Danke für die Schnelle Antwort erstmal,
also den Malware Scan habe ich schon angefangen, als ich den Beutrag geschrieben habe und er läuft immernoch durch (mittlerweile seit über 5 Stunden). Ist das normal???
OTL läuft auch gerade durch.
Gruß,
Swaggy
Edit:
hier sind die OTL Ergebnisse:
OTL Logfile:
OTL Logfile: Code:
OTL logfile created on: 22.03.2011 20:04:14 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Flo\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
5,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): c:\pagefile.sys 3067 3067 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 171,08 Gb Free Space | 38,38% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 8,43 Gb Free Space | 42,19% Space Free | Partition Type: FAT32
Computer Name: STANDPC2 | User Name: Flo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Flo\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\System32\consent.exe (Microsoft Corporation)
PRC - C:\Programme\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe ()
PRC - C:\Programme\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe ()
PRC - C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe ()
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)
PRC - C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\CCU\CCU_Engine.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
PRC - C:\Programme\Medion\MEDIONbox\Program\GCS.exe (Empolis GmbH)
PRC - c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
PRC - C:\Users\Flo\Desktop\Neuer Ordner\RPGXP.exe ()
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
========== Modules (SafeList) ==========
MOD - C:\Users\Flo\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TVECapSvc) TVEnhance Background Capture Service (TBCS) -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe ()
SRV - (TVESched) TVEnhance Task Scheduler (TTS)) -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (srvcPVR) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)
SRV - (AlertService) Intel(R) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation)
SRV - (QualityManager) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe (Intel(R) Corporation)
SRV - (Remote UI Service) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation)
SRV - (MCLServiceATL) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation)
SRV - (DHTRACE) Intel(R) -- C:\Programme\Common Files\Intel\IntelDH\bin\DHTraceController.exe (Intel(R) Corporation)
SRV - (ISSM) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel(R) Corporation)
SRV - (NMSCore) Intel(R) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel(R) Corporation)
SRV - (M1 Server) Intel(R) Viiv(TM) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (GnabService) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
========== Driver Services (SafeList) ==========
DRV - (MpKsl129d48fe) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4E52491-CC8A-4EAB-BC2C-F3AA7F2E7E72}\MpKsl129d48fe.sys (Microsoft Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\HomeCinema\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- C:\Programme\HomeCinema\PowerDVD\000.fcl (Cyberlink Corp.)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (NXP Semiconductors Germany GmbH)
DRV - (TSHWMDTCP) -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\prxtbSof0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2431245
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\prxtbSof0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "softonic-de3 Customized Web Search"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.3.3
FF - prefs.js..extensions.enabledItems: {9d81af43-de53-48d0-a199-42c2a226b24c}:3.2.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - HKLM\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.666.0\firefox\extensions
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.08 11:08:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.22 13:55:58 | 000,000,000 | ---D | M]
[2010.11.10 18:28:21 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Extensions
[2010.11.10 18:28:21 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2011.03.22 14:07:16 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\rbpipver.default\extensions
[2010.04.18 19:51:12 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\rbpipver.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.14 14:27:13 | 000,000,000 | -H-D | M] (Yahoo! Toolbar) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\rbpipver.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.11.11 15:20:42 | 000,000,000 | -H-D | M] (Softonic Deutsch FF Community Toolbar) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\rbpipver.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
[2010.05.17 18:11:16 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\rbpipver.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.30 09:41:45 | 000,000,000 | -H-D | M] (softonic-de3 Toolbar) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\rbpipver.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.11.11 15:20:41 | 000,000,000 | -H-D | M] (Conduit Engine) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\rbpipver.default\extensions\engine@conduit.com
[2010.06.08 10:29:10 | 000,000,927 | -H-- | M] () -- C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\rbpipver.default\searchplugins\conduit.xml
[2011.03.22 14:05:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.04.28 19:41:36 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.03.14 14:26:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.03.22 14:05:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010.04.28 19:41:36 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
[2010.04.26 15:31:21 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2011.03.14 14:26:49 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.03.22 14:05:31 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.08.11 20:48:22 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.08.11 20:48:22 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.08.11 20:48:22 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.08.11 20:48:22 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.08.11 20:48:22 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files\Softonic_Deutsch_FF\prxtbSof0.dll (Conduit Ltd.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof0.dll (Conduit Ltd.)
