:54:39 | 000,000,000 | ---D | C] -- C:\Fraps
[2010.09.19 14:38:39 | 000,000,000 | ---D | C] -- C:\Programme\Game Cam
[2010.09.18 17:55:55 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\HyperCam3
[2010.09.18 17:13:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Solveig Multimedia
[2010.09.18 17:13:11 | 000,000,000 | ---D | C] -- C:\Programme\HyperCam 3
[2010.09.18 17:08:01 | 000,000,000 | ---D | C] -- C:\Programme\CamStudio
[2010.09.16 16:39:49 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\Doom_(1993)_(Id_Software)
[2010.09.16 16:32:05 | 000,000,000 | ---D | C] -- C:\Programme\DOOM 3
[2010.09.16 14:14:38 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\PriceGong
[2010.09.16 14:14:38 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\bearsharemediabartb
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\XfireXO
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\softonic-de3
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\DVDVideoSoftTB
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\Conduit
[2010.09.15 17:01:58 | 736,407,212 | ---- | C] (InstallShield Software Corporation) -- C:\Users\Steffen\Desktop\S4League.exe
[2010.09.14 15:45:37 | 000,000,000 | ---D | C] -- C:\Programme\VTFEdit
[2010.09.14 15:05:48 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\System32\D3DX81ab.dll
[2010.09.14 15:05:47 | 000,000,000 | ---D | C] -- C:\Programme\Cheat Engine
[2010.09.14 14:07:12 | 000,000,000 | ---D | C] -- C:\Programme\AutoIt3
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.12 13:22:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.12 13:15:46 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.12 13:15:41 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.12 12:37:59 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001UA.job
[2010.10.12 10:34:10 | 001,186,460 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2010.10.12 10:29:25 | 000,507,360 | ---- | M] () -- C:\Users\Steffen\Desktop\sdsetup.exe
[2010.10.11 23:09:15 | 000,001,532 | -HS- | M] () -- C:\Windows\setup_9.0.0.722_10.10.2010_06-36drv.spi
[2010.10.11 22:12:46 | 000,002,169 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk
[2010.10.11 22:04:52 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-Steffen-Startup.job
[2010.10.11 22:03:09 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.11 22:03:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2010.10.11 22:02:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.11 22:02:51 | 3181,760,512 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.11 21:55:57 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2010.10.11 21:55:57 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2010.10.11 21:54:36 | 000,000,303 | ---- | M] () -- C:\Windows\ST6UNST.000
[2010.10.11 16:37:59 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001Core.job
[2010.10.09 16:50:01 | 000,011,975 | ---- | M] () -- C:\Users\Steffen\Documents\selbst gemachte limonade machen(^-^).docx
[2010.10.09 16:44:28 | 000,001,744 | ---- | M] () -- C:\Users\Steffen\Desktop\Mozilla Firefox.lnk
[2010.10.08 21:05:03 | 000,001,580 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2010.10.07 20:48:33 | 1779,088,160 | -H-- | M] () -- C:\Users\Steffen\Desktop\LOCO_Setup.exe.part
[2010.10.05 13:40:30 | 000,000,788 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.10.04 21:32:49 | 000,000,841 | ---- | M] () -- C:\Users\Steffen\Desktop\Hurrican.lnk
[2010.10.04 15:33:33 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.10.03 17:38:31 | 000,001,019 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2010.10.02 12:40:25 | 000,438,272 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2010.09.28 20:08:09 | 000,374,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.09.28 13:46:29 | 000,138,184 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.09.28 13:46:08 | 000,215,016 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.09.27 18:54:12 | 000,138,056 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\PnkBstrK.sys
[2010.09.27 18:53:50 | 002,427,248 | ---- | M] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.09.23 20:46:32 | 000,000,794 | ---- | M] () -- C:\Users\Steffen\Desktop\Cheat Engine.lnk
[2010.09.23 14:44:26 | 000,670,934 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.23 14:44:26 | 000,631,636 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.23 14:44:26 | 000,144,082 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.23 14:44:26 | 000,118,262 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.21 15:03:36 | 000,006,756 | ---- | M] () -- C:\Users\Steffen\AppData\Local\d3d9caps.dat
[2010.09.20 18:58:06 | 000,008,192 | ---- | M] () -- C:\Users\Steffen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.20 18:32:47 | 000,001,398 | ---- | M] () -- C:\Users\Steffen\Desktop\DivX Movies.lnk
[2010.09.20 18:32:20 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.09.20 18:32:02 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.09.19 20:25:46 | 000,000,516 | ---- | M] () -- C:\Users\Steffen\Desktop\Fraps.lnk
[2010.09.19 12:59:29 | 000,009,554 | ---- | M] () -- C:\video.pass
[2010.09.18 17:13:14 | 000,000,842 | ---- | M] () -- C:\Users\Steffen\Desktop\HyperCam 3.lnk
[2010.09.18 17:08:16 | 000,000,813 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2010.09.15 17:34:33 | 736,407,212 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Steffen\Desktop\S4League.exe
[2010.09.15 16:53:55 | 000,001,699 | ---- | M] () -- C:\Users\Steffen\Desktop\Notepad.lnk
[2010.09.14 15:45:38 | 000,000,740 | ---- | M] () -- C:\Users\Steffen\Desktop\VTFEdit.lnk
[2010.09.14 14:30:59 | 000,000,291 | ---- | M] () -- C:\Users\Steffen\SciTE.session
[2010.09.14 14:08:34 | 000,031,076 | ---- | M] () -- C:\Users\Steffen\abbrev.properties
 
