crxpower86 | 10.11.2010 17:20 | hab es jetzt so gemacht wie es gesagt wurde von markusg,danke erstmal..hier die einträge die ziemlich lang sind:OTL Logfile: Code:
OTL logfile created on: 10.11.2010 17:02:08 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\crxpower\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,61 Gb Total Space | 18,39 Gb Free Space | 12,13% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 50,47 Gb Free Space | 34,45% Space Free | Partition Type: NTFS
Computer Name: CRXPOWER-PC | User Name: crxpower | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\crxpower\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Programme\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe ()
PRC - C:\Programme\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe (Realtek)
PRC - C:\Users\crxpower\Desktop\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
========== Modules (SafeList) ==========
MOD - C:\Users\crxpower\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (PnkBstrA) -- C:\Program Files\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe ()
SRV - (HauppaugeTVServer) -- C:\Programme\WinTV\HCWTVServer.exe (Hauppauge Computer Works)
SRV - (EPGService) -- C:\Programme\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (RealtekUSB) -- C:\Programme\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe (Realtek)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (StarWindService) -- C:\Users\crxpower\Desktop\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
========== Driver Services (SafeList) ==========
DRV - (SetupNTGLM7X) -- E:\NTGLM7X.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (NTACCESS) -- E:\NTACCESS.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys File not found
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (VClone) -- C:\Windows\System32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (acehlp10) -- C:\Windows\System32\drivers\acehlp10.sys (Protect Software GmbH)
DRV - (acedrv10) -- C:\Windows\System32\drivers\ACEDRV10.sys (Protect Software GmbH)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\rtl8187B.sys (Realtek Semiconductor Corporation )
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (RtlProt) -- C:\Windows\System32\drivers\RtlProt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1010311238\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Schnell-Startseite - COMPUTER BILD
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1010311238\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-3478329227-416108515-67917533-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {dd02a4eb-4afd-4d60-99d8-e67f964ca813}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {6b907b6e-0535-4a77-a6dc-20a612f0d470}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2332637&SearchSource=2&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.31 12:56:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.09 01:07:09 | 000,000,000 | ---D | M]
[2009.03.12 01:26:33 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\mozilla\Extensions
[2010.11.10 13:54:05 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions
[2010.06.06 14:59:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.06 14:59:29 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.06.06 14:59:28 | 000,000,000 | ---D | M] (radio hardcast Toolbar) -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\{6b907b6e-0535-4a77-a6dc-20a612f0d470}
[2010.10.31 12:38:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.07.31 12:06:26 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.07.13 14:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.06.04 20:05:45 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.06.06 14:59:28 | 000,000,000 | ---D | M] (PHPNukeEN Toolbar) -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}
[2009.03.29 16:49:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009.07.06 17:34:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2010.06.06 14:59:27 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.02.26 16:53:04 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\firefox@tvunetworks.com
[2010.10.03 17:30:44 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\staged-xpis
[2010.10.03 17:30:44 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\mozilla\Firefox\Profiles\zrvjnxst.default\extensions\vshare@toolbar
[2009.04.11 16:07:29 | 000,000,681 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\ask.xml
[2010.08.11 18:27:11 | 000,000,873 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\conduit.xml
[2010.11.05 13:57:22 | 000,000,950 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\icqplugin-1.xml
[2009.09.09 01:40:05 | 000,000,950 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\icqplugin-2.xml
[2009.09.11 02:13:43 | 000,000,950 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\icqplugin-3.xml
[2009.10.30 16:29:03 | 000,000,950 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\icqplugin-4.xml
[2009.12.17 01:41:48 | 000,000,950 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\icqplugin-5.xml
[2010.01.07 13:43:43 | 000,000,950 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\icqplugin-6.xml
[2010.02.21 00:15:35 | 000,000,950 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\icqplugin-7.xml
[2010.04.01 02:04:01 | 000,000,950 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\icqplugin-8.xml
[2010.10.31 12:38:37 | 000,000,168 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\icqplugin.gif
[2010.10.31 12:38:37 | 000,000,618 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\icqplugin.src
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\icqplugin.xml
[2009.09.17 00:06:10 | 000,003,915 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Mozilla\FireFox\Profiles\zrvjnxst.default\searchplugins\sweetim.xml
[2010.11.09 01:07:12 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.03.12 01:29:21 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.11.09 01:07:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.11.09 01:06:54 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2007.12.17 18:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Programme\Mozilla Firefox\plugins\npkimi.dll
