hier schonmal der OTL scan
Extras.txt Code:
OTL Extras logfile created on: 21.11.2010 14:59:34 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Marvin\Documents\konni
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 39,00% Memory free
6,00 Gb Paging File | 3,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 83,01 Gb Total Space | 10,14 Gb Free Space | 12,21% Space Free | Partition Type: NTFS
Drive D: | 205,08 Gb Total Space | 33,07 Gb Free Space | 16,13% Space Free | Partition Type: NTFS
Drive E: | 2,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MARVIN-NB | User Name: Marvin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Progs\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Progs\Adobe CS 5 Master\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Progs\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0270C624-2586-484F-A445-07452FE60E9B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{03A8D4A4-3727-4602-8D3E-7C7E30A9FB6C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{08AA836F-E71A-43CC-8DF5-0B7DCEBF94C8}" = lport=138 | protocol=17 | dir=in | app=system |
"{19EF81C4-2915-44A7-921F-335C596AE7C3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1F45751D-E7D2-4576-9A54-DA3CF6D55E61}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2A7848F5-603A-427D-AD3B-C5CC393E3EE6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2D2AED91-E87D-4FC3-80D3-666A36F2BEF2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2D65D2FA-37DF-4898-BCB4-4BF463A27BFE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{317B38FF-D3A4-4B6F-BF40-2D0E21ACBF86}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3B8A4F87-1E40-4369-AF51-DFC63C40BFBE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{481D5258-FF49-48E5-89E8-20ADA2953FD0}" = lport=139 | protocol=6 | dir=in | app=system |
"{523CB7C6-067F-42F3-9A18-EE7121E6F159}" = lport=445 | protocol=6 | dir=in | app=system |
"{57DDD056-F615-44D4-A7A4-F88E474C00D0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5DBB523E-4BE4-41AF-A938-4B7A27F7ECBA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6D728D35-7476-47DA-B5F0-A2AE967ED5E0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8239AA72-16FB-41D6-9325-B62D67F392FE}" = rport=138 | protocol=17 | dir=out | app=system |
"{8A2B14F8-EDAC-4920-8FAF-4D7FBE25E806}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8C5E3AC8-8038-4016-94FE-65CFF7B4FBEB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8DBE744C-BD27-4534-BDA0-948C19753969}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8DCB8974-CE98-4ED1-8DDB-32EFD3158027}" = rport=445 | protocol=6 | dir=out | app=system |
"{8E07F1A5-CE15-43AA-8A00-041F612DC369}" = rport=137 | protocol=17 | dir=out | app=system |
"{9C7EBCE6-65DB-4E4B-A840-F2B99899CA6F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AAF2439E-7499-4B4C-A902-8D4BE150F80C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B2DE247F-9D30-4C4D-9211-ADA2944A8E45}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B5EB085B-DA65-490B-AFF9-9B30345A7A8F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C6AF776C-3E0B-43BA-8333-DE80F6E884D6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D4725856-AA66-412F-8944-E8AC7472F4E2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4AEF445-6BCD-43D4-BA91-9F5EE8668D49}" = rport=139 | protocol=6 | dir=out | app=system |
"{E8A118AD-2988-4283-BA0D-50034CF698B3}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0315B9A1-D1FD-4519-A375-07C4D9644E53}" = protocol=17 | dir=in | app=d:\spiele\wolfenstein\mp\wolf2mp.exe |
"{03CC20B8-3DEC-4BF4-BB01-E9604C4383BF}" = protocol=17 | dir=in | app=d:\spiele\burnout paradies\burnoutparadise.exe |
"{04C0BE7C-B99B-4205-992B-34C2597629B2}" = protocol=17 | dir=in | app=d:\spiele\anno1404\tools\anno4web.exe |
"{055D5FE7-5C68-4971-93EF-6C7B4F924F5E}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{0867116F-4C6C-490A-89B4-9C2E0BA426AE}" = protocol=6 | dir=in | app=d:\progs\torrent\utorrent.exe |
"{0ED3224E-7F89-4A85-9BBB-471F0B0DEA1D}" = protocol=17 | dir=in | app=d:\spiele\gta4\rockstar games social club\rgsclauncher.exe |
"{0FD488E4-A580-487F-9185-7361FC2932C1}" = protocol=6 | dir=in | app=d:\spiele\anno1404\anno4.exe |
"{1088F314-08E4-40A1-A28D-B61F0B0861DE}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"{10C40553-B1BD-4A7B-BD6C-808FF2A41C4E}" = protocol=6 | dir=in | app=d:\spiele\wolfenstein\mp\wolf2mplite.exe |
"{150F7241-0F4A-4D14-84BB-7C820A8BB1E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{15C9D5B2-35C8-4AB1-BA21-CFA5711FE506}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{17FE7874-7951-4FBE-A628-E15A2E565726}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1B69EDE9-E1EB-45BB-A945-ECD127BD82A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{224CA762-D72A-4333-802E-E5BEC295E28F}" = protocol=6 | dir=in | app=d:\spiele\bionic\bionic commando\support\cap1-0101.exe |
"{2E3FB477-29A6-473A-873E-86D12D578F24}" = protocol=17 | dir=in | app=d:\spiele\gta4\grand theft auto iv\launchgtaiv.exe |
"{2FB57DEA-BAAD-479E-B49B-D62EFA199C6F}" = protocol=17 | dir=in | app=d:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{30A77B67-71E2-4258-B86D-56BE0A664CEF}" = protocol=6 | dir=in | app=d:\spiele\fear\fearxp2.exe |
"{31740870-8E2E-4FED-83F1-86E8EEF10005}" = protocol=17 | dir=in | app=d:\spiele\bionic\bionic commando\support\cap1-0101.exe |
"{3A4E05AC-6F49-4BBA-81A2-226A13B2DB1B}" = protocol=6 | dir=in | app=d:\spiele\moh\airborne\unrealengine3\binaries\moha.exe |
"{3DFF0D7A-D71B-44E2-AF60-61F2DC72C9AD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{46D5E2FF-5573-4F80-AF4D-BCBD7AD9FE92}" = protocol=6 | dir=in | app=d:\spiele\gta4\grand theft auto iv\launchgtaiv.exe |
"{47964B51-7245-481F-826E-3487A50134E7}" = protocol=17 | dir=in | app=d:\spiele\burnout paradies\burnoutconfigtool.exe |
"{47B3DAF8-F8E2-4BF0-BD92-24EF4F204C3D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4A40DF77-B26C-47F3-A22F-553DAE1D0D4E}" = protocol=6 | dir=in | app=d:\internet\steam\steam.exe |
