Keine Internet Verbindung mehr laut Browser,msn ect

assey · 06.05.2012, 14:11

Es ist wieder soweit, habe ein neues Problem.
Ich kann seit gestern keine Website mehr betretten, da jedes mal angezeigt wird das die Seite nicht gefunden wird und ich die Einstellungen überprüfen soll.
Habe es bereits mit FF,Chrome und Opera versucht.
Auch MSN Verbindet sich nicht, bei Problembehandlung zeigt es einen Fehler bei DNS und Main Ports.
Noch zu bemerken ist das jedoch Skype sowie Steam ohne Probleme funktionieren.
Habe Bereits folgende Programme drüber laufen lassen:

DE-Cleaner von Kaspersky
Salitykiller von Kaspersky
Avira Antivir
Malwarebytes
Ad-Aware

Spybot S&D sowie FseasyClean und LSPFix gingen wegen der Fehlenden Internet Verbindung nicht. (Könnte diese Programme natürlich auf meinem anderen System Updaten und dann rüberziehen)

Hier sind die Logs... (OTL und Hijackthis)

Hijackthis

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:00:35, on 6.5.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Lavasoft\Ad-Aware\AAWService.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Programme\Gigabyte\EasySaver\ESSVR.EXE
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe
C:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\dllhost.exe
C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe
C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\HiJackThis204.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DivXUpdate] "C:\Programme\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BCU] "C:\Programme\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Programme\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programme\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 6368 bytes

OTL

Code:

ATTFilter

OTL logfile created on: 6.5.2012 15:00:07 - Run 1
OTL by OldTimer - Version 3.2.42.2     Folder = C:\Dokumente und Einstellungen\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: d.M.yyyy
 
3,00 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 77,10% Memory free
4,84 Gb Paging File | 4,31 Gb Available in Paging File | 88,95% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 71,55 Gb Free Space | 48,01% Space Free | Partition Type: NTFS
 