[2009.03.24 10:10:44 | 000,114,688 | ---- | M] (Zylom) -- C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010.10.27 15:12:19 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.27 15:12:19 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.27 15:12:19 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.27 15:12:19 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.27 15:12:19 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.11.10 16:43:25 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1010311238\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-3478329227-416108515-67917533-1000\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKU\S-1-5-21-3478329227-416108515-67917533-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-3478329227-416108515-67917533-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3478329227-416108515-67917533-1000\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3478329227-416108515-67917533-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3478329227-416108515-67917533-1000..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-3478329227-416108515-67917533-1000..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-3478329227-416108515-67917533-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3478329227-416108515-67917533-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3478329227-416108515-67917533-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\crxpower\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab (Imikimi_activex_plugin Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.182 80.69.100.174
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Programme\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\crxpower\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\crxpower\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.03.05 02:13:43 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4c1bc80f-a90e-11de-9580-001d9206ee18}\Shell - "" = AutoRun
O33 - MountPoints2\{4c1bc80f-a90e-11de-9580-001d9206ee18}\Shell\AutoRun\command - "" = M:\start.exe -- File not found
O33 - MountPoints2\{f8300840-6a07-11de-8125-001d9206ee18}\Shell - "" = AutoRun
O33 - MountPoints2\{f8300840-6a07-11de-8125-001d9206ee18}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoStart IR.lnk - C:\Programme\WinTV\Ir.exe - (Hauppauge Computer Works)
MsConfig - StartUpFolder: C:^Users^crxpower^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Folding@home-gpu.lnk - C:\Users\crxpower\AppData\Roaming\Microsoft\Installer\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}\_98830A63A82EB98D7BA198.exe - ()
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig - StartUpReg: EPGServiceTool - hkey= - key= - C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig - StartUpReg: SweetIM - hkey= - key= - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
MsConfig - StartUpReg: UnlockerAssistant - hkey= - key= - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
MsConfig - StartUpReg: uTorrent - hkey= - key= - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
MsConfig - StartUpReg: VirtualCloneDrive - hkey= - key= - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe ()
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX: >{7AC61A4F-429D-4190-BD5D-5FB6681B54C0} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\Windows\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010.11.10 16:43:23 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.11.10 16:38:51 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\crxpower\Desktop\OTL.exe
[2010.11.10 15:16:25 | 000,000,000 | ---D | C] -- C:\Users\crxpower\AppData\Roaming\GetRightToGo
[2010.11.10 15:16:25 | 000,000,000 | ---D | C] -- C:\Users\crxpower\Documents\Downloads
[2010.11.10 14:59:52 | 000,000,000 | ---D | C] -- C:\Users\crxpower\AppData\Roaming\Malwarebytes
[2010.11.10 14:59:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.10 14:59:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.10 14:59:17 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.11.10 14:59:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.09 01:08:26 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2010.11.09 01:07:09 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.11.09 01:07:09 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.11.09 01:07:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.11.09 01:07:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.11.09 00:51:28 | 000,000,000 | ---D | C] -- C:\Users\crxpower\AppData\Roaming\Notepad++
[2010.11.09 00:51:28 | 000,000,000 | ---D | C] -- C:\Programme\Notepad++
[2010.11.08 23:30:38 | 000,000,000 | ---D | C] -- C:\Programme\PhotoZoom Pro 3
[2010.11.08 23:30:03 | 000,000,000 | ---D | C] -- C:\Users\crxpower\Desktop\PhotoZoomPro3
[2010.11.08 18:52:56 | 000,000,000 | ---D | C] -- C:\Programme\JRE
[2010.11.08 18:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.11.08 18:45:32 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.11.08 18:43:16 | 000,000,000 | ---D | C] -- C:\Users\crxpower\Desktop\OpenOffice.org 3.2 (de) Installation Files
[2010.10.31 12:38:18 | 000,000,000 | ---D | C] -- C:\Users\crxpower\AppData\Local\AOL
[2010.10.31 12:37:56 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.2
[2010.10.27 11:38:05 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.10.27 11:38:04 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.10.27 11:38:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.10.25 22:37:23 | 000,000,000 | ---D | C] -- C:\Programme\KaloMa
[2010.10.14 11:06:56 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.14 11:06:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.14 11:05:24 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.14 11:05:20 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.14 11:05:20 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.14 11:05:19 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.10.14 11:05:19 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.14 11:05:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.14 11:05:18 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.14 11:05:18 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.14 11:05:18 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.14 11:05:18 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.10.14 11:05:18 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.14 11:05:18 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.10.14 11:05:18 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.10.14 11:05:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.10.14 11:05:18 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.10.14 11:05:18 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.14 11:05:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.14 11:05:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.14 11:05:15 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.14 11:05:15 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.14 11:05:13 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.14 11:05:11 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.14 11:05:10 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.13 22:55:27 | 000,000,000 | ---D | C] -- C:\Users\crxpower\Desktop\www.top-hitz.com...Der.letzte.Exorzismus.TS.LD.German.iNTERNAL.READ.NFO.XviD-CinePlexx