"{4AE662E0-4A86-4761-9DF5-DFFB9C013947}" = protocol=17 | dir=in | app=d:\spiele\anno1404\anno4.exe |
"{4C8BDD8B-4191-428E-9A55-A76B89EBA08F}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{4DFDF970-567C-4349-AE29-251A62552558}" = protocol=58 | dir=in | app=system |
"{4EEF2951-6CD4-4FED-8D48-C32518912A0E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4FC26A36-20E1-4F19-9E4E-07CC45AFC89C}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5095BF6A-BA01-40FA-AD70-1A91FFA0CCFA}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{536A3FD0-D170-4926-A759-34A1C986714E}" = protocol=6 | dir=in | app=d:\spiele\bionic\bionic commando\bionic_commando.exe |
"{55AC08FA-0C28-4F51-9E88-A86AD9A118C2}" = protocol=6 | dir=in | app=d:\spiele\burnout paradies\burnoutconfigtool.exe |
"{590F3124-E237-4903-837B-89AEEDCF540D}" = protocol=6 | dir=out | app=system |
"{5A20723C-CAAF-48A0-921D-32E2775EFC47}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5C4295EC-C198-4339-AB81-BCD895933690}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{670B90DF-C380-4B83-BC80-EAC862799B19}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6EFDF20C-3265-4E0F-9FB6-CA0E6BBD6B12}" = protocol=17 | dir=in | app=d:\spiele\wolfenstein\mp\wolf2mplite.exe |
"{75F1A430-A409-476F-A6BE-3E0CDE630ADF}" = protocol=6 | dir=in | app=d:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{7BC959C6-58EC-47CB-B910-AD7AA2605A8C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7C865898-8A39-40A6-8A7A-28C2A44B0E37}" = protocol=6 | dir=in | app=d:\spiele\burnout paradies\burnoutparadise.exe |
"{7F81314F-C920-47E9-99B1-E3EAEE4071D8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{867D113D-CA37-4641-B8DD-36645129583E}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{86E5C93C-663A-420F-9C6F-EBC313D236BA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8CAA82E6-F4EE-4B47-AE39-18499737E1BA}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{8E18CD0C-66AF-4E0E-8113-B3200140D0D5}" = protocol=17 | dir=in | app=d:\spiele\moh\airborne\unrealengine3\binaries\moha.exe |
"{8F74C674-09EE-41A1-A83E-E81FF8B0B82B}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"{9483FDB7-46FE-445F-A155-1D441E995C3D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{951EE976-6AD4-416D-9D97-77881BCD6540}" = protocol=17 | dir=in | app=d:\spiele\burnout paradies\burnoutlauncher.exe |
"{95BF74CC-6A41-41A7-B95A-8862A416C492}" = protocol=6 | dir=in | app=d:\spiele\anno1404\tools\anno4web.exe |
"{9AEB1A81-118C-45F7-822D-93918014A8A0}" = protocol=17 | dir=in | app=d:\spiele\bionic\bionic commando\bionic_commando.exe |
"{9B265532-A06F-4E21-936B-6DA1EACF7D26}" = protocol=17 | dir=in | app=d:\internet\steam\steam.exe |
"{A1C2CDC2-316B-4020-9B8C-041A796CB5BB}" = protocol=6 | dir=in | app=d:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{A43994A0-E307-4637-B298-88F59C77A9F5}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{A4C1E710-76FA-45BF-94E9-4A49D58FF1BF}" = protocol=17 | dir=in | app=d:\spiele\fear\fearxp2.exe |
"{A64E191D-4270-43CF-956F-04F49FFCE1D4}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{A96636E3-BA5E-42EC-9AED-3608ABAD2D21}" = protocol=17 | dir=in | app=d:\progs\torrent\utorrent.exe |
"{B183274E-46F7-44B0-836B-A68D3A24AF04}" = protocol=6 | dir=in | app=d:\spiele\burnout paradies\burnoutlauncher.exe |
"{BD2C76A1-B31A-4BCB-81E9-6D9B7259707F}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{C3E011E1-D7FC-40FD-B556-65918E045E47}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{CC0BF139-A8CD-4253-8C80-4E1539D2C08B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D02F346B-A339-4894-AB38-15859796E0DD}" = protocol=17 | dir=in | app=d:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{DE394C01-2703-4D3A-B28D-7518DC37E9FF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E21F9D57-F5F0-4065-9CDA-E93A937AB205}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{EC4982CC-51F9-478B-9A8F-A16A92E4C002}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
"{EE4EBB11-D2FB-4817-93A6-74DB6C6FFCDC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F2D16576-4AB6-47AF-82D3-3DA3AD9E048D}" = protocol=6 | dir=in | app=d:\spiele\gta4\rockstar games social club\rgsclauncher.exe |
"{FEF022A0-52BD-4BCA-B619-5530E051C491}" = protocol=6 | dir=in | app=d:\spiele\wolfenstein\mp\wolf2mp.exe |
"TCP Query User{086EB55B-8DBE-4240-9490-C83982B26498}D:\spiele\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=d:\spiele\battlefield vietnam\bfvietnam.exe |
"TCP Query User{0B418ED6-A1E6-4044-BC6F-51E53489423A}D:\internet\inetprogramme\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\internet\inetprogramme\icq6.5\icq.exe |
"TCP Query User{19DEAF8D-EE25-45E3-AE5B-0508B316D419}D:\spiele\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=d:\spiele\battlefield vietnam\bfvietnam.exe |
"TCP Query User{1D1D7E14-119A-4F6A-B963-E8FED5EF4A02}D:\spiele\setup\counter-strike 1.6\hltv.exe" = protocol=6 | dir=in | app=d:\spiele\setup\counter-strike 1.6\hltv.exe |
"TCP Query User{22C5B432-EF51-4560-8773-8A2CC3B4110F}D:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\link\2\vbaserver.exe" = protocol=6 | dir=in | app=d:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\link\2\vbaserver.exe |
"TCP Query User{23EAFDC5-9155-4093-8CA0-2481605CB39D}C:\windows\system32\presentationhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\presentationhost.exe |
"TCP Query User{27E0E151-B9BE-4E89-837A-5A7137CD4732}C:\users\marvin\appdata\local\temp\rar$ex00.033\ipcurve\ipcurve.exe" = protocol=6 | dir=in | app=c:\users\marvin\appdata\local\temp\rar$ex00.033\ipcurve\ipcurve.exe |
"TCP Query User{2CE5ACE9-90AA-4337-9F04-03C01DA42FE6}D:\spiele\setup\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\spiele\setup\counter-strike 1.6\hl.exe |
"TCP Query User{2F0FCD9E-6F6B-4A9A-8DA2-A79EB9B34EFC}D:\spiele\gta4\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\spiele\gta4\grand theft auto iv\gtaiv.exe |
