Da mir im Nachhinein eingefallen ist, dass sich wahrscheinlich niemand die Logdateien runterladen würde, poste ich sie nochmal so.
Sorry 4 Doppelpost. OTL Log Code:
OTL logfile created on: 13.04.2011 08:49:20 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\BalloS\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 76,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,89 Gb Total Space | 38,69 Gb Free Space | 39,53% Space Free | Partition Type: NTFS
Drive D: | 1299,37 Gb Total Space | 1119,01 Gb Free Space | 86,12% Space Free | Partition Type: NTFS
Drive F: | 1397,26 Gb Total Space | 1188,09 Gb Free Space | 85,03% Space Free | Partition Type: NTFS
Drive G: | 1397,26 Gb Total Space | 420,41 Gb Free Space | 30,09% Space Free | Partition Type: NTFS
Drive J: | 14,73 Gb Total Space | 14,64 Gb Free Space | 99,40% Space Free | Partition Type: NTFS
Drive K: | 3,92 Gb Total Space | 3,74 Gb Free Space | 95,50% Space Free | Partition Type: NTFS
Computer Name: BALLOS-PC | User Name: BalloS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.04.13 08:43:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\BalloS\Desktop\OTL.exe
PRC - [2011.04.11 22:15:04 | 001,613,984 | ---- | M] (Argotronic UG (haftungsbeschraenkt)) -- C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe
PRC - [2011.03.24 06:08:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.03.16 19:30:02 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.03.01 16:47:56 | 007,832,440 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
PRC - [2011.03.01 16:47:56 | 002,296,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.01.14 07:53:50 | 001,412,488 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
PRC - [2011.01.14 07:53:48 | 002,942,856 | ---- | M] (Hagel Technologies Ltd.) -- C:\PROGRA~2\DU Meter\DUMeter.exe
PRC - [2011.01.04 12:49:59 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Steam\Steam.exe
PRC - [2010.11.04 20:50:17 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.11.04 20:50:17 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010.10.25 16:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010.09.03 12:35:34 | 001,406,248 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2010.07.12 18:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010.04.21 19:05:20 | 000,161,136 | ---- | M] (Famatech Corp.) -- C:\Windows\SysWOW64\rserver30\FamItrfc.Exe
PRC - [2010.04.21 07:02:02 | 001,242,480 | ---- | M] (Famatech Corp.) -- C:\Windows\SysWOW64\rserver30\rserver3.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.17 12:05:40 | 000,264,704 | ---- | M] () -- C:\Program Files (x86)\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe
PRC - [2010.01.22 13:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.11.19 18:43:14 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Razer\Copperhead\razerhid.exe
PRC - [2009.11.16 13:25:32 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Razer\Copperhead\razertra.exe
PRC - [2007.12.11 14:00:00 | 000,692,808 | ---- | M] (Mirko Böer) -- C:\Program Files (x86)\TrafficMonitor\TMPacketServiceInit.exe
PRC - [2007.05.07 10:52:12 | 000,159,744 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Tarantula\razerhid.exe
PRC - [2007.03.05 18:17:56 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Tarantula\razertra.exe
PRC - [2007.01.24 15:57:14 | 000,897,024 | ---- | M] (Rhino Software, Inc. +1(262) 560-9627) -- C:\Program Files (x86)\RhinoSoft.com\Serv-U\ServUDaemon.exe
PRC - [2007.01.09 09:48:58 | 000,147,456 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Copperhead\razerofa.exe
PRC - [1999.09.30 22:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
========== Modules (SafeList) ==========
MOD - [2011.04.13 08:43:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\BalloS\Desktop\OTL.exe
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.01.05 04:57:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.01.04 23:07:10 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.06.17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV:64bit: - [2010.06.14 12:28:50 | 002,069,880 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.03.16 19:30:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.03.01 16:47:56 | 002,296,696 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.01.14 07:53:50 | 001,412,488 | ---- | M] (Hagel Technologies Ltd.) [Auto | Running] -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe -- (DUMeterSvc)
SRV - [2010.11.04 20:50:17 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.04.21 07:02:02 | 001,242,480 | ---- | M] (Famatech Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rserver30\RServer3.exe -- (RServer3)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.17 12:05:42 | 000,039,936 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Astaro\Astaro SSL VPN Client\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2009.07.16 18:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.12.11 14:00:00 | 000,692,808 | ---- | M] (Mirko Böer) [Auto | Running] -- C:\Program Files (x86)\TrafficMonitor\TMPacketServiceInit.exe -- (TMPService)