========== Files - Modified Within 30 Days ==========
[2010.11.10 17:00:52 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\crxpower\Desktop\OTL.exe
[2010.11.10 17:00:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2010.11.10 16:51:58 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.10 16:51:58 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.10 16:51:58 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.10 16:51:58 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.10 16:46:55 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.10 16:46:48 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.10 16:46:48 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.10 16:46:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.10 16:46:39 | 3220,537,344 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.10 16:43:25 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010.11.10 16:29:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.10 16:15:19 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{01037324-98C5-4673-B28F-91276541A6C2}.job
[2010.11.10 14:59:21 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.09 12:15:51 | 000,274,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.11.09 01:06:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.11.09 01:06:53 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.11.09 01:06:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.11.09 01:06:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.11.08 23:30:43 | 000,004,093 | ---- | M] () -- C:\Windows\jwws-d24.ini
[2010.11.08 23:30:39 | 000,000,890 | ---- | M] () -- C:\Users\crxpower\Desktop\PhotoZoom Pro 3.lnk
[2010.11.08 23:29:49 | 008,036,015 | ---- | M] () -- C:\Users\crxpower\Desktop\PhotoZoomPro3.zip
[2010.11.08 23:10:11 | 000,077,312 | ---- | M] () -- C:\Users\crxpower\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.08 18:54:10 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.11.07 02:38:20 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2010.11.05 01:57:27 | 730,054,656 | ---- | M] () -- C:\Users\crxpower\Desktop\pl-paranormal2_xvid.avi
[2010.10.25 22:37:24 | 000,000,728 | ---- | M] () -- C:\Users\Public\Desktop\KaloMa.lnk
[2010.10.24 16:23:24 | 000,030,188 | ---- | M] () -- C:\Users\crxpower\Documents\julia23.10.odt
[2010.10.19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
========== Files Created - No Company Name ==========
[2010.11.10 14:59:21 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.08 23:30:43 | 000,004,093 | ---- | C] () -- C:\Windows\jwws-d24.ini
[2010.11.08 23:30:39 | 000,000,890 | ---- | C] () -- C:\Users\crxpower\Desktop\PhotoZoom Pro 3.lnk
[2010.11.08 23:29:45 | 008,036,015 | ---- | C] () -- C:\Users\crxpower\Desktop\PhotoZoomPro3.zip
[2010.11.08 23:07:49 | 730,054,656 | ---- | C] () -- C:\Users\crxpower\Desktop\pl-paranormal2_xvid.avi
[2010.11.08 18:54:10 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.10.25 22:37:24 | 000,000,728 | ---- | C] () -- C:\Users\Public\Desktop\KaloMa.lnk
[2010.10.24 16:23:22 | 000,030,188 | ---- | C] () -- C:\Users\crxpower\Documents\julia23.10.odt
[2010.10.13 23:02:45 | 729,559,040 | ---- | C] () -- C:\Users\crxpower\Desktop\cpl-dle.avi
[2010.06.17 13:28:03 | 000,000,056 | ---- | C] () -- C:\Windows\videotoaudio.ini
[2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.02.26 17:05:59 | 000,019,456 | ---- | C] () -- C:\Users\crxpower\AppData\Local\WebpageIcons.db
[2010.02.26 16:59:04 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.02.26 16:42:04 | 000,000,140 | ---- | C] () -- C:\Windows\powerlist.ini
[2010.02.26 16:42:04 | 000,000,060 | ---- | C] () -- C:\Windows\MediaList.ini
[2010.02.26 16:39:02 | 000,000,779 | ---- | C] () -- C:\Windows\powerplayer.ini
[2010.02.26 16:39:02 | 000,000,356 | ---- | C] () -- C:\Windows\psnetwork.ini
[2009.11.30 21:31:53 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009.09.17 12:02:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.07.06 12:01:03 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.06.19 19:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009.05.20 18:28:38 | 000,000,399 | ---- | C] () -- C:\Windows\vtplus32.ini
[2009.05.20 18:28:36 | 000,000,030 | ---- | C] () -- C:\Windows\System32\UNWISE.INI
[2009.05.20 18:28:11 | 000,032,295 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.05.20 18:28:05 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2009.05.20 18:27:08 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009.05.20 18:27:08 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.05.20 18:27:07 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll
[2009.05.20 18:26:48 | 000,006,235 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2009.03.21 18:25:08 | 000,004,969 | ---- | C] () -- C:\ProgramData\tgioyvlx.pxu
[2009.03.21 18:24:59 | 000,000,060 | ---- | C] () -- C:\Windows\IniFile1.ini
[2009.03.12 19:12:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2009.03.12 19:11:31 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.03.12 19:11:19 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.03.12 19:07:38 | 000,077,312 | ---- | C] () -- C:\Users\crxpower\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.12 18:57:06 | 000,000,024 | ---- | C] () -- C:\Windows\magix.ini
[2009.03.12 00:01:41 | 000,008,944 | ---- | C] () -- C:\Users\crxpower\AppData\Local\d3d9caps.dat
[2008.09.12 09:07:38 | 000,000,266 | ---- | C] () -- C:\Program Files\Common Files\hama.de - Download-Area Gamecontroller.url