"TCP Query User{3085A9F0-B1A4-47B6-9B64-9E4E25EB3279}D:\spiele\gta4\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\spiele\gta4\grand theft auto iv\gtaiv.exe |
"TCP Query User{39969885-D36F-4CF6-B774-C1C2C69E5DC7}D:\spiele\cod mw2\iw4mp.exe" = protocol=6 | dir=in | app=d:\spiele\cod mw2\iw4mp.exe |
"TCP Query User{3FE7CD96-FA10-4C60-A166-613CED499CE8}I:\programme\bf\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=i:\programme\bf\battlefield 2\bf2.exe |
"TCP Query User{59336846-6B96-42A3-85F9-F4A86791B336}D:\spiele\setup\counter-strike 1.6aaa\hltv.exe" = protocol=6 | dir=in | app=d:\spiele\setup\counter-strike 1.6aaa\hltv.exe |
"TCP Query User{65111D6B-4D6F-4D72-A8DC-154C6F9EBE4A}C:\users\marvin\desktop\pokemon\1.8\visualboyadvance.exe" = protocol=6 | dir=in | app=c:\users\marvin\desktop\pokemon\1.8\visualboyadvance.exe |
"TCP Query User{73965393-73C2-477F-AB8A-72642C3ECAB1}D:\spiele\c+c\game.exe" = protocol=6 | dir=in | app=d:\spiele\c+c\game.exe |
"TCP Query User{79C07555-124D-474E-9604-F16CD1BD0F54}C:\users\marvin\desktop\pokemon\2\visualboyadvance.exe" = protocol=6 | dir=in | app=c:\users\marvin\desktop\pokemon\2\visualboyadvance.exe |
"TCP Query User{7F0F3DE9-2F66-4303-A4FC-1E00BC846043}D:\spiele\steamless counterstrikesource pack\hl2.exe" = protocol=6 | dir=in | app=d:\spiele\steamless counterstrikesource pack\hl2.exe |
"TCP Query User{8121CEC9-99D5-47E0-B3C4-5889C23EA484}D:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\link\2\vbaserver.exe" = protocol=6 | dir=in | app=d:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\link\2\vbaserver.exe |
"TCP Query User{82FCCE72-16B6-4CFC-9A83-DC4724798AEB}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{83395489-5954-4546-A382-A23861D0516B}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{8A8418DD-E22B-4E32-BFC9-4C1B04304850}D:\internet\inetprogramme\cain\cain.exe" = protocol=6 | dir=in | app=d:\internet\inetprogramme\cain\cain.exe |
"TCP Query User{8C797928-E419-404A-A55D-F6E68F49CCFF}D:\spiele\steamless counterstrikesource pack\hl2.exe" = protocol=6 | dir=in | app=d:\spiele\steamless counterstrikesource pack\hl2.exe |
"TCP Query User{989DA8BF-7BB9-4D20-BA90-48A98C416028}D:\spiele\setup\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\spiele\setup\counter-strike 1.6\hl.exe |
"TCP Query User{98A07930-BB8D-44AE-BD93-E941DB1479F5}J:\programme\bf\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=j:\programme\bf\battlefield 2\bf2.exe |
"TCP Query User{9C1E0A77-9488-407E-94BF-C8E3E3ED0EB0}D:\spiele\moh\pacificassault\mohpa.exe" = protocol=6 | dir=in | app=d:\spiele\moh\pacificassault\mohpa.exe |
"TCP Query User{9C989B52-6441-4AF0-A22F-F2F24F5A6012}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{9D1606AF-C796-4A09-8D13-7770A81A0133}D:\progs\vlc\vlc.exe" = protocol=6 | dir=in | app=d:\progs\vlc\vlc.exe |
"TCP Query User{9E5C4C18-57FF-4E03-BEBF-9AC513BE0D24}D:\spiele\setup\counter-strike 1.6\hlds.exe" = protocol=6 | dir=in | app=d:\spiele\setup\counter-strike 1.6\hlds.exe |
"TCP Query User{B1C57EFF-7215-421B-85D4-7FE5C89AA536}D:\spiele\c+c\game.exe" = protocol=6 | dir=in | app=d:\spiele\c+c\game.exe |
"TCP Query User{B31D7D1C-64B5-47DC-AEB2-D66D6942F188}D:\spiele\c+c\mph.exe" = protocol=6 | dir=in | app=d:\spiele\c+c\mph.exe |
"TCP Query User{B392A6CB-6584-437D-8F7C-1E430417CA6E}D:\spiele\wolfenstein\mp\wolf2mp.exe" = protocol=6 | dir=in | app=d:\spiele\wolfenstein\mp\wolf2mp.exe |
"TCP Query User{B52AB57E-79E9-40A9-B38B-474D27C8BFA4}D:\internet\inetprogramme\cain\cain\cain.exe" = protocol=6 | dir=in | app=d:\internet\inetprogramme\cain\cain\cain.exe |
"TCP Query User{B5D19F52-4264-4127-A5AD-FF934DC32230}D:\internet\inetprogramme\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\internet\inetprogramme\icq6.5\icq.exe |
"TCP Query User{BC912848-FBA1-416E-8731-387B1F6E15D8}C:\users\marvin\desktop\pokemon\2\vbaserver.exe" = protocol=6 | dir=in | app=c:\users\marvin\desktop\pokemon\2\vbaserver.exe |
"TCP Query User{C7BD4113-7A5C-4A8E-911B-0590174BF288}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{D3B0854C-D809-46A6-AB2E-D687327353C6}D:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\visualboyadvance.exe" = protocol=6 | dir=in | app=d:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\visualboyadvance.exe |
"TCP Query User{D9FFE8C2-7AC0-4B6C-BEE1-F28612AE495B}D:\spiele\anno 1503\1503startup.exe" = protocol=6 | dir=in | app=d:\spiele\anno 1503\1503startup.exe |
"TCP Query User{E1A18A83-E43D-49AC-A427-F0F229A6E7C7}C:\users\marvin\appdata\local\temp\rar$ex15.705\bifrost_1.2.1_unpacked\bifrost.exe" = protocol=6 | dir=in | app=c:\users\marvin\appdata\local\temp\rar$ex15.705\bifrost_1.2.1_unpacked\bifrost.exe |
"TCP Query User{E5815F02-4022-407D-991F-615A564D68F6}D:\progs\hack\prorat_1.9_se\proconnective.exe" = protocol=6 | dir=in | app=d:\progs\hack\prorat_1.9_se\proconnective.exe |
"TCP Query User{EDEF7D69-A3B3-423E-84A5-94ACD7D517FF}D:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\visualboyadvance.exe" = protocol=6 | dir=in | app=d:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\visualboyadvance.exe |
"UDP Query User{02926C47-5F1F-4BD0-A3F6-145BEAD6D73E}D:\progs\hack\prorat_1.9_se\proconnective.exe" = protocol=17 | dir=in | app=d:\progs\hack\prorat_1.9_se\proconnective.exe |
"UDP Query User{042F3851-5A75-4270-AB57-038493FEC663}D:\internet\inetprogramme\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\internet\inetprogramme\icq6.5\icq.exe |
"UDP Query User{051587D5-7FB8-4F8B-9D26-C922B2A069DB}C:\users\marvin\appdata\local\temp\rar$ex15.705\bifrost_1.2.1_unpacked\bifrost.exe" = protocol=17 | dir=in | app=c:\users\marvin\appdata\local\temp\rar$ex15.705\bifrost_1.2.1_unpacked\bifrost.exe |
"UDP Query User{0CE3CCB3-F06A-4CA5-9CA4-817834E8A717}C:\users\marvin\desktop\pokemon\2\visualboyadvance.exe" = protocol=17 | dir=in | app=c:\users\marvin\desktop\pokemon\2\visualboyadvance.exe |