========== Files Created - No Company Name ==========
 
[2010.10.12 10:33:48 | 001,186,460 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2010.10.12 10:29:40 | 000,507,360 | ---- | C] () -- C:\Users\Steffen\Desktop\sdsetup.exe
[2010.10.11 22:21:21 | 000,001,532 | -HS- | C] () -- C:\Windows\setup_9.0.0.722_10.10.2010_06-36drv.spi
[2010.10.11 22:12:46 | 000,002,169 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk
[2010.10.11 21:54:36 | 000,000,303 | ---- | C] () -- C:\Windows\ST6UNST.000
[2010.10.09 16:50:00 | 000,011,975 | ---- | C] () -- C:\Users\Steffen\Documents\selbst gemachte limonade machen(^-^).docx
[2010.10.09 16:44:28 | 000,001,744 | ---- | C] () -- C:\Users\Steffen\Desktop\Mozilla Firefox.lnk
[2010.10.08 21:05:03 | 000,001,580 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2010.10.05 13:38:46 | 000,000,788 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.10.04 21:32:49 | 000,000,841 | ---- | C] () -- C:\Users\Steffen\Desktop\Hurrican.lnk
[2010.10.03 17:38:31 | 000,001,019 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2010.10.02 16:33:18 | 000,001,114 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001UA.job
[2010.10.02 16:33:16 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001Core.job
[2010.10.02 16:28:15 | 1779,088,160 | -H-- | C] () -- C:\Users\Steffen\Desktop\LOCO_Setup.exe.part
[2010.09.27 18:53:49 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.09.23 20:44:18 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\Registry Reviver-Steffen-Startup.job
[2010.09.20 18:32:47 | 000,001,398 | ---- | C] () -- C:\Users\Steffen\Desktop\DivX Movies.lnk
[2010.09.20 18:32:20 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.09.20 18:32:02 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.09.19 20:25:46 | 000,000,516 | ---- | C] () -- C:\Users\Steffen\Desktop\Fraps.lnk
[2010.09.18 17:13:14 | 000,000,842 | ---- | C] () -- C:\Users\Steffen\Desktop\HyperCam 3.lnk
[2010.09.18 17:08:16 | 000,000,813 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2010.09.15 16:53:55 | 000,001,699 | ---- | C] () -- C:\Users\Steffen\Desktop\Notepad.lnk
[2010.09.14 15:45:38 | 000,000,740 | ---- | C] () -- C:\Users\Steffen\Desktop\VTFEdit.lnk
[2010.09.14 15:05:50 | 000,000,794 | ---- | C] () -- C:\Users\Steffen\Desktop\Cheat Engine.lnk
[2010.09.14 15:05:48 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.09.14 14:30:59 | 000,000,291 | ---- | C] () -- C:\Users\Steffen\SciTE.session
[2010.09.14 14:08:34 | 000,031,076 | ---- | C] () -- C:\Users\Steffen\abbrev.properties
[2010.09.09 13:05:37 | 000,008,192 | ---- | C] () -- C:\Users\Steffen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.01 19:00:53 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010.08.20 16:15:50 | 000,000,552 | ---- | C] () -- C:\Users\Steffen\AppData\Local\d3d8caps.dat
[2010.07.24 19:58:48 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.24 19:58:47 | 000,138,056 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\PnkBstrK.sys
[2010.07.09 21:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.06.15 10:27:16 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010.06.15 10:27:13 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2010.06.15 10:15:51 | 000,006,756 | ---- | C] () -- C:\Users\Steffen\AppData\Local\d3d9caps.dat
[2010.06.14 21:35:23 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1576.dll
[2009.08.07 19:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.05.08 10:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009.04.30 16:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
========== LOP Check ==========
 