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\prxtbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch FF Toolbar) - {9D81AF43-DE53-48D0-A199-42C2A226B24C} - C:\Programme\Softonic_Deutsch_FF\prxtbSof0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsof0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Philips Device Listener] C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Flo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Flo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - File not found
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000 begin_of_the_skype_highlighting**************075-444553540000******end_of_the_skype_highlighting begin_of_the_skype_highlighting**************075-444553540000******end_of_the_skype_highlighting begin_of_the_skype_highlighting**************075-444553540000******end_of_the_skype_highlighting} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{255fb5a1-ec12-11df-8f60-001d9220ecf6}\Shell - "" = Autorun
O33 - MountPoints2\{255fb5a1-ec12-11df-8f60-001d9220ecf6}\Shell\downloadsb\command - "" = C:\Windows\explorer.exe -- [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{276ae84a-4a24-11df-9e79-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{276ae84a-4a24-11df-9e79-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{276ae84a-4a24-11df-9e79-806e6f6e6963}\Shell\install\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.03.22 14:33:48 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\Malwarebytes
[2011.03.22 14:33:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.03.22 14:33:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.03.22 14:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.03.22 14:33:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.03.22 14:33:37 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.03.22 14:05:30 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.03.22 14:05:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.03.22 14:05:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.03.21 22:50:24 | 000,000,000 | -H-D | C] -- C:\Users\Flo\AppData\Roaming\Uniblue
[2011.03.21 22:50:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}
[2011.03.21 22:50:15 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2011.03.21 22:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011.03.21 22:50:02 | 000,000,000 | -H-D | C] -- C:\Users\Flo\AppData\Local\PackageAware
[2011.03.21 22:49:00 | 000,000,000 | -H-D | C] -- C:\Users\Flo\AppData\Local\Conduit
[2011.03.21 21:57:09 | 000,000,000 | -H-D | C] -- C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Diagnostic
[2011.03.21 16:48:53 | 000,000,000 | -H-D | C] -- C:\Users\Flo\Desktop\RPG-Atelier
[2011.03.21 15:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011.03.21 15:45:39 | 000,000,000 | ---D | C] -- C:\Programme\Xvid
[2011.03.21 15:44:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\ClickPotatoLiteSA
[2011.03.21 15:44:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2011.03.19 00:31:43 | 000,000,000 | -H-D | C] -- C:\Users\Flo\Desktop\Tilesets
[2011.03.14 14:29:19 | 000,000,000 | ---D | C] -- C:\Windows\TempAA03F409-4FF2-156F-E542-88CD5B33D85E-Signatures
[2011.03.14 14:28:27 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2011.03.14 14:27:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2011.03.14 14:27:44 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011.03.14 14:26:48 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.03.13 15:40:17 | 000,000,000 | -H-D | C] -- C:\Users\Flo\Documents\RPGXP
[2011.03.13 15:36:11 | 000,000,000 | -H-D | C] -- C:\Users\Flo\Desktop\Neuer Ordner
[2011.03.09 14:14:18 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.03.09 14:14:18 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.03.09 14:14:18 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.03.09 14:14:18 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011.02.26 22:17:51 | 000,000,000 | ---D | C] -- C:\Programme\hamachi_save
[2011.02.26 22:14:37 | 000,025,280 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\hamachi.sys
[2011.02.26 22:06:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamachi
[2011.02.25 18:33:31 | 000,000,000 | -H-D | C] -- C:\Users\Flo\AppData\Roaming\mIRC