"UDP Query User{17BAA2EC-0B5B-4B3D-9415-FB5342E08BC0}D:\spiele\wolfenstein\mp\wolf2mp.exe" = protocol=17 | dir=in | app=d:\spiele\wolfenstein\mp\wolf2mp.exe |
"UDP Query User{19BE681B-5CCB-4C92-AE41-835CF067BA42}D:\internet\inetprogramme\cain\cain.exe" = protocol=17 | dir=in | app=d:\internet\inetprogramme\cain\cain.exe |
"UDP Query User{1DA872E5-21A2-4E25-B7C4-74C1E46155EE}D:\spiele\c+c\mph.exe" = protocol=17 | dir=in | app=d:\spiele\c+c\mph.exe |
"UDP Query User{25CF70CF-5A67-4A26-B55D-085B5A045DC0}C:\windows\system32\presentationhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\presentationhost.exe |
"UDP Query User{263A7781-3736-4DB8-A09E-597F90ED86C8}D:\internet\inetprogramme\cain\cain\cain.exe" = protocol=17 | dir=in | app=d:\internet\inetprogramme\cain\cain\cain.exe |
"UDP Query User{291C3811-96EF-4C63-A4C8-13126C05BBCA}D:\spiele\anno 1503\1503startup.exe" = protocol=17 | dir=in | app=d:\spiele\anno 1503\1503startup.exe |
"UDP Query User{2ADAA690-79F1-43CF-8EE2-9813E1030F8A}C:\users\marvin\desktop\pokemon\1.8\visualboyadvance.exe" = protocol=17 | dir=in | app=c:\users\marvin\desktop\pokemon\1.8\visualboyadvance.exe |
"UDP Query User{2B8603AC-97E7-418A-AF46-A55069155174}I:\programme\bf\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=i:\programme\bf\battlefield 2\bf2.exe |
"UDP Query User{41FB38DD-3CBA-47DA-8BB8-DD1EB8598F52}C:\users\marvin\appdata\local\temp\rar$ex00.033\ipcurve\ipcurve.exe" = protocol=17 | dir=in | app=c:\users\marvin\appdata\local\temp\rar$ex00.033\ipcurve\ipcurve.exe |
"UDP Query User{4C78481B-EFBE-47AF-98BF-2D41802B2DDC}D:\spiele\gta4\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\spiele\gta4\grand theft auto iv\gtaiv.exe |
"UDP Query User{4E8F4CE8-277E-473C-9A44-28F722A5A40B}D:\spiele\c+c\game.exe" = protocol=17 | dir=in | app=d:\spiele\c+c\game.exe |
"UDP Query User{54133F5F-3B42-4925-A58F-D44B96369BC1}D:\spiele\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=d:\spiele\battlefield vietnam\bfvietnam.exe |
"UDP Query User{589B035A-FDAD-48C9-A56A-4F86C98733F1}D:\spiele\gta4\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\spiele\gta4\grand theft auto iv\gtaiv.exe |
"UDP Query User{5F5A18AC-FD0B-433F-8DD0-799283A244B9}C:\users\marvin\desktop\pokemon\2\vbaserver.exe" = protocol=17 | dir=in | app=c:\users\marvin\desktop\pokemon\2\vbaserver.exe |
"UDP Query User{6323722D-0226-4EC4-8EF7-BC8D3FC8A1BE}D:\spiele\setup\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\spiele\setup\counter-strike 1.6\hl.exe |
"UDP Query User{6813BAE6-7C41-4B67-9C1E-E67D10FED03C}D:\spiele\setup\counter-strike 1.6\hlds.exe" = protocol=17 | dir=in | app=d:\spiele\setup\counter-strike 1.6\hlds.exe |
"UDP Query User{691D091C-5EF7-455D-9A37-147725F004EF}D:\spiele\moh\pacificassault\mohpa.exe" = protocol=17 | dir=in | app=d:\spiele\moh\pacificassault\mohpa.exe |
"UDP Query User{74BD6ED9-EFDA-4FDA-95D7-A117D3BE8751}D:\spiele\steamless counterstrikesource pack\hl2.exe" = protocol=17 | dir=in | app=d:\spiele\steamless counterstrikesource pack\hl2.exe |
"UDP Query User{75F7CC34-AAC4-4203-BAC2-4991C6FE21BA}D:\spiele\setup\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\spiele\setup\counter-strike 1.6\hl.exe |
"UDP Query User{7FB5F471-DDEE-4DD2-9F09-DA5F39C20A90}J:\programme\bf\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=j:\programme\bf\battlefield 2\bf2.exe |
"UDP Query User{8867C3AD-5A1F-4236-A94A-8734E2DC7570}D:\spiele\c+c\game.exe" = protocol=17 | dir=in | app=d:\spiele\c+c\game.exe |
"UDP Query User{956721CA-42A2-4650-8EE8-3EFF7AD6F0D0}D:\spiele\steamless counterstrikesource pack\hl2.exe" = protocol=17 | dir=in | app=d:\spiele\steamless counterstrikesource pack\hl2.exe |
"UDP Query User{98BE3613-ABA5-4042-9FBC-41936E57C461}D:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\visualboyadvance.exe" = protocol=17 | dir=in | app=d:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\visualboyadvance.exe |
"UDP Query User{9B9F1CF8-D82C-440F-AF79-69099CD12708}D:\spiele\setup\counter-strike 1.6\hltv.exe" = protocol=17 | dir=in | app=d:\spiele\setup\counter-strike 1.6\hltv.exe |
"UDP Query User{A3C80078-6A86-464B-894E-664FB146E9E1}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{AD1A5601-A68B-4DE6-B60B-F74AEE812C42}D:\spiele\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=d:\spiele\battlefield vietnam\bfvietnam.exe |
"UDP Query User{B34FF909-F0A3-43D2-8A65-11ED6827DB4F}D:\spiele\setup\counter-strike 1.6aaa\hltv.exe" = protocol=17 | dir=in | app=d:\spiele\setup\counter-strike 1.6aaa\hltv.exe |
"UDP Query User{BA231136-AD28-41B1-9DAC-2AE298247EAA}D:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\link\2\vbaserver.exe" = protocol=17 | dir=in | app=d:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\link\2\vbaserver.exe |
"UDP Query User{D4BC4E29-62B7-49F8-A334-A1C37047E345}D:\progs\vlc\vlc.exe" = protocol=17 | dir=in | app=d:\progs\vlc\vlc.exe |
"UDP Query User{D886260C-0347-4A4A-8B43-7A6D707A3712}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{DB15A15E-7B99-45E2-AA80-09F32ECC43F3}D:\spiele\cod mw2\iw4mp.exe" = protocol=17 | dir=in | app=d:\spiele\cod mw2\iw4mp.exe |
"UDP Query User{E0EF7F04-1B52-4F9A-8B04-035019D24704}D:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\link\2\vbaserver.exe" = protocol=17 | dir=in | app=d:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\link\2\vbaserver.exe |
"UDP Query User{E87A4E9A-6C24-49CA-B236-9356BF984309}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{EA2C7942-4EB2-4C2D-8159-8D9F4DA65A69}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{F7D472D2-091B-467B-ADB5-383AB93FB1CE}D:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\visualboyadvance.exe" = protocol=17 | dir=in | app=d:\spiele\pokemon (incl. saphire+ruby) gameboy roms (gba,gb,gbc) in englis\emulator\visualboyadvance 1.6 (gb,gba,gbc)\visualboyadvance.exe |
"UDP Query User{F86C0A43-78AB-422F-B2C7-D12E05B7DE72}D:\internet\inetprogramme\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\internet\inetprogramme\icq6.5\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{00D15456-F679-4AD4-8BD2-56450D4C3F72}" = WarRock