SRV - [2007.01.24 15:57:14 | 000,897,024 | ---- | M] (Rhino Software, Inc. +1(262) 560-9627) [Auto | Running] -- C:\Program Files (x86)\RhinoSoft.com\Serv-U\ServUDaemon.exe -- (Serv-U)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.01.05 05:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.01.05 04:19:38 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.11.22 14:25:45 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.10.09 15:34:16 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.08.04 22:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.06.14 12:17:04 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vncmirror.sys -- (vncmirror)
DRV:64bit: - [2010.04.21 07:02:00 | 000,005,632 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rminiv3.sys -- (mirrorv3)
DRV:64bit: - [2010.03.17 12:24:00 | 000,401,696 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010.03.17 12:05:40 | 000,038,432 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2010.03.02 13:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.01.22 12:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.01.22 12:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.11.10 15:50:18 | 000,014,336 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\copperhd.sys -- (copperhd)
DRV:64bit: - [2009.10.19 14:45:54 | 000,039,480 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.09.30 09:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.31 11:40:34 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMfilt64.sys -- (VMfilt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.04.11 16:23:48 | 000,049,664 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UsbFltr.sys -- (TarFltr)
DRV:64bit: - [2005.10.21 17:01:22 | 000,019,200 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbicp.sys -- (uisp)
DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2011.01.14 07:53:54 | 000,019,088 | ---- | M] (Hagel Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\DU Meter\DUMETR64.SYS -- (DUMeterDrv)
DRV - [2010.04.21 07:02:00 | 000,068,680 | ---- | M] (Famatech Corp.) [Kernel | System | Running] -- C:\Windows\SysWOW64\rserver30\raddrvv3.sys -- (raddrvv3)
DRV - [2005.12.21 11:23:26 | 000,014,592 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\Usbicp.sys -- (uisp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F7 7E 89 68 6E 7F CB 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.1
FF - prefs.js..extensions.enabledItems: FasterFox_Lite@BigRedBrent:3.9.1Lite
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: bundeskampftoolbar@spielwerk.gmbh:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {B0D70E72-2FC1-4b9f-A3D4-5921C854D906}:1.2
FF - prefs.js..extensions.enabledItems: web2pdfextension@web2pdf.adobedotcom:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011.01.27 13:39:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.24 06:08:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.24 06:08:29 | 000,000,000 | ---D | M]
[2010.10.09 17:32:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BalloS\AppData\Roaming\mozilla\Extensions
[2011.04.12 18:45:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BalloS\AppData\Roaming\mozilla\Firefox\Profiles\kj9yini8.default\extensions
[2011.04.08 08:29:17 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\BalloS\AppData\Roaming\mozilla\Firefox\Profiles\kj9yini8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011.03.12 11:55:18 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\BalloS\AppData\Roaming\mozilla\Firefox\Profiles\kj9yini8.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.11.06 11:08:07 | 000,000,000 | ---D | M] ("Biet-O-Matic Firefox Erweiterung") -- C:\Users\BalloS\AppData\Roaming\mozilla\Firefox\Profiles\kj9yini8.default\extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}
[2011.04.08 08:29:17 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\BalloS\AppData\Roaming\mozilla\Firefox\Profiles\kj9yini8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.03.26 12:25:40 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\BalloS\AppData\Roaming\mozilla\Firefox\Profiles\kj9yini8.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.10.09 20:11:43 | 000,000,000 | ---D | M] (Bundeskampf Toolbar) -- C:\Users\BalloS\AppData\Roaming\mozilla\Firefox\Profiles\kj9yini8.default\extensions\bundeskampftoolbar@spielwerk.gmbh
[2011.03.09 12:35:42 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\BalloS\AppData\Roaming\mozilla\Firefox\Profiles\kj9yini8.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011.03.08 16:57:43 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Users\BalloS\AppData\Roaming\mozilla\Firefox\Profiles\kj9yini8.default\extensions\FasterFox_Lite@BigRedBrent