[2008.01.21 03:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2007.07.25 14:24:30 | 001,559,040 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2006.11.02 13:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.02.26 15:08:28 | 000,585,728 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
========== LOP Check ==========
[2009.03.16 21:25:33 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\astragon Software GmbH
[2009.03.20 16:31:20 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Atari
[2010.06.04 20:06:18 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Auslogics
[2010.03.10 19:05:30 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\autobingooo
[2010.11.07 02:38:26 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Azureus
[2009.11.21 00:04:47 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Blitware
[2009.11.30 21:32:03 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Canneverbe_Limited
[2010.02.20 02:07:19 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\CasinoOnNet
[2009.09.24 22:45:30 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\DAEMON Tools
[2009.09.24 22:55:30 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\DAEMON Tools Lite
[2009.11.30 21:28:22 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\DAEMON Tools Pro
[2009.12.02 02:06:30 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Desktopicon
[2010.07.31 12:20:33 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.06.05 15:59:59 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Folding@home-gpu
[2010.11.10 15:16:29 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\GetRightToGo
[2010.11.10 16:33:57 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\ICQ
[2010.06.23 23:25:39 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\JLC's Software
[2009.03.20 03:05:31 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Leadertech
[2009.04.17 21:41:42 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\MAGIX
[2009.03.21 18:25:30 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\MOVAVI
[2010.11.09 00:52:18 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Notepad++
[2009.07.12 17:00:03 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\OpenOffice.org
[2009.05.28 15:20:49 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\PlayFirst
[2010.02.26 16:58:08 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\PPMate
[2010.02.26 16:47:06 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\ppstream
[2009.12.06 02:58:13 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\ProtectDisc
[2009.11.10 14:22:23 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\streamripper
[2009.03.12 17:51:27 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\TuneUp Software
[2010.02.13 19:08:00 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\UseNeXT
[2010.11.08 03:38:18 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\uTorrent
[2009.05.28 15:20:48 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Zylom
[2010.11.10 17:00:00 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job
[2010.11.07 02:38:20 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2010.11.10 16:45:55 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.11.10 16:15:19 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{01037324-98C5-4673-B28F-91276541A6C2}.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.06.17 13:10:30 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Adobe
[2009.03.21 18:52:05 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Ahead
[2009.03.16 21:25:33 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\astragon Software GmbH
[2009.03.20 16:31:20 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Atari
[2009.11.24 20:38:20 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\ATI
[2010.06.04 20:06:18 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Auslogics
[2010.03.10 19:05:30 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\autobingooo
[2009.03.21 18:44:14 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\AVS4YOU
[2010.11.07 02:38:26 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Azureus
[2009.11.21 00:04:47 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Blitware
[2009.11.30 21:32:03 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Canneverbe_Limited
[2010.02.20 02:07:19 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\CasinoOnNet
[2009.09.24 22:45:30 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\DAEMON Tools
[2009.09.24 22:55:30 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\DAEMON Tools Lite
[2009.11.30 21:28:22 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\DAEMON Tools Pro
[2009.12.02 02:06:30 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Desktopicon
[2010.11.09 00:56:47 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\dvdcss
[2010.07.31 12:20:33 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.06.05 15:59:59 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Folding@home-gpu
[2010.11.10 15:16:29 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\GetRightToGo
[2010.11.10 16:33:57 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\ICQ
[2009.05.28 15:20:48 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Identities
[2009.03.12 00:05:07 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\InstallShield
[2010.06.23 23:25:39 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\JLC's Software
[2009.03.20 03:05:31 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Leadertech
[2009.03.12 01:30:51 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Macromedia
[2009.04.17 21:41:42 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\MAGIX
[2010.11.10 14:59:52 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Malwarebytes
[2006.11.02 13:35:50 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Media Center Programs
[2009.10.05 18:09:16 | 000,000,000 | --SD | M] -- C:\Users\crxpower\AppData\Roaming\Microsoft
[2009.03.21 18:25:30 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\MOVAVI
[2009.03.12 01:26:33 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Mozilla
[2010.11.09 00:52:18 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Notepad++
[2009.07.12 17:00:03 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\OpenOffice.org
[2009.05.28 15:20:49 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\PlayFirst