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}" = Civilization III
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11C88EEC-23FC-4181-B6E4-22247E2ABD28}" = Microsoft Expression Web 3
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
"{31D543E6-2234-47CA-B3F7-2C5765CA2D9B}" = LG PC Suite II
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4527481F-E36D-408E-9F40-89E2630E2120}" = TubeBox!
"{4847BBB9-EADD-4C92-90BF-4223B0892FF6}" = Microsoft Flight Simulator X Service Pack 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C3EF687-803F-4825-B815-04AE32DDEB41}" = YAVIDO
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}" = Medal of Honor Pacific Assault(tm)
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6059C682-4C5F-4106-8487-943E98225D3B}" = LG MC USB Modem driver
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{752E90AC-3F11-4EA3-88EA-96441047EC31}" = Microsoft Expression Web 3 SP1
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{99889189-C739-4A46-BA02-3B271A118957}" = F.E.A.R. Mission Perseus
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{BF962E1B-D17A-4713-A100-6531A132D83D}_is1" = Foto-Mosaik-Edda 5.5.0
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07643A3-CE41-4286-8C78-EB9C83E76DDB}" = PunkBuster für Battlefield Vietnam
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3492D9E-7FBB-1DF6-F759-2A37FA231031}" = Nero 7 Demo
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM)
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}" = ANNO 1503
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"Adobe AIR" = Adobe AIR
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bridge Builder" = Bridge Builder
"C&C Alarmstufe Rot_is1" = C&C Alarmstufe Rot
"Cain & Abel v4.9.35" = Cain & Abel v4.9.35
"Cataclysm" = Cataclysm
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"File Recover_is1" = File Recover 7.0
"free-downloads.net Toolbar" = free-downloads.net Toolbar
"German Patch" = German Patch
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Homeworld" = Homeworld
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"No-IP.com DUC" = No-IP.com DUC (remove only)
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"Polipo" = Polipo 1.0.4.1
"PunkBusterSvc" = PunkBuster Services
"Red Alert 2" = Command & Conquer Alarmstufe Rot 2
"RollerCoaster Tycoon Setup" = Roll
"Roulette Software Dan0_21" = Roulette Software Dan0_21 (Remove Only)
"Smart Data Recovery_is1" = Smart Data Recovery v4.2
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"Steamless Counter Strike Source Pack" = Steamless Counter Strike Source Pack
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"Surf & E-Mail-Stick" = Surf & E-Mail-Stick
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tor" = Tor 0.2.2.14-alpha
"UndeletePlus_is1" = Undelete Plus 2.98
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"UseNeXT_is1" = UseNeXT
"uTorrent" = µTorrent
"Vidalia" = Vidalia 0.2.9
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.0.5
"Web_3.0.3813.0" = Microsoft Expression Web 3
"WebcamMax" = WebcamMax
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"Wireshark" = Wireshark 0.99.7
"WOLAPI" = Gemeinsam genutzte Internet-Komponenten von Westwood
"XMedia Recode" = XMedia Recode 2.1.2.5
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 1.9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.2.0
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.10.2010 07:50:45 | Computer Name = Marvin-NB | Source = WinMgmt | ID = 10
Description =
Error - 12.10.2010 12:47:26 | Computer Name = Marvin-NB | Source = WinMgmt | ID = 10
Description =
Error - 13.10.2010 08:09:45 | Computer Name = Marvin-NB | Source = WinMgmt | ID = 10
Description =
Error - 13.10.2010 23:49:13 | Computer Name = Marvin-NB | Source = WinMgmt | ID = 10
Description =
Error - 14.10.2010 03:47:25 | Computer Name = Marvin-NB | Source = WinMgmt | ID = 10
Description =
Error - 15.10.2010 10:43:43 | Computer Name = Marvin-NB | Source = WinMgmt | ID = 10
Description =
Error - 15.10.2010 21:24:20 | Computer Name = Marvin-NB | Source = WinMgmt | ID = 10
Description =
Error - 19.10.2010 10:13:13 | Computer Name = Marvin-NB | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2010 09:30:47 | Computer Name = Marvin-NB | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2010 10:15:42 | Computer Name = Marvin-NB | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 17.11.2010 11:35:30 | Computer Name = Marvin-NB | Source = Service Control Manager | ID = 7000
Description =
Error - 17.11.2010 15:21:21 | Computer Name = Marvin-NB | Source = Service Control Manager | ID = 7011
Description =
Error - 17.11.2010 15:46:29 | Computer Name = Marvin-NB | Source = Service Control Manager | ID = 7011
Description =
Error - 18.11.2010 12:15:31 | Computer Name = Marvin-NB | Source = Service Control Manager | ID = 7011
Description =
Error - 18.11.2010 12:16:18 | Computer Name = Marvin-NB | Source = Service Control Manager | ID = 7011
Description =
Error - 19.11.2010 10:12:32 | Computer Name = Marvin-NB | Source = Service Control Manager | ID = 7000
Description =
Error - 19.11.2010 10:12:43 | Computer Name = Marvin-NB | Source = DCOM | ID = 10005
Description =
Error - 19.11.2010 10:12:43 | Computer Name = Marvin-NB | Source = Service Control Manager | ID = 7009
Description =
Error - 19.11.2010 10:25:54 | Computer Name = Marvin-NB | Source = DCOM | ID = 10010
Description =
Error - 20.11.2010 18:52:54 | Computer Name = Marvin-NB | Source = DCOM | ID = 10010
Description =
< End of report >
OTL.txt Code:
OTL logfile created on: 21.11.2010 14:59:34 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Marvin\Documents\konni
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 39,00% Memory free
6,00 Gb Paging File | 3,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 83,01 Gb Total Space | 10,14 Gb Free Space | 12,21% Space Free | Partition Type: NTFS