Computer Name: KHÂRN | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.06 14:57:26 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe
PRC - [2012.02.27 14:43:07 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.12.13 10:34:54 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2011.12.13 10:32:32 | 001,527,104 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2011.12.10 05:08:56 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.10 05:08:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.12.10 05:08:54 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.10.28 20:35:26 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011.10.28 20:35:26 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.08.24 15:38:06 | 000,068,136 | ---- | M] () -- C:\Programme\Gigabyte\EasySaver\essvr.exe
PRC - [2009.07.20 13:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe
PRC - [2009.07.10 13:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2001.08.23 11:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.03.01 01:58:00 | 001,568,576 | ---- | M] () -- C:\Programme\NVIDIA Corporation\nview\nView.dll
MOD - [2012.03.01 01:58:00 | 000,357,184 | ---- | M] () -- C:\Programme\NVIDIA Corporation\nview\nvShell.dll
MOD - [2012.02.05 13:41:50 | 000,181,616 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
MOD - [2012.02.05 13:41:48 | 000,210,288 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
MOD - [2012.01.08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2011.12.01 00:18:04 | 000,508,776 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft\Ad-Aware\Defs\thorax.aaw
MOD - [2011.10.28 20:35:28 | 000,430,568 | ---- | M] () -- C:\Lavasoft\Ad-Aware\Viprebridge.dll
MOD - [2011.10.28 20:35:28 | 000,308,560 | ---- | M] () -- C:\Lavasoft\Ad-Aware\Vipre.dll
MOD - [2011.10.28 20:35:26 | 000,591,232 | ---- | M] () -- C:\Lavasoft\Ad-Aware\RPAPI.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.07.18 23:04:08 | 000,296,448 | ---- | M] () -- C:\Programme\Notepad++\NppShell_04.dll
MOD - [2010.08.28 15:24:53 | 000,043,520 | ---- | M] () -- C:\WINDOWS\system32\CmdLineExt03.dll
MOD - [2010.01.28 12:57:53 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009.08.24 15:38:06 | 000,068,136 | ---- | M] () -- C:\Programme\Gigabyte\EasySaver\essvr.exe
MOD - [2009.07.20 13:27:14 | 000,017,936 | ---- | M] () -- C:\Programme\Logitech\SetPoint\khalwrapper.dll
MOD - [2009.03.13 12:30:44 | 000,109,096 | ---- | M] () -- C:\Programme\Gigabyte\EasySaver\ycc.dll
MOD - [2001.08.23 11:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.04.28 10:19:35 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.03.01 01:58:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.12.13 10:32:32 | 001,527,104 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.12.13 10:29:16 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.12.10 05:08:56 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.10 05:08:54 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.10.28 20:35:26 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010.03.10 23:46:00 | 003,601,608 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2010.02.04 16:41:53 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2009.08.24 15:38:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Programme\Gigabyte\EasySaver\essvr.exe -- (ES lite Service)
SRV - [2009.07.20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\Softwin\BitDefender10\trufos.sys -- (Trufos)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\Softwin\BitDefender10\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Dokumente und Einstellungen\Administrator\Desktop\Adminstick\adminstick\syssuite\PORTMSYS.SYS -- (PORTMON)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\netaapl.sys -- (Netaapl)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (btkrnl)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\Softwin\BitDefender10\bdrsdrv.sys -- (BDRsDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\Softwin\BitDefender10\bdfsdrv.sys -- (BDFsDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PGunZ\AnniversaryGunZ V1\0001.sys -- (0001)
DRV - [2012.05.06 14:18:03 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2012.05.05 01:30:27 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fsbts.sys -- (fsbts)
DRV - [2011.12.10 05:08:56 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.12.10 05:08:56 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.28 20:35:28 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2010.10.07 13:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.07.01 14:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010.02.03 16:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.11.27 09:20:06 | 000,177,152 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.09.22 21:07:12 | 005,915,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.06.17 18:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009.06.17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.06.17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.06.17 18:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2009.06.17 18:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2009.05.11 11:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.05.08 12:22:28 | 001,358,720 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008.08.05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.08.01 11:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008.08.01 11:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2006.09.28 14:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pnetmdm.sys -- (pnetmdm)
DRV - [2006.01.04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (monfilt)
DRV - [2005.08.02 16:10:14 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2001.08.23 11:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\afd.kav -- (AFD)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {55817156-667D-4e42-ADA3-DBD8E66C34CB}
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {40a1f5d7-afc2-498f-b264-02668d616ff6}:1.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.5.21amo
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: webmaster@keep-tube.com:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.3.0.7280
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110329release
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: \NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.04 02:17:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.05.03 12:50:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.04.19 20:53:30 | 000,000,000 | ---D | M]
 