[2010.10.08 18:50:22 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\ICQ
[2010.10.05 14:41:48 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\Teeworlds
[2010.08.04 23:06:42 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\UseNeXT
[2010.09.16 14:15:25 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\bearsharemediabartb
[2010.09.01 19:01:33 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\Leadertech
[2010.07.20 01:43:25 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\MusicNet
[2010.09.23 20:42:12 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\OpenCandy
[2010.09.16 14:14:38 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\PriceGong
[2010.08.04 22:54:40 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\Uniblue
[2010.07.20 01:31:58 | 000,000,296 | ---- | M] () -- C:\Windows\Tasks\BearShare NAG.job
[2010.10.11 22:04:52 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\Registry Reviver-Steffen-Startup.job
[2010.10.11 22:03:09 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2010.10.11 22:02:03 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
<  >
 
========== Files - Unicode (All) ==========
[2010.10.09 10:42:32 | 000,000,000 | ---D | M](C:\Users\Steffen\Documents\?? ???) -- C:\Users\Steffen\Documents\넥슨 플러그
[2010.10.09 10:42:32 | 000,000,000 | ---D | C](C:\Users\Steffen\Documents\?? ???) -- C:\Users\Steffen\Documents\넥슨 플러그
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
--- --- ---





Extras.Txt:OTL Logfile:
Code:
OTL Extras logfile created on: 12.10.2010 13:24:11 - Run 1
OTL by OldTimer - Version 3.2.15.1    Folder = c:\Users\Steffen\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218,20 Gb Total Space | 74,24 Gb Free Space | 34,02% Space Free | Partition Type: NTFS
Drive D: | 14,65 Gb Total Space | 8,61 Gb Free Space | 58,77% Space Free | Partition Type: NTFS
 