[2010.02.26 16:58:08 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\PPMate
[2010.02.26 16:47:06 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\ppstream
[2009.12.06 02:58:13 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\ProtectDisc
[2010.02.26 16:59:11 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\SopCast
[2009.11.10 14:22:23 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\streamripper
[2009.10.16 01:52:59 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\tor
[2009.03.12 17:51:27 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\TuneUp Software
[2010.02.26 16:43:28 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\TVU Networks
[2010.02.13 19:08:00 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\UseNeXT
[2010.11.08 03:38:18 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\uTorrent
[2009.10.16 01:52:59 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Vidalia
[2010.02.26 18:34:27 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\vlc
[2010.06.06 15:43:52 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Winamp
[2009.03.12 00:50:18 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\WinRAR
[2009.05.28 15:20:48 | 000,000,000 | ---D | M] -- C:\Users\crxpower\AppData\Roaming\Zylom
< %APPDATA%\*.exe /s >
[2008.11.30 15:55:28 | 000,319,488 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\astragon Software GmbH\Fahr-Simulator 2009\Fahr-Simulator.exe
[2009.03.16 21:25:29 | 000,697,862 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\astragon Software GmbH\Fahr-Simulator 2009\unins000.exe
[2008.11.26 14:08:18 | 002,121,728 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\astragon Software GmbH\Fahr-Simulator 2009\Scenery Editor\Szenen-Editor.exe
[2009.11.29 02:32:10 | 005,393,552 | ---- | M] (Blitware Technology Inc. ) -- C:\Users\crxpower\AppData\Roaming\Blitware\DriverRobot\updates\1.2.0.3\DriverRobot_Setup.exe
[2009.12.06 02:32:12 | 005,395,904 | ---- | M] (Blitware Technology Inc. ) -- C:\Users\crxpower\AppData\Roaming\Blitware\DriverRobot\updates\1.2.0.5\DriverRobot_Setup.exe
[2010.07.25 01:32:04 | 005,671,192 | ---- | M] (Blitware Technology Inc. ) -- C:\Users\crxpower\AppData\Roaming\Blitware\DriverRobot\updates\2.5.0.6\driverrobot_setup.exe
[2010.08.01 01:32:05 | 007,789,968 | ---- | M] (Blitware Technology Inc. ) -- C:\Users\crxpower\AppData\Roaming\Blitware\DriverRobot\updates\2.5.1.0\driverrobot_setup.exe
[2010.08.15 01:32:05 | 007,788,736 | ---- | M] (Blitware Technology Inc. ) -- C:\Users\crxpower\AppData\Roaming\Blitware\DriverRobot\updates\2.5.1.1\driverrobot_setup.exe
[2009.12.02 02:06:30 | 000,031,836 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Desktopicon\uninst.exe
[2009.12.02 14:34:22 | 003,203,072 | ---- | M] () -- C:\Users\crxpower\AppData\Roaming\Folding@home-gpu\FahCore_11.exe
[2009.09.27 17:16:10 | 000,010,134 | R--- | M] () -- C:\Users\crxpower\AppData\Roaming\Microsoft\Installer\{580D6A69-F3F7-CB21-A5F5-3451A38CA1C2}\ARPPRODUCTICON.exe
[2009.12.02 13:09:41 | 000,098,477 | R--- | M] () -- C:\Users\crxpower\AppData\Roaming\Microsoft\Installer\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}\_1810542788961D6D988517.exe
[2009.12.02 13:09:40 | 000,098,477 | R--- | M] () -- C:\Users\crxpower\AppData\Roaming\Microsoft\Installer\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}\_6FEFF9B68218417F98F549.exe
[2009.12.02 13:09:41 | 000,098,477 | R--- | M] () -- C:\Users\crxpower\AppData\Roaming\Microsoft\Installer\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}\_98830A63A82EB98D7BA198.exe
[2009.12.02 13:09:41 | 000,010,134 | R--- | M] () -- C:\Users\crxpower\AppData\Roaming\Microsoft\Installer\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}\_B97F7EA90C9BD73A9EC027.exe
[2009.11.24 21:10:51 | 000,010,134 | R--- | M] () -- C:\Users\crxpower\AppData\Roaming\Microsoft\Installer\{A7E110EF-3B05-4CCD-3CB7-3D373325D43A}\ARPPRODUCTICON.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.21 03:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:21:09 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:21:09 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.12.10 20:58:28 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.12.10 20:58:27 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.12.10 20:58:27 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.12.10 20:58:27 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:22:34 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTORV.SYS >
[2008.01.21 03:21:31 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:21:31 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:21:31 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:22:13 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 03:22:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2008.01.21 03:22:31 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 03:22:58 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:22:58 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:22:59 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 03:22:55 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:22:55 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.09.22 15:58:57 | 000,722,416 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:16:46 | 017,956,864 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:16:31 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:16:46 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 12:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 12:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.04.11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:1AAB2E68
< End of report > --- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 10.11.2010 17:02:08 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\crxpower\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,61 Gb Total Space | 18,39 Gb Free Space | 12,13% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 50,47 Gb Free Space | 34,45% Space Free | Partition Type: NTFS
Computer Name: CRXPOWER-PC | User Name: crxpower | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3478329227-416108515-67917533-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\PPStream\PPStream.exe" = C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPSÍøÂçµçÊÓ -- (PPStream Inc.)