Drive D: | 205,08 Gb Total Space | 33,07 Gb Free Space | 16,13% Space Free | Partition Type: NTFS
Drive E: | 2,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MARVIN-NB | User Name: Marvin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Marvin\Documents\konni\OTL.exe (OldTimer Tools)
PRC - D:\Internet\InetProgramme\ICQ6.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\Uniblue\RegistryBooster\registrybooster.exe (Uniblue Systems Limited)
PRC - C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10g_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - D:\Progs\schutz\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - D:\Progs\torrent\uTorrent.exe (BitTorrent, Inc.)
PRC - D:\Internet\Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Programme\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - D:\Progs\virtualCloneDriver\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\SamSung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Programme\SamSung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - D:\Progs\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
========== Modules (SafeList) ==========
MOD - C:\Users\Marvin\Documents\konni\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Hamachi2Svc) -- D:\Internet\Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (StarWindServiceAE) -- D:\Progs\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (TOSHIBA Bluetooth Service) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
========== Driver Services (SafeList) ==========
DRV - (PRISM_A02) -- C:\Windows\System32\DRIVERS\PRISMA02.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV - (VClone) -- C:\Windows\System32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (RMCAST) RMCAST (Pgm) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)
DRV - (VMC302) -- C:\Windows\System32\drivers\vmc302.sys (Vimicro Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (MarvinBus) -- C:\Windows\System32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Programme\free-downloads.net\tbfre1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://google.de/"
FF - prefs.js..extensions.enabledItems: {E78313ED-E64C-451B-9B5F-8A66A8D08A64}:2.5.10.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..network.proxy.backup.ftp: "110.137.49.181"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "110.137.49.181"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "110.137.49.181"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "110.137.49.181"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.http: "118.96.136.21"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 1
FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: D:\Progs\Adobe CS 5 Master\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010.10.03 14:34:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.07 17:44:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.03 14:35:00 | 000,000,000 | ---D | M]
[2009.08.23 08:20:17 | 000,000,000 | ---D | M] -- C:\Users\Marvin\AppData\Roaming\mozilla\Extensions
[2010.10.08 17:07:35 | 000,000,000 | ---D | M] -- C:\Users\Marvin\AppData\Roaming\mozilla\Firefox\Profiles\ar66j0rk.default\extensions
[2010.05.30 20:41:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Marvin\AppData\Roaming\mozilla\Firefox\Profiles\ar66j0rk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.14 20:40:57 | 000,000,000 | ---D | M] (FireFox accelerator) -- C:\Users\Marvin\AppData\Roaming\mozilla\Firefox\Profiles\ar66j0rk.default\extensions\{E78313ED-E64C-451B-9B5F-8A66A8D08A64}
[2010.05.27 08:08:43 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.04.24 16:20:03 | 000,000,000 | ---D | M] (Adobe Reader) -- C:\Programme\Mozilla Firefox\extensions\{b677fa16-ac2f-410c-8ea5-3bc98ed515d3}
[2010.05.27 08:08:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.03.27 17:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npContribute.dll
[2010.04.12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.23 01:48:56 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 01:48:56 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.23 01:48:56 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.23 01:48:56 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.23 01:48:56 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.08.01 12:37:07 | 000,000,925 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Progs\Adobe CS 5 Master\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Adobe Reader) - {147FEC3F-6DE9-437C-8FC1-6B8A20AA0A72} - C:\Users\Marvin\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Systems, Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Programme\free-downloads.net\tbfre1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Progs\Adobe CS 5 Master\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Programme\free-downloads.net\tbfre1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Programme\free-downloads.net\tbfre1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Internet\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TQ566808] E:\Setup.exe File not found
O4 - HKLM..\Run: [VirtualCloneDrive] D:\Progs\virtualCloneDriver\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [{7D1BC36A-8A77-52B0-93D2-837B92459014}] C:\Users\Marvin\AppData\Roaming\Dufu\nyuc.exe ()
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [AlcoholAutomount] D:\Progs\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [Power2GoExpress] File not found
O4 - HKCU..\Run: [Steam] D:\Internet\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] D:\Progs\torrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [WebcamMaxAutoRun] D:\Progs\WebcamMax\WebcamMax.exe (CoolwareMax)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] D:\Progs\schutz\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AdbUpd.lnk = C:\Users\Marvin\AppData\Roaming\Adobe\AdobeUpdate.exe (Adobe Systems Incorporated)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Internet\InetProgramme\\ICQ6.5\ICQ.exe ()