[2011.02.25 18:33:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2011.02.25 18:33:30 | 000,000,000 | ---D | C] -- C:\Programme\mIRC
[2011.02.24 16:01:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011.02.24 16:00:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011.02.24 15:59:57 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011.02.24 15:59:57 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011.02.24 15:59:57 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011.02.24 15:59:56 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011.02.24 15:59:56 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011.02.24 15:59:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011.02.24 15:59:55 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011.02.24 15:59:55 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011.02.24 15:59:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011.02.24 15:59:55 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011.02.24 15:59:49 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011.02.24 15:59:49 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011.02.24 15:59:49 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011.02.24 15:59:49 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011.02.24 15:59:48 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.03.22 20:05:03 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.22 19:52:49 | 000,001,890 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2011.03.22 19:50:07 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.22 19:41:07 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.22 19:41:07 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.22 19:40:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.22 14:17:06 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011.03.22 13:58:27 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.21 22:50:23 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk
[2011.03.21 21:57:10 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~43638536r
[2011.03.21 21:57:10 | 000,000,104 | -H-- | M] () -- C:\ProgramData\~43638536
[2011.03.21 21:57:09 | 000,000,591 | -H-- | M] () -- C:\Users\Flo\Desktop\Windows Diagnostic.lnk
[2011.03.21 21:57:05 | 000,000,336 | -H-- | M] () -- C:\ProgramData\43638536
[2011.03.21 21:13:12 | 000,002,623 | -H-- | M] () -- C:\Users\Flo\Desktop\Microsoft Word.lnk
[2011.03.20 21:26:28 | 000,103,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011.03.20 21:07:02 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.03.18 15:35:52 | 000,000,056 | RHS- | M] () -- C:\Windows\System32\9CD804905C.sys
[2011.03.14 14:30:14 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.03.14 14:29:35 | 000,635,148 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.03.14 14:29:35 | 000,601,550 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.14 14:29:35 | 000,130,386 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.03.14 14:29:35 | 000,107,686 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.09 21:06:24 | 000,030,208 | -H-- | M] () -- C:\Users\Flo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.26 22:14:37 | 000,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\hamachi.sys
[2011.02.26 02:19:32 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2011.02.25 21:55:31 | 000,271,200 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.03.21 22:50:25 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2011.03.21 22:50:16 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk
[2011.03.21 21:57:10 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~43638536r
[2011.03.21 21:57:10 | 000,000,104 | -H-- | C] () -- C:\ProgramData\~43638536
[2011.03.21 21:57:09 | 000,000,591 | -H-- | C] () -- C:\Users\Flo\Desktop\Windows Diagnostic.lnk
[2011.03.21 21:57:05 | 000,000,336 | -H-- | C] () -- C:\ProgramData\43638536
[2011.03.21 15:45:40 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.03.21 15:45:40 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2011.03.21 15:45:39 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.03.20 21:03:59 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.03.14 14:30:14 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.03.13 15:39:20 | 000,000,056 | RHS- | C] () -- C:\Windows\System32\9CD804905C.sys