[2011.04.13 06:07:05 | 000,001,056 | ---- | M] () -- C:\Users\BalloS\AppData\Roaming\Mozilla\Firefox\Profiles\kj9yini8.default\searchplugins\icqplugin.xml
[2011.04.12 18:45:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.10.30 14:53:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.02.13 11:25:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.01.27 13:39:51 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C:\PROGRAM FILES (X86)\ADOBE\ACROBAT 10.0\ACROBAT\BROWSER\WCFIREFOXEXTN
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009.09.21 12:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.10.31 11:47:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.10.31 11:47:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.10.31 11:47:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.10.31 11:47:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.10.31 11:47:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.11.06 15:22:32 | 000,000,864 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~2\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Copperhead] C:\Program Files (x86)\Razer\Copperhead\razerhid.exe ()
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [openvpn-gui] C:\Program Files (x86)\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Tarantula] C:\Program Files (x86)\Razer\Tarantula\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [TrafficMonitor] C:\PROGRA~2\TRAFFICMONITOR\TRAFFICMONITOR.EXE (Mirko Böer)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [Argus Monitor] C:\Program Files (x86)\ArgusMonitor\ArgusMonitor.exe (Argotronic UG (haftungsbeschraenkt))
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKCU..\Run: [Steam] D:\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Expression\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1cc55640-d3aa-11df-82c4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1cc55640-d3aa-11df-82c4-806e6f6e6963}\Shell\AutoRun\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{1cc55640-d3aa-11df-82c4-806e6f6e6963}\Shell\configure\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{1cc55640-d3aa-11df-82c4-806e6f6e6963}\Shell\install\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{1cc55641-d3aa-11df-82c4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1cc55641-d3aa-11df-82c4-806e6f6e6963}\Shell\AutoRun\command - "" = I:\Launcher.exe
O33 - MountPoints2\{289cc7c0-e4d3-11df-ad15-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{289cc7c0-e4d3-11df-ad15-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AUTORUN.exe
O33 - MountPoints2\{289cc7c1-e4d3-11df-ad15-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{289cc7c1-e4d3-11df-ad15-806e6f6e6963}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\{7a841895-e41f-11df-b887-485b3961b490}\Shell - "" = AutoRun
O33 - MountPoints2\{7a841895-e41f-11df-b887-485b3961b490}\Shell\AutoRun\command - "" = H:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.04.13 08:48:27 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.04.13 08:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.04.13 08:47:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011.04.13 08:42:20 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\BalloS\Desktop\Erunt-setup.exe
[2011.04.13 08:42:20 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\BalloS\Desktop\OTL.exe
[2011.04.13 08:42:20 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\BalloS\Desktop\TFC.exe
[2011.04.12 19:11:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Hagel Technologies
[2011.04.12 19:11:52 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
[2011.04.12 19:11:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DU Meter
[2011.04.12 18:02:27 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Roaming\TrafficMonitor
[2011.04.12 18:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TrafficMonitor
[2011.04.12 18:02:24 | 000,330,336 | ---- | C] (Mirko Böer) -- C:\Windows\TraffUn.EXE
[2011.04.12 18:02:24 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TrafficMonitor
[2011.04.12 18:02:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrafficMonitor
[2011.04.12 18:01:44 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Roaming\Wireshark
[2011.04.12 17:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2011.04.12 17:51:47 | 000,000,000 | ---D | C] -- C:\Programme\Wireshark
[2011.04.11 10:25:08 | 000,055,456 | ---- | C] (Argotronic UG (haftungsbeschraenkt)) -- C:\Windows\SysWow64\drivers\ArgusMonitor.sys
[2011.04.04 17:40:56 | 000,000,000 | ---D | C] -- C:\Users\BalloS\Documents\Sokoban
[2011.04.04 17:40:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sokoban
[2011.04.04 17:40:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BDSokobanYASC
[2011.04.02 13:26:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetGear
[2011.04.02 13:16:11 | 000,000,000 | ---D | C] -- C:\Users\BalloS\Documents\ProSafe Plus Utility