[2010.02.09 19:10:04 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions
[2010.02.09 19:10:04 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions\contact@callgraph.in
[2012.05.04 21:59:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\extensions
[2012.02.08 17:45:47 | 000,000,000 | ---D | M] (Bloody Red) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2012.03.04 01:17:01 | 000,000,000 | ---D | M] (WOT) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.04.06 16:50:28 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\extensions\fastdial@telega.phpnet.us
[2010.02.01 23:15:28 | 000,005,413 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\fast-browser-search.xml
[2012.04.28 10:39:12 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin-10.xml
[2010.11.05 19:47:26 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin-11.xml
[2010.12.18 22:52:01 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin-12.xml
[2010.03.29 21:37:11 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin-2.xml
[2010.04.02 18:41:18 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin-3.xml
[2010.06.24 10:30:44 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin-4.xml
[2010.06.28 03:34:35 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin-5.xml
[2010.07.02 13:22:06 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin-6.xml
[2010.07.25 01:14:33 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin-7.xml
[2010.07.25 02:33:34 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin-8.xml
[2010.09.24 03:28:31 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin-9.xml
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\b50humrz.default\searchplugins\icqplugin.xml
[2012.03.17 12:09:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\B50HUMRZ.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\B50HUMRZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\B50HUMRZ.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\B50HUMRZ.DEFAULT\EXTENSIONS\SKIPSCREEN@SKIPSCREEN.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\B50HUMRZ.DEFAULT\EXTENSIONS\SUMALE.NIN@GOOGLEMAIL.COM.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\B50HUMRZ.DEFAULT\EXTENSIONS\WEBMASTER@KEEP-TUBE.COM.XPI
[2012.03.04 02:17:45 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAMME\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.03.02 21:33:57 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012.05.03 12:50:55 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.03.02 21:33:56 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.12 15:32:27 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.12 15:32:27 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.02.12 15:32:27 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.12 15:32:27 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.12 15:32:27 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.12 15:32:27 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Programme\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Programme\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Programme\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.05.05 17:58:53 | 000,000,338 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCU] "C:\Programme\DeviceVM\Browser Configuration Utility\BCU.exe" File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C4B2D8C-51AF-4364-9F39-7775BD6D63E6}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F30378C1-DFC2-4BCC-A842-1110DB0D5C7F}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.02.01 20:35:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{dcac6c6f-0f60-11df-a839-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{dcac6c6f-0f60-11df-a839-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dcac6c6f-0f60-11df-a839-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL SAUObex.Exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.06 14:59:01 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe
[2012.05.05 22:15:54 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent
[2012.05.05 18:33:55 | 016,409,960 | ---- | C] (Safer Networking Limited                                    ) -- C:\Dokumente und Einstellungen\Administrator\Desktop\spybotsd162.exe
[2012.05.05 18:33:55 | 000,186,880 | ---- | C] (CEXX.ORG) -- C:\Dokumente und Einstellungen\Administrator\Desktop\LSPFix.exe
[2012.05.05 16:21:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes
[2012.05.05 16:18:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.05.05 16:18:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.05.05 16:18:44 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.05.05 16:18:44 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2012.05.05 04:20:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012.05.05 03:04:57 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2012.05.05 02:05:26 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2012.05.05 02:02:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\salitykiller
[2012.05.05 02:02:14 | 002,087,632 | ---- | C] (Security Stronghold                                         ) -- C:\Dokumente und Einstellungen\Administrator\Desktop\Win32.Sality.XRemovalTool.exe
[2012.05.05 01:49:33 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2012.05.05 01:49:33 | 000,017,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2012.05.05 01:29:33 | 004,171,056 | ---- | C] (F-Secure Corporation) -- C:\Dokumente und Einstellungen\Administrator\Desktop\fseasyclean.exe