[2011.03.13 15:39:18 | 000,001,890 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2011.03.13 15:36:50 | 000,001,874 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker XP.lnk
[2011.02.26 02:19:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011.02.24 15:59:50 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011.02.24 15:59:50 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011.02.24 15:59:50 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011.02.03 20:38:53 | 000,024,206 | -H-- | C] () -- C:\Users\Flo\AppData\Roaming\UserTile.png
[2011.01.01 21:27:01 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2010.11.04 17:09:07 | 000,942,080 | ---- | C] () -- C:\Windows\System32\NewFlyff.exe
[2010.10.01 12:56:46 | 000,000,000 | -H-- | C] () -- C:\Users\Flo\AppData\Roaming\Default.PLS
[2010.05.25 12:55:24 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.05.25 12:55:21 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.05.17 17:58:52 | 000,000,680 | -H-- | C] () -- C:\Users\Flo\AppData\Local\d3d9caps.dat
[2010.05.07 11:28:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.05.06 12:35:50 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.05.06 12:35:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.04.28 19:46:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.04.24 15:50:32 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.04.20 17:27:51 | 000,022,328 | -H-- | C] () -- C:\Users\Flo\AppData\Roaming\PnkBstrK.sys
[2010.04.20 17:27:51 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.04.20 17:27:35 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010.04.20 17:27:35 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.04.18 20:22:56 | 000,030,208 | -H-- | C] () -- C:\Users\Flo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.17 14:54:25 | 000,000,000 | -H-- | C] () -- C:\Users\Flo\AppData\Roaming\wklnhst.dat
[2010.04.17 14:40:33 | 000,000,091 | -H-- | C] () -- C:\Users\Flo\AppData\Local\fusioncache.dat
[2010.04.17 13:58:15 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.10.07 00:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009.10.07 00:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009.04.30 21:39:36 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.10.22 12:49:01 | 000,299,008 | ---- | C] () -- C:\Windows\System32\midas.dll
[2007.10.22 12:49:01 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll
[2007.10.15 17:38:03 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007.10.15 15:45:53 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.10.15 15:45:52 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.10.09 22:26:24 | 000,009,824 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2007.10.09 16:05:23 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2006.12.11 05:06:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006.11.02 16:33:31 | 000,635,148 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 16:33:31 | 000,130,386 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,372,872 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,601,550 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,107,686 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.06.23 09:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2005.08.30 00:00:00 | 000,781,312 | ---- | C] () -- C:\Windows\System32\RGSS102J.dll
[2005.08.30 00:00:00 | 000,778,752 | ---- | C] () -- C:\Windows\System32\RGSS102E.dll
[2005.08.30 00:00:00 | 000,771,584 | ---- | C] () -- C:\Windows\System32\RGSS100J.dll
< End of report > --- --- --- Zitat:
OTL Extras logfile created on: 22.03.2011 20:04:14 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Flo\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
5,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): c:\pagefile.sys 3067 3067 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 171,08 Gb Free Space | 38,38% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 8,43 Gb Free Space | 42,19% Space Free | Partition Type: FAT32