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Internet\InetProgramme\\ICQ6.5\ICQ.exe ()
O13 - gopher Prefix: missing
O16 - DPF: {32C11E38-E587-4BE9-9ABB-D69158C21CE5} hxxp://128.97.43.214/activex/decoder/mpeg4_dec.cab (Moonlight MPEG-4 Video Decoder)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://129.57.20.46:1497/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img34.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img34.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{043206f1-f388-11dd-a3d4-001bdc0fad49}\Shell - "" = AutoRun
O33 - MountPoints2\{043206f1-f388-11dd-a3d4-001bdc0fad49}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found
O33 - MountPoints2\{8a627727-72f5-11de-b34f-001bdc0fad49}\Shell - "" = AutoRun
O33 - MountPoints2\{8a627727-72f5-11de-b34f-001bdc0fad49}\Shell\AutoRun\command - "" = F:\setup\rsrc\Autorun.exe -- File not found
O33 - MountPoints2\{8a627727-72f5-11de-b34f-001bdc0fad49}\Shell\dinstall\command - "" = F:\Directx\dxsetup.exe -- File not found
O33 - MountPoints2\{9c0fa9e8-9954-11de-b11b-001bdc0fad49}\Shell - "" = AutoRun
O33 - MountPoints2\{aae8ebd5-cf66-11dd-89f9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{aae8ebd5-cf66-11dd-89f9-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{b965ceae-9911-11de-b223-001bdc0fad49}\Shell - "" = AutoRun
O33 - MountPoints2\{b965ceae-9911-11de-b223-001bdc0fad49}\Shell\AutoRun\command - "" = H:\autorun.exe -- File not found
O33 - MountPoints2\{b965ceae-9911-11de-b223-001bdc0fad49}\Shell\readit\command - "" = notepad readme.doc
O33 - MountPoints2\{b965cebe-9911-11de-b223-001bdc0fad49}\Shell - "" = AutoRun
O33 - MountPoints2\{b965cebe-9911-11de-b223-001bdc0fad49}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{b965cedd-9911-11de-b223-001bdc0fad49}\Shell - "" = AutoRun
O33 - MountPoints2\{b965cede-9911-11de-b223-001bdc0fad49}\Shell - "" = AutoRun
O33 - MountPoints2\{b965cede-9911-11de-b223-001bdc0fad49}\Shell\readit\command - "" = notepad readme.doc
O33 - MountPoints2\{b965cedf-9911-11de-b223-001bdc0fad49}\Shell - "" = AutoRun
O33 - MountPoints2\{b965cee0-9911-11de-b223-001bdc0fad49}\Shell - "" = AutoRun
O33 - MountPoints2\{b965cee1-9911-11de-b223-001bdc0fad49}\Shell - "" = AutoRun
O33 - MountPoints2\{d569058b-2aa7-11de-941a-001bdc0fad49}\Shell - "" = AutoRun
O33 - MountPoints2\{d569058b-2aa7-11de-941a-001bdc0fad49}\Shell\AutoRun\command - "" = F:\Install.exe -- File not found
O33 - MountPoints2\{e6baf19c-65bc-11df-892c-001377ad79a1}\Shell - "" = AutoRun
O33 - MountPoints2\{e6baf1b3-65bc-11df-892c-001377ad79a1}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.11.21 14:52:46 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Roaming\Malwarebytes
[2010.11.21 14:52:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.21 14:52:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.21 14:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.21 02:24:23 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Roaming\Uniblue
[2010.11.21 02:24:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}
[2010.11.21 02:24:15 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2010.11.21 02:24:05 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Local\PackageAware
[2010.11.13 12:52:01 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Local\LogMeIn Hamachi
[2010.11.12 11:24:26 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\Windows
[2010.11.12 11:24:18 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\Server
[2010.10.28 04:54:48 | 000,000,000 | ---D | C] -- C:\Users\Marvin\Desktop\usb
[2010.10.27 09:14:05 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.10.27 09:14:04 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.10.27 09:14:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.10.24 21:26:47 | 000,000,000 | ---D | C] -- C:\Users\Marvin\Documents\Flight Simulator X Files
[2010.10.24 20:32:52 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Microsoft Games
[2010.10.24 19:28:29 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.10.24 19:28:29 | 000,000,000 | ---D | C] -- C:\Users\Marvin\AppData\Roaming\Adobe Mini Bridge CS5
[2010.10.23 17:51:08 | 000,000,000 | ---D | C] -- C:\MappedFiles
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.11.21 15:01:13 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1F699E16-92E0-4518-8D77-99826ABBD9FD}.job
[2010.11.21 14:54:03 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.21 14:52:32 | 000,000,671 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.21 14:46:56 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.21 14:46:43 | 000,425,630 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.11.21 14:46:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.21 14:46:27 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.21 14:46:22 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.21 02:24:26 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2010.11.21 02:24:22 | 000,000,889 | ---- | M] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk
[2010.11.21 02:24:02 | 000,425,630 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.11.20 22:12:20 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.11.19 15:17:35 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.19 15:17:35 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.19 15:17:35 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.19 15:17:35 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.19 15:10:46 | 3215,572,992 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.19 14:45:51 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.11.19 10:14:07 | 000,278,897 | ---- | M] () -- C:\Users\Marvin\Desktop\C_CN76_TM_01_1005.pdf
[2010.11.17 20:49:41 | 000,095,744 | ---- | M] () -- C:\Users\Marvin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.12 11:31:32 | 000,024,576 | ---- | M] () -- C:\Users\Marvin\Desktop\Jubiliste2010.xls