"C:\Program Files\PPStream\PPSAP.exe" = C:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS ÍøÂç¼ÓËÙÆ÷ -- (PPStream Inc)
"C:\Program Files\PPMate\ppmate.exe" = C:\Program Files\PPMate\ppmate.exe:*:Enabled:PPMate -- ()
"C:\Program Files\PPMate\ppamnet.exe" = C:\Program Files\PPMate\ppamnet.exe:*:Enabled:PPMate -- (ppmate)
"C:\Program Files\PPSGame\PPSGame.exe" = C:\Program Files\PPSGame\PPSGame.exe:*:Enabled:ÓÎÏ·´óÌü¿Í»§¶Ë -- (传聚网络科技有限公司)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04B09FF3-0916-40C4-9372-DDCC6A9B2AD4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6638C4D7-99BB-438F-86C8-48D153C6C6B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0705E0A9-30A0-407E-BF7C-2BF702287234}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{0CEB877E-F6A6-4691-890B-E396534C1F62}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{24CA761A-A2F4-4F3F-B234-3D74A360FFD7}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3AABFE7F-4F58-4A00-81CE-80D4DA48B23F}" = protocol=17 | dir=in | app=c:\users\crxpower\desktop\konami\pro evolution soccer 2010\pes2019.exe |
"{5101B469-A66D-4E7C-96E0-B2C9A6DA1107}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{68202FDD-E510-4C9E-9791-8931948C271F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{78EC7BD5-BDB1-430A-8AC7-7735FAB1EE67}" = protocol=6 | dir=in | app=c:\users\crxpower\desktop\konami\pro evolution soccer 2010\pes2019.exe |
"{8490A673-D9FC-442D-A0F1-AC91FDB1F990}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{8F2DB08C-A738-453F-B26E-DB9FCF2E72DF}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{9A86BC7A-15B0-46C8-93C2-97694C5E2D5D}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{9E6985D3-BA0E-4F77-8A67-01201504EB78}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BFBC24BF-F962-4C32-A6E3-8042483E9C59}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{C013F7D2-269D-4240-99C9-2CD7A88AE583}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{C8A63524-ADBD-46D9-A8D7-805259C01AF3}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"TCP Query User{35471DBA-409A-44C6-9400-5BE9D222D47A}C:\users\crxpower\desktop\pes2010.exe" = protocol=6 | dir=in | app=c:\users\crxpower\desktop\pes2010.exe |
"TCP Query User{423D9B74-AF16-4FBF-8153-D345953075AD}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{427FEDA3-89E9-4E85-AB88-4348DA9845F2}C:\program files\ppstream\ppstream.exe" = protocol=6 | dir=in | app=c:\program files\ppstream\ppstream.exe |
"TCP Query User{4DE53171-3EB5-4A27-8698-8EBCFC0DE5C0}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{57872BA9-9A65-4D2E-A0F1-AA3D67F278ED}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{6B939087-E65B-4BA6-B84B-BBD954F45988}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{6F605BFB-B2FC-4E8C-9BFE-C7BA69129854}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{83C5230A-76BF-4325-89F5-C8C1FD471D8C}C:\program files\ppmate\ppamnet.exe" = protocol=6 | dir=in | app=c:\program files\ppmate\ppamnet.exe |
"TCP Query User{97BAC847-09DB-4966-9703-61DA7C66BF9B}C:\program files\phenomedia\moorhuhn kart - thunder\mhk4.exe" = protocol=6 | dir=in | app=c:\program files\phenomedia\moorhuhn kart - thunder\mhk4.exe |
"TCP Query User{9A1F2EEE-0A45-4501-9B94-E62EB458C347}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{9B58BB48-6DF0-4B1A-B337-008CE568930B}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{D5F171C6-F18D-4055-B3B7-FDAC16CD201E}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{FEE17BE3-F66B-404A-91EC-D93DF6693E39}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{01E4A683-C984-4E69-AC71-82173D8A4B52}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{09267D1A-5600-4EDF-8C0E-A22665755927}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{1A94BBC9-5E69-4C8A-AE88-4F187574AB5A}C:\program files\phenomedia\moorhuhn kart - thunder\mhk4.exe" = protocol=17 | dir=in | app=c:\program files\phenomedia\moorhuhn kart - thunder\mhk4.exe |
"UDP Query User{2C8924F5-D54D-445B-BCBA-B70B2908AEF0}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{33357B6A-7DEF-4500-9534-2B1AC0B0E73F}C:\users\crxpower\desktop\pes2010.exe" = protocol=17 | dir=in | app=c:\users\crxpower\desktop\pes2010.exe |
"UDP Query User{35948FB5-E97B-44D9-BBED-FBFE62CBA930}C:\program files\ppmate\ppamnet.exe" = protocol=17 | dir=in | app=c:\program files\ppmate\ppamnet.exe |
"UDP Query User{4BD39AC5-5268-4DA5-B770-7277AF767B43}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{6CD23326-20CE-44F6-95C9-7A312914D71D}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{843C396E-5741-483E-AC92-A909EB0588FB}C:\program files\ppstream\ppstream.exe" = protocol=17 | dir=in | app=c:\program files\ppstream\ppstream.exe |