[2012.05.05 01:01:56 | 000,000,000 | ---D | C] -- C:\Muraner-MT3
[2012.05.03 12:51:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla
[2012.05.02 22:16:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\UG 0.1 Alpha
[2012.05.02 22:16:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\odbg110
[2012.05.01 20:13:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\Universe GunZ Alpha (Protected)
[2012.04.29 11:12:53 | 000,000,000 | ---D | C] -- C:\Programme\IrfanView
[2012.04.27 20:11:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Interface
[2012.04.27 20:11:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\PATCH
[66 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.06 14:57:26 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe
[2012.05.06 14:51:55 | 000,001,242 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1417001333-725345543-500UA.job
[2012.05.06 14:18:51 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012.05.06 14:18:03 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2012.05.06 14:18:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.05.06 14:15:29 | 000,000,237 | RHS- | M] () -- C:\boot.ini
[2012.05.06 02:41:36 | 000,001,776 | -HS- | M] () -- C:\WINDOWS\de_cleaner_kasperskydrv.spi
[2012.05.05 23:18:48 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012.05.05 23:18:48 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012.05.05 21:11:33 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.05.05 20:08:58 | 078,816,192 | ---- | M] (                                                            ) -- C:\Dokumente und Einstellungen\Administrator\Desktop\de_cleaner_kaspersky.exe
[2012.05.05 17:58:53 | 000,000,338 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn
[2012.05.05 17:58:53 | 000,000,338 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.05.05 16:34:00 | 016,409,960 | ---- | M] (Safer Networking Limited                                    ) -- C:\Dokumente und Einstellungen\Administrator\Desktop\spybotsd162.exe
[2012.05.05 16:28:06 | 000,186,880 | ---- | M] (CEXX.ORG) -- C:\Dokumente und Einstellungen\Administrator\Desktop\LSPFix.exe
[2012.05.05 16:27:06 | 000,201,030 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\lspfix.zip
[2012.05.05 15:51:25 | 000,001,190 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-1417001333-725345543-500Core.job
[2012.05.05 08:25:25 | 000,169,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.05 03:49:23 | 000,491,742 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.05.05 03:49:23 | 000,472,232 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.05.05 03:49:23 | 000,090,132 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.05.05 03:49:23 | 000,075,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.05.05 02:02:32 | 000,164,134 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\salitykiller.zip
[2012.05.05 02:02:18 | 002,087,632 | ---- | M] (Security Stronghold                                         ) -- C:\Dokumente und Einstellungen\Administrator\Desktop\Win32.Sality.XRemovalTool.exe
[2012.05.05 01:30:27 | 000,042,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2012.05.05 01:29:34 | 004,171,056 | ---- | M] (F-Secure Corporation) -- C:\Dokumente und Einstellungen\Administrator\Desktop\fseasyclean.exe
[2012.05.04 01:53:40 | 000,155,133 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\ts3_clientui-win32-1334913258-2012-05-04 01_53_38.766147.dmp
[2012.05.03 23:55:00 | 000,000,032 | ---- | M] () -- C:\WINDOWS\UG Launcher.INI
[2012.05.03 04:54:46 | 000,042,392 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
[2012.05.02 00:24:42 | 000,011,533 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\.recently-used.xbel
[2012.05.01 06:20:07 | 000,000,247 | ---- | M] () -- C:\GunZ.frm
[2012.05.01 06:20:05 | 000,000,113 | ---- | M] () -- C:\GunZDeafault.frm
[2012.04.28 10:19:34 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.04.28 10:19:33 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.04.27 20:11:08 | 000,092,476 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\system.mrs
[2012.04.27 20:11:08 | 000,000,661 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\patch.xml
[2012.04.27 19:25:44 | 000,246,272 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.26 18:54:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.04.13 18:03:24 | 025,729,100 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\The Drama Button [HD].mp4
[2012.04.13 17:16:34 | 000,000,032 | ---- | M] () -- C:\WINDOWS\GunzLauncher.INI
[66 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.06 14:16:02 | 000,001,651 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
[2012.05.05 23:33:18 | 000,001,776 | -HS- | C] () -- C:\WINDOWS\de_cleaner_kasperskydrv.spi
[2012.05.05 23:19:37 | 000,201,030 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\lspfix.zip
[2012.05.05 23:19:34 | 078,816,192 | ---- | C] (                                                            ) -- C:\Dokumente und Einstellungen\Administrator\Desktop\de_cleaner_kaspersky.exe
[2012.05.05 02:02:31 | 000,164,134 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\salitykiller.zip
[2012.05.05 01:30:27 | 000,042,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2012.05.04 01:53:38 | 000,155,133 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\ts3_clientui-win32-1334913258-2012-05-04 01_53_38.766147.dmp