[2010.11.12 11:26:57 | 000,000,010 | ---- | M] () -- C:\Users\Marvin\AppData\Roaming\install
[2010.11.11 17:17:24 | 000,000,785 | ---- | M] () -- C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AdbUpd.lnk
[2010.11.03 12:51:19 | 000,048,640 | ---- | M] () -- C:\Users\Marvin\Documents\St. Martin.doc
[2010.11.02 15:35:11 | 000,015,872 | ---- | M] () -- C:\Users\Marvin\Documents\Baum.xls
[2010.11.02 07:54:23 | 000,000,104 | ---- | M] () -- C:\Users\Marvin\Desktop\Computer - Verknüpfung.lnk
[2010.10.27 09:55:15 | 000,259,584 | ---- | M] () -- C:\Users\Marvin\Documents\Baumschule.doc
[2010.10.27 09:20:06 | 000,838,808 | ---- | M] () -- C:\Users\Marvin\Documents\Formgehölze_vdberk.pdf
[2010.10.26 04:55:24 | 000,000,680 | ---- | M] () -- C:\Users\Marvin\AppData\Local\d3d9caps.dat
[2010.10.25 12:02:15 | 000,029,184 | ---- | M] () -- C:\Users\Marvin\Desktop\Widerspruch_Stadt Hamm Thomas Rosenstein[1].doc
[2010.10.24 21:18:15 | 003,751,848 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.24 14:41:28 | 000,025,600 | ---- | M] () -- C:\Users\Marvin\Documents\Schwerbehinderung.doc
[2010.10.22 22:55:37 | 000,031,744 | ---- | M] () -- C:\Users\Marvin\Documents\Oktoberfest Party.doc
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.11.21 14:52:32 | 000,000,671 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.21 02:24:25 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2010.11.21 02:24:15 | 000,000,889 | ---- | C] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk
[2010.11.19 10:14:07 | 000,278,897 | ---- | C] () -- C:\Users\Marvin\Desktop\C_CN76_TM_01_1005.pdf
[2010.11.12 11:31:32 | 000,024,576 | ---- | C] () -- C:\Users\Marvin\Desktop\Jubiliste2010.xls
[2010.11.12 11:26:57 | 000,000,010 | ---- | C] () -- C:\Users\Marvin\AppData\Roaming\install
[2010.11.11 17:17:24 | 000,000,785 | ---- | C] () -- C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AdbUpd.lnk
[2010.11.03 12:39:35 | 000,048,640 | ---- | C] () -- C:\Users\Marvin\Documents\St. Martin.doc
[2010.11.02 15:35:11 | 000,015,872 | ---- | C] () -- C:\Users\Marvin\Documents\Baum.xls
[2010.11.02 07:54:23 | 000,000,104 | ---- | C] () -- C:\Users\Marvin\Desktop\Computer - Verknüpfung.lnk
[2010.10.27 09:55:15 | 000,259,584 | ---- | C] () -- C:\Users\Marvin\Documents\Baumschule.doc
[2010.10.27 09:20:06 | 000,838,808 | ---- | C] () -- C:\Users\Marvin\Documents\Formgehölze_vdberk.pdf
[2010.10.25 12:02:15 | 000,029,184 | ---- | C] () -- C:\Users\Marvin\Desktop\Widerspruch_Stadt Hamm Thomas Rosenstein[1].doc
[2010.10.24 13:58:16 | 000,025,600 | ---- | C] () -- C:\Users\Marvin\Documents\Schwerbehinderung.doc
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.10.06 17:21:29 | 000,000,132 | ---- | C] () -- C:\Users\Marvin\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010.08.01 12:58:49 | 000,000,081 | ---- | C] () -- C:\Windows\FinalAlert2.ini
[2010.06.30 15:23:24 | 000,004,096 | -H-- | C] () -- C:\Users\Marvin\AppData\Local\keyfile3.drm
[2010.03.10 07:07:18 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.02.26 11:24:46 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.26 11:24:46 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.02.16 07:23:32 | 000,024,206 | ---- | C] () -- C:\Users\Marvin\AppData\Roaming\UserTile.png
[2010.02.04 22:10:56 | 000,000,173 | ---- | C] () -- C:\Users\Marvin\AppData\Local\rahistory.xml
[2010.02.04 21:40:43 | 000,000,643 | ---- | C] () -- C:\Users\Marvin\AppData\Local\RAExpertHistory.xml
[2010.01.03 14:51:03 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010.01.03 14:51:03 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010.01.03 14:51:03 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010.01.03 14:50:45 | 000,000,071 | ---- | C] () -- C:\Windows\SIERRA.INI
[2009.12.28 20:37:22 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.12.20 17:45:41 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009.12.20 17:45:32 | 000,036,864 | ---- | C] () -- C:\Windows\System32\ODBCSTF.DLL
[2009.10.20 19:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009.09.25 16:24:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.07.17 20:50:57 | 000,139,152 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.07.17 20:50:57 | 000,139,152 | ---- | C] () -- C:\Users\Marvin\AppData\Roaming\PnkBstrK.sys
[2009.06.13 06:52:26 | 000,000,552 | ---- | C] () -- C:\Users\Marvin\AppData\Local\d3d8caps.dat
[2009.04.16 17:53:32 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.02.02 23:33:00 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.01.24 11:45:59 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2008.12.21 20:57:43 | 000,425,630 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.12.21 17:54:43 | 000,425,630 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.12.21 17:26:15 | 000,095,744 | ---- | C] () -- C:\Users\Marvin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.21 15:29:53 | 000,000,135 | ---- | C] () -- C:\Windows\System32\lngEng.ini
[2008.12.21 15:29:53 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2008.12.21 15:22:50 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.12.21 15:22:02 | 000,002,134 | ---- | C] () -- C:\Windows\HotFixList.ini
[2008.12.21 15:08:13 | 000,000,680 | ---- | C] () -- C:\Users\Marvin\AppData\Local\d3d9caps.dat
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.12.05 12:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.07.22 20:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[1997.06.18 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997.06.18 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
========== Files - Unicode (All) ==========
[2009.12.28 20:44:28 | 000,000,000 | ---D | M](C:\Users\Marvin\Documents\? CYON) -- C:\Users\Marvin\Documents\내 CYON
[2009.06.20 17:38:21 | 000,000,000 | ---D | C](C:\Users\Marvin\Documents\? CYON) -- C:\Users\Marvin\Documents\내 CYON
========== Alternate Data Streams ==========
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:24051EFF
< End of report >
|