"UDP Query User{87D8A902-C29C-4CF0-B90C-9A47D4B3DA6F}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{B094B1A1-FF47-4F0B-BA56-5DDBEC17900F}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{ED4C59F1-5929-4563-89A3-C1917287F937}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{EE9263F3-2AC5-45E7-BB3F-9EFFBBBBF3AC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0117713F-9BB5-E61B-686F-D63C156E63F6}" = Catalyst Control Center Core Implementation
"{041FE46C-4EEA-06AE-4562-00A899F5A0FB}" = CCC Help English
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082C8591-A04B-C51B-99C1-729A9765C559}" = CCC Help English
"{0C49AFCF-4EEC-F150-3748-56906B26116D}" = Catalyst Control Center Graphics Full Existing
"{18778440-FBC2-7845-5D75-2E3FB2901CA3}" = Catalyst Control Center Core Implementation
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2160868F-58F6-7B2D-03A3-89A3582AEA1C}" = Skins
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}" = HDD Regenerator
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{2D7D9D86-923A-41A8-919F-437332AB1031}" = Nero 7 Ultra Edition
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{36D801B4-1B76-085D-4C96-8A3BE8D4E4B3}" = HydraVision
"{38D9321F-3A76-4D82-9AC4-970F0BE74186}" = ATI AVIVO Codecs
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F11A4D1-FAEC-E1FD-5D35-25C94EC33D46}" = ccc-core-static
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{508D251A-9378-C840-90A0-563C649BC749}" = Catalyst Control Center Graphics Previews Vista
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{560BEED8-69A3-0471-FFAE-9BA8AC58B61A}" = ccc-utility
"{56DD3770-2EF5-42D0-BA5A-A8135E9D4A9E}" = USB Dual Vibration PAD
"{580D6A69-F3F7-CB21-A5F5-3451A38CA1C2}" = Catalyst Control Center InstallProxy
"{5934808D-F536-2B3F-A488-F53372854C69}" = ccc-core-static
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{610E64BA-F306-6C12-F882-F76CD244A3C2}" = Catalyst Control Center Graphics Light
"{62E965A8-25BB-2C3C-D9D5-D73CF4CC55AB}" = Catalyst Control Center HydraVision Full
"{68BC06A7-FC85-D463-48BE-3EBFD9747C7E}" = Catalyst Control Center HydraVision Full
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A90C837-054E-44AE-B9BD-1B1F87986BBC}" = Folding@home-gpu
"{7095FD27-37F0-4750-9DE8-D37DC0043706}" = REALTEK USB Wireless LAN Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7528F5C4-1707-A9D6-4564-F2D5C64FA3A6}" = Catalyst Control Center Graphics Light
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}" = SweetIM Toolbar for Internet Explorer 3.4
"{8DE98D27-6F65-90E4-0F46-A0FCAEEB8D5B}" = Catalyst Control Center Graphics Previews Common
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96B784E2-F4D7-38A5-E9DD-6CC093B07C58}" = Catalyst Control Center Graphics Full New
"{97959329-F1E9-2D17-E910-253C05B00C6E}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B0AC7ED-E425-4BD9-8196-D4D5D31FFD37}" = Activision(R)
"{9E78C42C-4FF9-4F41-BBC4-BF872606E79D}_is1" = Driver Robot 1.1.0.14
"{A137D52E-FA96-4815-85F5-E7B8F66837DB}" = Race Driver 3
"{A402B569-BA69-8849-1DFC-6D4CE9F4EDA5}" = Catalyst Control Center Graphics Previews Common
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7E110EF-3B05-4CCD-3CB7-3D373325D43A}" = Catalyst Control Center InstallProxy
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9D0555C-AB20-419D-A98C-3B11ECC0F921}" = Movavi VideoSuite 6
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BCDD3356-B5B2-9D0F-3776-8D5E28893F82}" = ccc-utility
"{BE686891-3C56-4714-AFEF-341A7867BA80}" = REALTEK RTL8187 Wireless LAN Driver and Utility
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF929EEB-CE39-4F06-B1BF-F51FC617A2B2}" = Catalyst Control Center - Branding
"{D2D15362-27A7-9D88-35B2-C04697E4CD94}" = Catalyst Control Center Graphics Previews Vista
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D85EE6FC-1263-3A84-CEB7-A53E97B6A835}" = ATI Catalyst Install Manager
"{DDD9BB0C-C116-91D3-A45B-FA3291781BB0}" = Catalyst Control Center Graphics Full Existing
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{EC87E256-B0A4-4A41-8682-AB57FF21196D}" = SweetIM for Messenger 2.7
"{EDA12670-56B5-4459-BA21-D010F0E3EBA1}" = Emergency 4 Deluxe
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"autosearch2" = autosearch2
"AVI To MP3 Converter_is1" = AVI To MP3 Converter 1.00
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Casino-On-Net" = Casino-On-Net
"Cobra 11 - Burning Wheels_is1" = 1
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"eBay Icon" = eBay Icon
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"Fahr-Simulator 2009_is1" = Fahr-Simulator 2009
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free DVD Video Burner_is1" = Free DVD Video Burner version 2.3