[2011.04.02 13:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2011.04.02 13:15:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetGear
[2011.03.27 20:14:34 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Local\Nero_AG
[2011.03.27 20:14:33 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Local\Nero
[2011.03.26 13:27:56 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Local\SKIDROW
[2011.03.22 10:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2011.03.22 10:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2011.03.22 10:07:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2011.03.22 10:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.03.22 10:06:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011.03.20 14:00:42 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2011.03.20 14:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2011.03.20 14:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2011.03.20 14:00:36 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
[2011.03.20 14:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
[2011.03.20 14:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gabest
[2011.03.20 14:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoGK
[2011.03.20 14:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoGK
[2011.03.19 17:44:29 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.03.19 17:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.03.19 17:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011.03.19 17:20:23 | 000,000,000 | ---D | C] -- C:\Users\BalloS\Desktop\Spiele
[2011.03.19 15:22:04 | 000,000,000 | ---D | C] -- C:\Users\BalloS\Documents\Broken Sword - Director's Cut
[2011.03.19 15:21:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baphomets Fluch - The Directors Cut
[2011.03.16 10:01:34 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Roaming\GHISLER
[2011.03.16 09:27:14 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Roaming\Avira
[2011.03.15 19:57:25 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Roaming\FastCopy
[2011.03.15 19:57:24 | 000,000,000 | ---D | C] -- C:\Programme\FastCopy
[2011.03.15 19:41:13 | 000,000,000 | ---D | C] -- C:\Users\BalloS\AppData\Roaming\TeraCopy
[2011.03.15 19:41:10 | 000,000,000 | ---D | C] -- C:\Programme\TeraCopy
[2011.03.15 19:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
[2011.03.14 18:23:05 | 000,000,000 | ---D | C] -- C:\Users\BalloS\Documents\BattleLA Saves
[2011.03.14 18:17:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Konami
[2010.02.04 01:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
========== Files - Modified Within 30 Days ==========
[2011.04.13 08:51:18 | 001,507,302 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.13 08:51:18 | 000,657,438 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.04.13 08:51:18 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.13 08:51:18 | 000,130,810 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.04.13 08:51:18 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.13 08:47:50 | 000,000,924 | ---- | M] () -- C:\Users\BalloS\Desktop\NTREGOPT.lnk
[2011.04.13 08:47:50 | 000,000,905 | ---- | M] () -- C:\Users\BalloS\Desktop\ERUNT.lnk
[2011.04.13 08:45:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.13 08:44:46 | 2146,045,951 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.13 08:43:15 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\BalloS\Desktop\Erunt-setup.exe
[2011.04.13 08:43:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\BalloS\Desktop\OTL.exe
[2011.04.13 08:43:11 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\BalloS\Desktop\TFC.exe
[2011.04.13 08:41:43 | 000,377,280 | ---- | M] () -- C:\Users\BalloS\Desktop\Load.exe
[2011.04.13 08:07:50 | 000,150,700 | ---- | M] () -- C:\Users\BalloS\Documents\cc_20110413_080736.reg
[2011.04.13 08:05:36 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.13 05:51:53 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.13 05:51:53 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.12 18:02:24 | 000,002,927 | R--- | M] () -- C:\Windows\TrafficMonitor_Uninstall.in
[2011.04.12 18:02:24 | 000,001,015 | ---- | M] () -- C:\Users\BalloS\Desktop\TrafficMonitor.lnk
[2011.04.11 10:25:08 | 000,055,456 | ---- | M] (Argotronic UG (haftungsbeschraenkt)) -- C:\Windows\SysWow64\drivers\ArgusMonitor.sys
[2011.04.04 17:40:53 | 000,001,039 | ---- | M] () -- C:\Users\BalloS\Desktop\Sokoban YASC.lnk
[2011.04.02 13:26:34 | 000,002,825 | ---- | M] () -- C:\Users\Public\Desktop\ProSafe Plus Utility.lnk
[2011.03.22 10:10:36 | 000,002,995 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart 10.lnk
[2011.03.22 10:10:11 | 000,003,053 | ---- | M] () -- C:\Users\Public\Desktop\Nero Vision 10.lnk
[2011.03.22 10:09:44 | 000,002,987 | ---- | M] () -- C:\Users\Public\Desktop\Nero MediaHub 10.lnk
[2011.03.22 10:09:06 | 000,003,197 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk
[2011.03.22 10:08:18 | 000,003,009 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2011.03.20 14:02:17 | 000,000,540 | ---- | M] () -- C:\Users\BalloS\AppData\Roaming\AutoGK.ini
[2011.03.15 19:20:40 | 000,000,079 | ---- | M] () -- C:\Users\BalloS\AppData\Local\CrystalDiskMark30.ini
========== Files Created - No Company Name ==========
[2011.04.13 08:47:50 | 000,000,924 | ---- | C] () -- C:\Users\BalloS\Desktop\NTREGOPT.lnk
[2011.04.13 08:47:50 | 000,000,905 | ---- | C] () -- C:\Users\BalloS\Desktop\ERUNT.lnk
[2011.04.13 08:41:41 | 000,377,280 | ---- | C] () -- C:\Users\BalloS\Desktop\Load.exe
[2011.04.13 08:07:40 | 000,150,700 | ---- | C] () -- C:\Users\BalloS\Documents\cc_20110413_080736.reg
[2011.04.12 18:02:24 | 000,002,927 | R--- | C] () -- C:\Windows\TrafficMonitor_Uninstall.in
[2011.04.12 18:02:24 | 000,001,015 | ---- | C] () -- C:\Users\BalloS\Desktop\TrafficMonitor.lnk
[2011.04.12 17:52:11 | 000,001,545 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
[2011.04.04 17:40:53 | 000,001,039 | ---- | C] () -- C:\Users\BalloS\Desktop\Sokoban YASC.lnk
[2011.04.02 13:26:34 | 000,002,825 | ---- | C] () -- C:\Users\Public\Desktop\ProSafe Plus Utility.lnk
[2011.03.22 10:10:36 | 000,002,995 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart 10.lnk
[2011.03.22 10:10:11 | 000,003,053 | ---- | C] () -- C:\Users\Public\Desktop\Nero Vision 10.lnk
[2011.03.22 10:09:44 | 000,002,987 | ---- | C] () -- C:\Users\Public\Desktop\Nero MediaHub 10.lnk
[2011.03.22 10:09:06 | 000,003,197 | ---- | C] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk
[2011.03.22 10:08:18 | 000,003,009 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2011.03.20 14:02:17 | 000,000,540 | ---- | C] () -- C:\Users\BalloS\AppData\Roaming\AutoGK.ini
[2011.03.19 17:44:29 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.03.16 10:01:34 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2011.03.16 10:01:34 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2011.03.16 10:01:34 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2011.03.16 10:01:34 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2011.03.16 10:01:34 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2011.03.16 10:01:34 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2011.03.16 10:01:34 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2011.03.15 18:45:11 | 000,000,079 | ---- | C] () -- C:\Users\BalloS\AppData\Local\CrystalDiskMark30.ini
[2011.03.13 15:57:53 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2011.02.14 17:15:45 | 000,695,578 | ---- | C] () -- C:\Windows\unins000.exe
[2011.02.14 17:15:45 | 000,000,857 | ---- | C] () -- C:\Windows\unins000.dat
[2011.02.12 17:36:42 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.01.20 17:28:48 | 004,718,592 | ---- | C] () -- C:\Windows\SysWow64\savegame.bin
[2010.12.18 16:15:26 | 000,003,584 | ---- | C] () -- C:\Users\BalloS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.12 18:37:36 | 000,036,892 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2010.11.06 11:07:33 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2010.10.09 22:30:31 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.09 17:32:57 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.10.09 15:30:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.10.09 14:41:24 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.09.02 01:53:48 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010.06.23 13:35:52 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.06.23 13:35:52 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.02.05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2002.10.16 00:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
========== LOP Check ==========
[2011.04.11 10:15:12 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\BOM
[2010.10.30 15:06:05 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\DAEMON Tools Lite
[2010.11.01 19:48:54 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\DAEMON Tools Pro
[2011.01.26 15:37:59 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\elsterformular
[2011.03.15 20:00:43 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\FastCopy
[2011.02.14 17:15:45 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\Flatcast
[2011.03.16 10:08:11 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\GHISLER
[2011.02.13 01:16:08 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\ICQ
[2010.11.09 11:00:00 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\LEAPS
[2010.11.09 10:59:05 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\Pegasys Inc
[2010.11.14 04:42:48 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\Promixis
[2011.01.19 10:36:03 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\Radmin
[2011.04.12 21:03:49 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\TeraCopy
[2011.04.12 18:07:07 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\TrafficMonitor
[2010.11.07 16:21:44 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\Win7codecs