Computer Name: STANDPC2 | User Name: Flo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09A0479D-6FEC-44EC-AE35-A11F3555DF76}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{769EEBF4-D87F-40D9-AB62-F6416984AC0B}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery | ========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04C23F63-1C82-4C9A-83AD-3F12F37539EC}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{05356D01-672A-456F-A2C4-74761E1863FF}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{0E4F2913-904F-407F-B3BF-E5C43AACAFAE}" = dir=in | app=c:\program files\homecinema\tv enhance\tvenhance.exe |
"{11A0AE7E-F2EB-42C8-9D13-DC2C76618033}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{13AD2E8B-1AD6-47CD-975D-FB6A7EF6B8B1}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{158BF91F-0B1D-470C-A221-130CC11B9281}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{1B5C7D3A-1771-45D7-BDA6-99B3E41A7CB4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{1CCB7BF5-B15E-4320-877E-8171A3F7911E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{33ABE7A4-CF36-4B45-9525-F09B92AE249D}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{3F7F48AC-EB90-4271-9DBD-FFCA649CCBC0}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{42EB9F43-0124-42F9-9321-BC37976883A3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{461FE70D-8F58-4C97-AF32-F4E0B65CA2D8}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{4AD3F761-D1D6-4EC8-B75A-AE79C1858339}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe |
"{4AEB1195-588B-42CE-A336-7A9B47E099AC}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{50873C55-0DBC-4F25-B32E-0A21D6C82643}" = protocol=17 | dir=in | app=c:\users\flo\downloads\mediaplayer_setup.exe |
"{5A656C86-B245-43C6-908B-2AD4B0310CC4}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{5F81C531-2EFA-48A0-B165-EB065BC4A00A}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{64DCE4E0-BE06-4BB5-8602-7760B09F65F3}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{68EA7529-C076-4D04-85EF-E35A71E5025D}" = protocol=6 | dir=in | app=c:\users\flo\desktop\spiele\kahlert\cod 4 deutsch\setup\data\iw3mp.exe |
"{75496CE1-C10D-48ED-8378-019476EB3842}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{7CD61BFE-B7B5-4252-840F-F7F31D78E18F}" = dir=in | app=c:\program files\homecinema\tv enhance\tveservice.exe |
"{7D3CF706-04B0-4A39-84FC-3B34E4017780}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{802811EB-B6AA-4427-A50A-00FC9929FDA9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{83196D6B-44CC-480B-8792-211301773BFF}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{850910A5-D139-443D-A3AA-3E0634B56C91}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{89396C45-DE66-4A24-9F77-B089F209464D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{93B2C3B4-DFFB-4649-81E6-ADCCDB7139DB}" = protocol=6 | dir=in | app=c:\users\flo\downloads\mediaplayer_setup.exe |
"{9935C6BA-B50F-478F-9FBA-765885DACCDA}" = dir=in | app=c:\program files\homecinema\playmovie\pmvservice.exe |
"{A3761320-D9B9-4DDD-AA01-6D5D6152C94D}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{A66F1099-CF28-4513-BD4F-43278966A05D}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{AE5AC8EC-7E53-4920-9426-17DEEB789B70}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{B04217C0-D122-41C9-922D-760233DA4838}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{BCD03BFB-4564-41A0-9C52-9AC938F13D76}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{D383F04C-5757-4FE6-90E7-B48D22CB8919}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{E2D3FE62-EE8D-43CA-9F4F-35627E1A60E8}" = protocol=17 | dir=in | app=c:\users\flo\desktop\spiele\kahlert\cod 4 deutsch\setup\data\iw3mp.exe |
"{F57992BE-DF49-4577-A209-45D313905303}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{FAE57EDA-E71F-4905-976F-FF8091FB39CD}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{FB768641-55FC-4FAF-9D9C-CBFD9E74F821}" = dir=in | app=c:\program files\homecinema\playmovie\playmovie.exe |
"{FCFE3580-EA9A-43B6-914E-B7B8D3FDCF15}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{FE87A4D1-DF76-4A03-A68D-B1715D734D9E}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