"Free Studio_is1" = Free Studio version 4.8
"Free Video Dub_is1" = Free Video Dub version 1.6
"Free Video to Mp3 Converter_is1" = Free Video to Mp3 Converter version 3.1
"Free YouTube Download_is1" = Free YouTube Download 2.3
"Free YouTube to DVD Converter_is1" = Free YouTube to DVD Converter version 2.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.6
"Google Chrome" = Google Chrome
"Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV TV Services" = Hauppauge WinTV TV Services
"HD Tune_is1" = HD Tune 2.55
"HighwayNights" = Cobra 11 - Highway Nights (remove only)
"ICQToolbar" = ICQ Toolbar
"IL Download Manager" = IL Download Manager
"Imikimi Plugin" = Imikimi Plugin
"InstallShield_{9B0AC7ED-E425-4BD9-8196-D4D5D31FFD37}" = Ice Age 3 Die Dinosaurier sind los(TM)
"KaloMa_is1" = KaloMa 4.78
"MAGIX Music Maker 15 Premium Download-Version D" = MAGIX Music Maker 15 Premium Download-Version 15.0.1.5 (D)
"MAGIX Music Maker 2008 D" = MAGIX Music Maker 2008 13.0.0.16 (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mr. Putts Mini Golf" = Mr. Putts Mini Golf
"Notepad++" = Notepad++
"oZone3D.Net FurMark_is1" = oZone3D.Net FurMark v1.7.0
"ppmate" = PPMate Network TV 2.3.3.6
"PPSGame" = PPSÓÎÏ· V1.0.1.93
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Saitek Colour Rumble Pad" = Saitek Colour Rumble Pad
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"SopCast" = SopCast 3.2.4
"Stellarium_is1" = Stellarium 0.9.0
"Streamripper" = Streamripper (Remove only)
"Streamripper.Plugin" = Streamripper Plugin 1.62.2 (Remove only)
"TVUPlayer" = TVUPlayer 2.5.2.2
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.8
"UseNeXT_is1" = UseNeXT
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.16
"VideoMach" = VideoMach
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 0.9.8a
"vShare" = vShare Plugin
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"Vuze" = Vuze
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Zattoo4" = Zattoo4 4.0.5
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3478329227-416108515-67917533-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"Diner Dash 2 Deluxe" = Diner Dash 2 Deluxe
"PhotoZoom Pro 3" = BenVista PhotoZoom Pro 3.0.2
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.8.1
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10.11.2010 11:36:01 | Computer Name = crxpower-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10.11.2010 11:36:01 | Computer Name = crxpower-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10.11.2010 11:36:46 | Computer Name = crxpower-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.11.2010 11:37:18 | Computer Name = crxpower-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10.11.2010 11:37:25 | Computer Name = crxpower-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10.11.2010 11:47:14 | Computer Name = crxpower-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10.11.2010 11:47:14 | Computer Name = crxpower-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10.11.2010 11:48:27 | Computer Name = crxpower-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.11.2010 11:48:43 | Computer Name = crxpower-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 10.11.2010 11:48:43 | Computer Name = crxpower-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ System Events ]
Error - 10.11.2010 07:33:05 | Computer Name = crxpower-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description =
Error - 10.11.2010 07:33:05 | Computer Name = crxpower-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description =
Error - 10.11.2010 07:33:05 | Computer Name = crxpower-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description =
Error - 10.11.2010 07:33:05 | Computer Name = crxpower-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description =
Error - 10.11.2010 07:34:12 | Computer Name = crxpower-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 10.11.2010 08:23:39 | Computer Name = crxpower-PC | Source = disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 10.11.2010 08:23:42 | Computer Name = crxpower-PC | Source = disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 10.11.2010 11:36:46 | Computer Name = crxpower-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 10.11.2010 11:43:23 | Computer Name = crxpower-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 10.11.2010 11:48:28 | Computer Name = crxpower-PC | Source = Service Control Manager | ID = 7026
Description =
[ TuneUp Events ]
Error - 10.11.2010 09:59:55 | Computer Name = crxpower-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-11-10 14:59:55', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbam.exe','2888',0)
< End of report > --- --- --- |