Computer Name: KIKE-PC | User Name: Steffen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4C8B1755-A67D-421A-A1C2-826F3EF80FCA}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface |
"{633F1973-8B42-4096-BABC-FB39393B3BDC}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{84CA6922-08B6-48E1-8343-708D274C5170}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{9624AB2E-F324-452E-B995-C2A459CA479A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C09B7C51-8FE6-41C6-8EDE-C214A30152F5}" = lport=2869 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03910F00-6DE6-43C5-B7E2-E5B034F59DBE}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{04025BF5-06D2-46C4-8B37-A036C16741E9}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{0738C38C-A8DC-4DBE-A8CE-63E5B5C16B71}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{08665967-A5A0-44B2-94EC-00CB732F5C3B}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{127FDA84-6990-4614-B509-56114A822423}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{201220D0-5350-43EB-84A3-9B2DA7FC6775}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{20C86574-F1CD-48BF-BA3E-AAB8888D975C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{21775559-A821-452E-BE2E-A563D3578317}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2ACD5085-6AE9-495E-AA3A-973BC6455B48}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{36F10B03-DAF4-46C3-9E02-BA2F5954F2A6}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{3E5BBF84-F048-48A0-A7ED-A491F4D69546}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{3F1A093F-0D90-47A3-A301-82D3E654104F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{4089CD84-0AC6-4E61-9622-7FAE9B5FC7DC}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4C7ADFA8-0F8A-45FB-A3A5-51D36678C702}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4DF08CAB-B385-4A70-AA2D-755FEF8B91B5}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{5937D2CF-2B27-4041-862B-87A0CE8C7A57}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63334128-68AD-4A74-AFC2-F96D71673435}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{68F1021E-434E-4E0E-9B1F-C0D0FAB51DC8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6942EC95-AE6C-4C5B-9BB2-A2E10E8E2266}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{738D68D6-791F-4092-85EB-961FF992CE8B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{77ACF2EB-97D5-436A-AA0E-BBE628476776}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78813B60-E022-48C5-AC8A-13F9EDD9CFF6}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{78B32F87-8223-4687-A64A-8B83C78F6039}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{89855C7B-1624-412F-9A22-F1E85FD0466D}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{9B679BB9-206B-4149-803D-EF71DEC85531}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{9EC0FFDE-A034-425D-AC82-37825E7249D0}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{ABBC2E29-792F-4A3D-A787-E6FE20D4929E}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B19B7414-08A7-4554-90CF-F275CDC52F48}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{B6BE9ABE-0595-442A-8C04-A60C3850A1F8}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{B6CA0FB9-08D0-4438-AE82-E35D8886C3B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7150442-7A73-48D5-9D3D-01579C484D98}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{B7DCAB15-A08C-4971-A93B-07BE313DA8BC}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{C4AFE685-1F9A-4836-BEF4-07B2A0E9A02F}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{D2E3F04B-E133-4CDB-8645-7447C94B81A1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{DE31BFBF-746F-48E1-ABA9-CEF5AD84F161}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E2CA6A41-6D90-455B-97C8-B837949617C8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E93E100A-AFA1-4AD1-A529-AE8E8CD60AA4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{EF4075CB-489D-46B3-B8A7-DC4E4F4FBD02}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{F5D9C5D7-7A8A-4701-87B2-433797BA4640}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"TCP Query User{29D2B9DC-E2CE-43DE-B7EE-CA2A255DC941}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{4A0FC996-1921-42BB-8A6A-067C24921906}C:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe |
"TCP Query User{C3BB8354-C1B5-47E1-B6FD-BAA384622A61}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"TCP Query User{EAC525EE-CA27-408F-AC08-32521FD7D7BD}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{0CF276FB-FB9F-4408-BA12-2C9CEE2E94C6}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{236957ED-EA89-4AA2-8C8C-3C6BB70F7953}C:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe |
"UDP Query User{7F3AC2AA-E66E-4506-BE8B-06AC37FF4BD6}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{B7C1BB9C-A722-4C58-AED6-14C02557AF64}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1B3EC2E9-67E3-4D10-B1B8-BD71D7DC8930}" = Eternia LastChaos
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{310945EF-6EC9-4D54-9E67-36EAF4AF7A95}" = S4 League_EU
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CBEA715-B6DD-4943-B505-5E435C2B6126}" = S4 League_EU
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{BC27061D-FFCE-4931-A05F-AC964CC026CA}" = Registry Reviver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D66F2695-E97D-4D42-A793-2F02ACB7E2A4}" = S4 League_EU
"{DB52432E-3AD8-41A5-A586-0F065FB6A31E}" = Game Cam
"{E285F3B1-A840-414F-9A95-47627A16E633}" = AvalonHeroesEU
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{EE53A1EB-B273-4657-B39E-93E0B29FA880}" = S4 League_EU
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"Akamai" = Akamai NetSession Interface
"AutoItv3" = AutoIt v3.3.6.1
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BearShare" = BearShare
"BearShare MediaBar" = MediaBar
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"CamStudio" = CamStudio
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"Cheatbook 07.2009" = Cheatbook 07.2009
"Combat Arms EU" = Combat Arms EU
"conduitEngine" = Conduit Engine
"Cross Fire_is1" = Cross Fire En
"Digital DJ Pro" = Digital DJ Pro 1.7.0
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FlorensiaEN" = FlorensiaEN 1.0
"Fraps" = Fraps (remove only)
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.0
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.8
"Game Cam" = Game Cam 2.54.0.47
"GameBox" = GameBox Toolbar
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Hurrican_is1" = Hurrican 1.0.0.4
"HyperCam 2" = HyperCam 2
"HyperCam 3" = HyperCam 3
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"OPERATION7" = OPERATION7
"PC Optimizer Pro" = PC Optimizer Pro
"PriceGong" = PriceGong 2.1.0
"PunkBusterSvc" = PunkBuster Services
"RegistryReviver" = Registry Reviver
"SciTE4AutoIt3" = SciTE4AutoIt3 2/28/2010
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Spyware Doctor" = Spyware Doctor 8.0
"ST6UNST #1" = OMFGZ Infinite Dll Injector
"Steam App 13140" = America's Army 3
"Steam App 310" = Team Fortress 2 Dedicated Server
"ToggleEN Toolbar" = ToggleEN Toolbar
"TweakUAC_is1" = TweakUAC
"Uninstall_is1" = Uninstall 1.0.0.1
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 1.1.4
"VTFEdit_is1" = VTFEdit 1.2.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12.10.2010 07:18:14 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:18:14 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:28:20 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:28:20 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description =
 