"TCP Query User{08B1E237-74BA-42F3-BD26-975FF0E962F2}C:\users\flo\desktop\spiele\gut\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\users\flo\desktop\spiele\gut\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{0BEFEA3E-8315-4359-9548-1144CBB5C7BC}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{0DC07DAC-74D6-4E6D-80E7-6E4B276C147C}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{1F57A4F1-F64D-4FC4-8B00-AFA4E8C80D16}C:\users\flo\desktop\siedler ii\die siedler ii - die nächste generation\bin\s2dng.exe" = protocol=6 | dir=in | app=c:\users\flo\desktop\siedler ii\die siedler ii - die nächste generation\bin\s2dng.exe |
"TCP Query User{253307BC-98B3-40DC-AE6D-C41409F712A5}C:\users\flo\desktop\american wasteland\game\thaw.exe" = protocol=6 | dir=in | app=c:\users\flo\desktop\american wasteland\game\thaw.exe |
"TCP Query User{2865E1C4-92A3-46DA-8FC3-FD5E15BB60C6}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe |
"TCP Query User{2C8364E2-A516-4FBB-A8C5-7280977F14ED}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{525D34CF-2869-4295-A384-0B02C7EDB007}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{54788931-6B50-4A03-BDF8-4FB6C90126D9}C:\users\flo\desktop\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\users\flo\desktop\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{5B177E1B-BD8A-4CCE-A15F-0C607CDAE1F7}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{5CC43536-0B0C-43FB-924E-D7D83AA4029E}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{64AE24CB-8D14-41FE-BEDB-6233E6BB7261}C:\users\flo\temp\teamviewer\version4\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\flo\temp\teamviewer\version4\teamviewer.exe |
"TCP Query User{80198EDC-9515-48A5-836E-7BAF633B8241}C:\program files\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"TCP Query User{854E88E8-1C6E-49A4-A45E-B51F54E45332}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{93E78370-031C-48D2-B1D2-8938D1220D63}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{B750E615-8BC5-4F17-90B5-4CF351232C96}C:\users\flo\desktop\spiele\kahlert\der herr der ringe® - die eroberung™\conquest.exe" = protocol=6 | dir=in | app=c:\users\flo\desktop\spiele\kahlert\der herr der ringe® - die eroberung™\conquest.exe |
"TCP Query User{B896ECAA-4AF0-4F51-8D08-55DB891AAAA7}C:\users\flo\desktop\spiele\spiele\langames\cs1.6\cs16\hl.exe" = protocol=6 | dir=in | app=c:\users\flo\desktop\spiele\spiele\langames\cs1.6\cs16\hl.exe |
"TCP Query User{B9BDA077-20CC-49DF-973D-FC1B61D8108C}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe |
"TCP Query User{BAA86FCC-B37B-4518-A780-420BB8129FD9}C:\users\flo\desktop\siedler iii\s3.exe" = protocol=6 | dir=in | app=c:\users\flo\desktop\siedler iii\s3.exe |
"TCP Query User{C0D616D9-1F1A-4A95-91A7-46567D182E09}C:\program files\icq7.1\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"TCP Query User{C1BBE6EE-5AAD-4CD1-8345-8754E9340B59}C:\users\flo\desktop\spiele\kahlert\cod 4 deutsch\setup\data\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\flo\desktop\spiele\kahlert\cod 4 deutsch\setup\data\iw3mp.exe |
"TCP Query User{C6CAB7AB-E4C7-40B7-9F26-F12A8903DF3A}C:\users\flo\desktop\siedler ii\die siedler ii - die nächste generation\bin\s2dng.exe" = protocol=6 | dir=in | app=c:\users\flo\desktop\siedler ii\die siedler ii - die nächste generation\bin\s2dng.exe |
"UDP Query User{04B17415-44B8-4547-BF6A-AC4C81A08675}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{0A92B3F4-763D-4A9C-9B0B-CE218011F9BE}C:\users\flo\desktop\spiele\kahlert\cod 4 deutsch\setup\data\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\flo\desktop\spiele\kahlert\cod 4 deutsch\setup\data\iw3mp.exe |
"UDP Query User{0AE73B9F-76FF-46CA-B035-CF64A447E700}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{162CC796-D5C4-42F6-B37D-A49F624F3162}C:\users\flo\desktop\siedler ii\die siedler ii - die nächste generation\bin\s2dng.exe" = protocol=17 | dir=in | app=c:\users\flo\desktop\siedler ii\die siedler ii - die nächste generation\bin\s2dng.exe |
"UDP Query User{1D8FAE52-8EF8-4272-A3E3-71AF92FB7722}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{24AF71CB-B4CC-40D8-9788-A5DA38FBD2A8}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{2B34DBF0-7276-4309-B208-C66DB88AE17B}C:\users\flo\desktop\spiele\spiele\langames\cs1.6\cs16\hl.exe" = protocol=17 | dir=in | app=c:\users\flo\desktop\spiele\spiele\langames\cs1.6\cs16\hl.exe |