[2011.04.12 18:01:44 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\Wireshark
[2010.11.26 09:20:58 | 000,000,000 | ---D | M] -- C:\Users\BalloS\AppData\Roaming\Xilisoft
[2011.03.23 19:22:02 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2010.10.23 13:02:26 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010.10.09 15:22:20 | 000,000,000 | ---D | M] -- C:\ATI
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.10.09 14:31:48 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.10.09 21:58:32 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.04.12 17:51:47 | 000,000,000 | R--D | M] -- C:\Programme
[2011.04.13 08:47:49 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.04.12 19:11:53 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.10.09 14:31:48 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.10.09 14:31:48 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.04.13 08:50:09 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.03.22 11:16:00 | 000,000,000 | ---D | M] -- C:\TEMP
[2010.10.09 14:32:27 | 000,000,000 | R--D | M] -- C:\Users
[2011.04.13 08:48:27 | 000,000,000 | ---D | M] -- C:\Windows
[2010.11.30 20:27:09 | 000,000,000 | ---D | M] -- C:\WinSetupFromUSB
[2009.12.20 01:00:00 | 000,000,000 | ---D | M] -- C:\xampp
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Users\BalloS\Documents\Bewerbungen:Roxio EMC Stream
@Alternate Data Stream - 156 bytes -> C:\ProgramData\Temp:319E7F0B
< End of report >
Extras Log Code:
OTL Extras logfile created on: 13.04.2011 08:49:20 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\BalloS\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 76,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,89 Gb Total Space | 38,69 Gb Free Space | 39,53% Space Free | Partition Type: NTFS
Drive D: | 1299,37 Gb Total Space | 1119,01 Gb Free Space | 86,12% Space Free | Partition Type: NTFS
Drive F: | 1397,26 Gb Total Space | 1188,09 Gb Free Space | 85,03% Space Free | Partition Type: NTFS
Drive G: | 1397,26 Gb Total Space | 420,41 Gb Free Space | 30,09% Space Free | Partition Type: NTFS
Drive J: | 14,73 Gb Total Space | 14,64 Gb Free Space | 99,40% Space Free | Partition Type: NTFS
Drive K: | 3,92 Gb Total Space | 3,74 Gb Free Space | 95,50% Space Free | Partition Type: NTFS
Computer Name: BALLOS-PC | User Name: BalloS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Expression\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Expression\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Expression\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Expression\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{4B0748C5-2E63-B954-8C3F-71918C599800}" = WMV9/VC-1 Video Playback
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503640E5-B2ED-3173-D109-D4D03153471A}" = AMD Drag and Drop Transcoding
"{73BA9A8F-6B40-BF79-541E-464156FBA764}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{B0A5A6EE-F8BA-48B1-BB32-BAC17E96C2B4}" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"{C2E0D3FE-12C4-BF5B-FC4E-052CB8833424}" = AMD Fuel
"{C5970161-E13E-6661-BBDA-A08268313C83}" = ATI Catalyst Install Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.0.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual J# 2.0 Redistributable Package - SE (x64)" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"RealVNC_is1" = VNC Enterprise Edition E4.5.4
"TeraCopy_is1" = TeraCopy 2.12
"VNCMirror_is1" = VNC Mirror Driver 1.8.0
"VNCPrinter_is1" = VNC Printer Driver 1.6.0
"WinRAR archiver" = WinRAR
"XviD MPEG-4 Video Codec_is1" = XviD v1.3.0 CVS
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{076A5070-5A6B-4A84-A1B8-C25B705C942A}" = Radmin Server 3.4
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2517B7EA-6C03-4D86-A1B1-F3FE1C3BC03B}" = Radmin Viewer 3.4
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 Platinum HD
"{28A946E1-E83B-4662-BC7C-23451851489E}" = Razer Copperhead
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5BDA2F58-1F21-4D10-9910-92B01EBCC958}" = AMD USB Filter Driver
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{6331C6C0-3754-E910-7113-5013355C8E47}" = CCC Help English
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{64491CEE-3E23-AD3B-F8A5-CCDF2F8B7846}" = Application Profiles
"{655B9514-3963-490B-9EE1-431E80444889}" = Razer Tarantula
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{7729C083-48C3-4A0F-9692-30673AC856DB}" = ProSafe Plus Utility
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{8236D2E9-2528-4C5C-ABA3-E0B8B657A297}" = BlackSite: Area 51
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{841D4524-7950-4A4F-A4E6-931A1A2E201C}" = TMPGEnc 4.0 XPress
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{85BEC8F6-9AA3-43FF-B56B-8276277137B3}" = Nero 10 Video TransitionPack 1
"{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007(TM) - Blood Stone
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web