[ Broadcom Wireless LAN Events ]
Error - 20.08.2010 08:47:24 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 14:47:24, Fri, Aug 20, 10 Error - Unable to gain access to user store

 
Error - 29.08.2010 07:53:29 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 13:53:28, Sun, Aug 29, 10 Error - Unable to gain access to user store

 
Error - 30.08.2010 10:28:52 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 16:28:51, Mon, Aug 30, 10 Error - Unable to gain access to user store

 
Error - 06.09.2010 15:02:04 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 21:02:03, Mon, Sep 06, 10 Error - Unable to gain access to user store

 
Error - 07.09.2010 10:39:25 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 16:39:25, Tue, Sep 07, 10 Error - Unable to gain access to user store

 
Error - 26.09.2010 12:57:19 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 18:57:18, Sun, Sep 26, 10 Error - Unable to gain access to user store

 
Error - 01.10.2010 02:51:57 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 08:51:56, Fri, Oct 01, 10 Error - Unable to gain access to user store

 
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
--- --- ---


was soll ich jetzt tun?
endschuldigen wegen so vielen posts auf einmal^^

markusg 12.10.2010 13:42
du willst ja neu formatieren, hast du eine windows vista cd zur hand? bzw eine recovery cd?

Kike1807 12.10.2010 13:44
ich vermute schon... wenn ich die CD habe was muss ich dann machen einfach durchlaufen lassen?

markusg 12.10.2010 13:48
also du musst erst mal alles an daten sichern, was du so benötigst. auf nen usb stick etc. dann schau erst mal ob du ne windows cd hast. und obs ne recovery cd ist oder einfach nur ne windows cd.

Kike1807 12.10.2010 14:02
hab die recovery cd:)

Kike1807 12.10.2010 14:04
hab die recovery cd^^

Kike1807 12.10.2010 14:13
und was soll ich jetzt machen?^^

markusg 12.10.2010 14:26
erst mal abwarten, du bist schließlich nicht der einzige nutzer.
hast du deine daten gesichert oder nicht?

Kike1807 12.10.2010 14:34
ja und jetzt soll ich etwas aussuchen... bei der inspiron resource cd. und ich weiss nicht was ich tun soll und sry das ich dich so nerve^^"


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:14 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130