"UDP Query User{2FCBE9A3-9FBF-4B4A-8649-AAC0921755B1}C:\users\flo\desktop\american wasteland\game\thaw.exe" = protocol=17 | dir=in | app=c:\users\flo\desktop\american wasteland\game\thaw.exe |
"UDP Query User{2FCE028C-5FAA-4A6F-A650-02985EFDF3CF}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe |
"UDP Query User{3A2F7198-F9E2-4D84-B414-177ED3331FC3}C:\users\flo\temp\teamviewer\version4\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\flo\temp\teamviewer\version4\teamviewer.exe |
"UDP Query User{59DE64E3-F770-44C2-9C9C-EE3A076DEF71}C:\users\flo\desktop\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\users\flo\desktop\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{5BD41A4B-BC8E-4979-B42D-5E956B719207}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{78024E9C-ED45-4D40-8F69-AFAAF11A3823}C:\program files\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"UDP Query User{7D32B4C8-3EAE-4AD1-A612-67FE322BB563}C:\users\flo\desktop\spiele\gut\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\users\flo\desktop\spiele\gut\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{887699DE-D65E-4A4E-9398-8D13B39C0813}C:\users\flo\desktop\siedler iii\s3.exe" = protocol=17 | dir=in | app=c:\users\flo\desktop\siedler iii\s3.exe |
"UDP Query User{8B6CF88C-BB4B-4FB8-965B-1A41759B7421}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{93DA37AC-50B2-4AE0-90ED-DF401524F6C7}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{C127EA0A-7C72-48A8-8969-FB7D466302F6}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe |
"UDP Query User{C43D652D-F67D-42D0-9A64-008D2C8E1394}C:\users\flo\desktop\spiele\kahlert\der herr der ringe® - die eroberung™\conquest.exe" = protocol=17 | dir=in | app=c:\users\flo\desktop\spiele\kahlert\der herr der ringe® - die eroberung™\conquest.exe |
"UDP Query User{CC2AA366-B5B4-4A40-ABE9-3D8AF043216C}C:\users\flo\desktop\siedler ii\die siedler ii - die nächste generation\bin\s2dng.exe" = protocol=17 | dir=in | app=c:\users\flo\desktop\siedler ii\die siedler ii - die nächste generation\bin\s2dng.exe |
"UDP Query User{E207595F-3EB7-4657-B5F4-6DDF129B8B46}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{F863B4FB-9226-4988-85C7-F72EB81E6E65}C:\program files\icq7.1\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 24
"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{3293C06B-003F-4027-8380-FFD79E38167D}" = Tony Hawk's American Wasteland
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{452473D3-1D26-4E61-8060-3B216620D60C}_is1" = Fahren Lernen Offline 1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{53DF73B1-37F5-4B7F-86ED-FA7CC4041031}" = Nero 8 Essentials
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client DE-DE Language Pack
"{89F1F5CF-144F-466B-A939-1675B0022ADE}" = Pacemaker Editor
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP
"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Play Movie
"{A7472CEE-6E85-4D43-9C71-BDFC0D471F70}" = Intel® Viiv™ Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BBBF4CFE-9D26-4D93-A869-B2B021B3CA85}" = Intel(R) PRO Network Connections 12.2.41.0
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC8E84E-AB61-4EC0-890D-8B553915B3AD}" = TVsweeper
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}" = Star Wars Republic Commando
"{E08DE897-B6AF-4DFF-9E90-131E80C876B4}" = DIE SIEDLER - Das Erbe der Könige - Gold Edition
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"conduitEngine" = Conduit Engine
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"FormatFactory" = FormatFactory 2.60
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.3
"Free Studio_is1" = Free Studio version 4.9
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.5
"Google Chrome" = Google Chrome
"Gothic II" = Gothic II
"Hamachi" = Hamachi 1.0.2.3
"ICQToolbar" = ICQ Toolbar
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Intel(R) Configuration Center" = Intel® Viiv™ Software
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"mIRC" = mIRC
| --- --- ---
Ich hoffe ich hab jetzt keinen riesen Beitrag gemacht und die OTL Ergebnisse in so ein Scroll-Fenster gepackt.
Das kommt mir übrigens ziemlich viel vor, was der da rausgefunden hat. Ist das auch normal, oder ist mein Pc einfach extrem vollgemüllt (was durchaus sein kann) ??? |