"{90120000-0026-0407-0000-0000000FF1CE}" = Microsoft Expression Web MUI (German)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95C3927C-C899-C5D8-0EA7-67895FC979B2}" = ccc-core-static
"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9CCB3527-C033-415C-88B6-27173B5E3592}" = Tron: Evolution
"{A0B433B1-941D-46F5-AE59-286263534232}" = VMware vSphere Client 4.1
"{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}" = Nero 10 Movie ThemePack 4
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{BBB7F293-12A9-821C-9409-013CD8E824EC}" = Application Profiles
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}" = Nero 10 Movie ThemePack 3
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}" = Wolfenstein(TM) 1.1 Patch
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{ED4B50B7-C06B-57FE-7985-AA83DDBEEEF5}" = Catalyst Control Center Graphics Previews Common
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}" = Nero 10 PiP EffectPack 1
"{F01A9563-2A27-6ABC-2E04-03B7873DF7E0}" = Catalyst Control Center InstallProxy
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FEEC7E5A-8C86-49B4-A9B1-1CAA79652592}_is1" = Baphomets Fluch - The Directors Cut Version 1.0.697
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Alcatraz/DE-German_is1" = Alcatraz
"ArgusMonitor" = ArgusMonitor
"Astaro SSL VPN Client" = Astaro SSL VPN Client 1.7
"AutoGK" = Auto Gordian Knot 2.55
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"Call of Duty Black Ops GERMAN Uncut 1.00" = Call of Duty Black Ops GERMAN Uncut 1.00
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"DUMeter3_is1" = DU Meter
"ElsterFormular 2008 - 2009 2008-2009" = ElsterFormular 2008 - 2009
"ElsterFormular für Privatanwender 12.0.0.5880p" = ElsterFormular für Privatanwender
"eMule" = eMule
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"F.E.A.R. 2 Project Origin_is1" = F.E.A.R. 2 Project Origin
"Fallout New Vegas_is1" = Fallout New Vegas
"Flatcast_is1" = Flatcast Viewer Plugin 5.2.2.454
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GPL Ghostscript 9.01" = GPL Ghostscript 9.01
"Homefront_is1" = Homefront
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{7729C083-48C3-4A0F-9692-30673AC856DB}" = ProSafe Plus Utility
"InstallShield_{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007(TM) - Blood Stone
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"InstallShield_{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}" = Wolfenstein(TM) 1.1 Patch
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"JDownloader" = JDownloader
"Marvell Miniport Driver" = Marvell Miniport Driver
"Metro 2033_is1" = Metro 2033
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"PDF Blender" = PDF Blender
"PrintKey2000" = PrintKey2000
"PROPLUS" = Microsoft Office Professional Plus 2007
"Serv-U_is1" = Serv-U 6.4
"Sokoban YASC - Yet Another Sokoban Clone_is1" = Sokoban YASC
"Steam App 10" = Counter-Strike
"TeamViewer 6" = TeamViewer 6
"TrafficMonitor" = TrafficMonitor 4.80
"VLC media player" = VLC media player 1.1.7
"VobSub" = VobSub v2.23 (Remove Only)
"WebDesigner" = Microsoft Expression Web
"Winamp" = Winamp
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.4.4
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
"WinSetupFromUSB" = WinSetupFromUSB
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.04.2011 11:55:17 | Computer Name = BalloS-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 1.9.2.4095,
Zeitstempel: 0x4d852c62 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514,
Zeitstempel: 0x4ce7ba58 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000222c2 ID des fehlerhaften
Prozesses: 0x10e8 Startzeit der fehlerhaften Anwendung: 0x01cbf921dc63c54f Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 42c5c2b1-651d-11e0-8cb4-485b3961b490
Error - 12.04.2011 13:12:49 | Computer Name = BalloS-PC | Source = Application Hang | ID = 1002
Description = Programm DUMeter.exe, Version 5.4.3387.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 9e0 Startzeit:
01cbf934c68e71d7 Endzeit: 3 Anwendungspfad: C:\PROGRA~2\DU Meter\DUMeter.exe Berichts-ID:
128a4865-6528-11e0-8cb4-485b3961b490
Error - 12.04.2011 13:14:53 | Computer Name = BalloS-PC | Source = Application Hang | ID = 1002
Description = Programm DUMeter.exe, Version 5.4.3387.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1618 Startzeit:
01cbf934de3db7ff Endzeit: 2 Anwendungspfad: C:\PROGRA~2\DU Meter\DUMeter.exe Berichts-ID:
603c7d32-6528-11e0-8cb4-485b3961b490
Error - 13.04.2011 00:31:48 | Computer Name = BalloS-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 10\Nero SoundTrax\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Nero\Nero 10\Nero SoundTrax\NFD\NFD.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: NFD,type="win32",version="5.2.0.0". Definition:
NFD,type="win32",version="5.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für
eine detaillierte Diagnose.
Error - 13.04.2011 00:31:48 | Computer Name = BalloS-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 10\Nero WaveEditor\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Nero\Nero 10\Nero WaveEditor\NScCoreComponents\NScCoreComponents.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: NScCoreComponents,type="win32",version="5.3.2.0".
Definition:
NScCoreComponents,type="win32",version="5.3.0.0". Verwenden Sie das Programm "sxstrace.exe"
für eine detaillierte Diagnose.
Error - 13.04.2011 00:32:49 | Computer Name = BalloS-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "d:\wolfenstein\MP\ServerLauncher.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 13.04.2011 02:23:07 | Computer Name = BalloS-PC | Source = WinVNC4 | ID = 1
Description = SDisplay: clipboard: OpenClipboard(getText): Zugriff verweigert (5)
Error - 13.04.2011 02:23:50 | Computer Name = BalloS-PC | Source = WinVNC4 | ID = 1
Description = SDisplay: clipboard: OpenClipboard(getText): Zugriff verweigert (5)
Error - 13.04.2011 02:30:44 | Computer Name = BalloS-PC | Source = WinVNC4 | ID = 1
Description = SDisplay: clipboard: OpenClipboard(getText): Zugriff verweigert (5)
Error - 13.04.2011 02:40:42 | Computer Name = BalloS-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Au_.exe, Version: 0.0.0.0, Zeitstempel:
0x4b1ae3c1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514, Zeitstempel:
0x4ce7ba58 Ausnahmecode: 0xc00000fd Fehleroffset: 0x0002e02e ID des fehlerhaften Prozesses:
0xd14 Startzeit der fehlerhaften Anwendung: 0x01cbf9a5ae13424f Pfad der fehlerhaften
Anwendung: C:\Users\BalloS\AppData\Local\Temp\~nsu.tmp\Au_.exe Pfad des fehlerhaften
Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: f3a3538a-6598-11e0-a7f5-485b3961b490
[ System Events ]
Error - 18.01.2011 13:14:26 | Computer Name = BalloS-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort3 gefunden.
Error - 18.01.2011 13:14:26 | Computer Name = BalloS-PC | Source = Disk | ID = 262159
Description = Das Gerät \Device\Harddisk1\DR1 ist für den Zugriff noch nicht bereit.
Error - 18.01.2011 13:42:58 | Computer Name = BalloS-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 18.01.2011 13:43:35 | Computer Name = BalloS-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Apache2.2" wurde mit folgendem dienstspezifischem Fehler
beendet: %%1.
Error - 20.01.2011 18:51:51 | Computer Name = BalloS-PC | Source = DCOM | ID = 10010
Description =
Error - 20.01.2011 18:52:04 | Computer Name = BalloS-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Apache2.2" wurde mit folgendem dienstspezifischem Fehler
beendet: %%1.
Error - 21.01.2011 09:18:31 | Computer Name = BalloS-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Apache2.2" wurde mit folgendem dienstspezifischem Fehler
beendet: %%1.
Error - 21.01.2011 10:02:39 | Computer Name = BalloS-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Apache2.2" wurde mit folgendem dienstspezifischem Fehler
beendet: %%1.
Error - 21.01.2011 19:13:48 | Computer Name = BalloS-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Apache2.2" wurde mit folgendem dienstspezifischem Fehler
beendet: %%1.
Error - 22.01.2011 21:04:26 | Computer Name = BalloS-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Apache2.2" wurde mit folgendem dienstspezifischem Fehler
beendet: %%1.
< End of report >
|