[2012.05.03 04:54:46 | 000,042,392 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2012.05.02 00:24:42 | 000,011,533 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\.recently-used.xbel
[2012.04.27 20:11:17 | 000,092,476 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\system.mrs
[2012.04.27 20:11:08 | 000,000,661 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\patch.xml
[2012.04.13 18:03:06 | 025,729,100 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\The Drama Button [HD].mp4
[2012.04.13 17:19:26 | 000,000,032 | ---- | C] () -- C:\WINDOWS\UG Launcher.INI
[2012.02.08 01:57:15 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011.12.04 05:08:44 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.12.04 05:08:44 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011.12.03 01:05:34 | 000,000,031 | ---- | C] () -- C:\WINDOWS\IG Launcher.INI
[2011.12.01 03:01:56 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011.11.30 23:09:36 | 000,000,033 | ---- | C] () -- C:\WINDOWS\GunzLauncher_original.INI
[2011.11.29 01:19:27 | 000,000,032 | ---- | C] () -- C:\WINDOWS\IG-Test Launcher.INI
[2011.11.29 00:54:41 | 000,000,050 | ---- | C] () -- C:\WINDOWS\DylanNIRVANA's Modded Launcher IGunz.INI
[2011.11.28 19:15:46 | 000,000,039 | ---- | C] () -- C:\WINDOWS\iLaunch.INI
[2011.11.22 05:55:10 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2011.11.05 15:23:38 | 000,294,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.11.05 15:23:38 | 000,294,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.11.05 15:23:38 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.11.05 15:15:58 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011.11.05 15:15:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.11.03 15:03:23 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\nvRegDev.dll
[2011.08.13 09:35:31 | 002,784,050 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011.08.04 17:58:05 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011.06.28 22:35:06 | 000,000,032 | R--- | C] () -- C:\WINDOWS\hash.dat
[2011.05.11 19:18:21 | 000,000,031 | ---- | C] () -- C:\WINDOWS\Universe GunZ Launcher.INI
[2011.05.08 19:57:44 | 000,108,413 | ---- | C] () -- C:\WINDOWS\Thumbplug TGA Uninstaller.exe
[2011.01.06 09:56:59 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011.01.04 03:03:39 | 000,000,031 | ---- | C] () -- C:\WINDOWS\ParKOUR(C).INI
[2011.01.04 03:02:45 | 000,000,032 | ---- | C] () -- C:\WINDOWS\ParKOUR (C) 2008.INI
[2011.01.03 20:22:00 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011.01.03 20:18:25 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
[2011.01.03 20:18:25 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2010.11.07 00:28:48 | 000,000,032 | ---- | C] () -- C:\WINDOWS\eurogunzstartgame.INI
[2010.11.05 22:57:35 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2010.10.22 18:33:48 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\sysogg.dll
[2010.10.19 15:00:28 | 000,000,031 | ---- | C] () -- C:\WINDOWS\UniverseGunZ Launcher.INI
[2010.10.14 21:38:34 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Universe Launcher.INI
[2010.10.11 20:59:10 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Gunz Launcher.INI
[2010.09.24 17:40:15 | 000,029,848 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.08.28 15:24:53 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.07.06 02:57:19 | 000,000,032 | ---- | C] () -- C:\WINDOWS\MocroLauncher.INI
[2010.07.05 20:29:27 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin
[2010.07.05 02:10:33 | 000,000,031 | ---- | C] () -- C:\WINDOWS\GunzLauncher2.INI
[2010.07.05 00:57:27 | 000,139,152 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\PnkBstrK.sys
[2010.07.02 18:26:41 | 000,000,031 | ---- | C] () -- C:\WINDOWS\WorldLauncher.INI
[2010.06.24 13:04:02 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Anniversary Launcher.INI
[2010.05.23 18:41:38 | 000,000,299 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\emopts.dat
[2010.05.23 15:17:38 | 000,001,674 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\saopts.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\Dokumente und Einstellungen\Administrator\Desktop\Secret Folder.bat:SummaryInformation
@Alternate Data Stream - 48 bytes -> C:\Dokumente und Einstellungen\All Users\DRM:مايكروسوفت
@Alternate Data Stream - 171 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8927A071
@Alternate Data Stream - 110 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:888AFB86

< End of report >

OTL - Extra

Code:

ATTFilter

OTL Extras logfile created on: 6.5.2012 15:00:07 - Run 1
OTL by OldTimer - Version 3.2.42.2     Folder = C:\Dokumente und Einstellungen\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: d.M.yyyy
 
3,00 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 77,10% Memory free
4,84 Gb Paging File | 4,31 Gb Available in Paging File | 88,95% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 71,55 Gb Free Space | 48,01% Space Free | Partition Type: NTFS
 
Computer Name: KHÂRN | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Programme\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
http [open] -- "C:\Programme\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Programme\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"C:\Programme\ICQ7.6\ICQ.exe" = C:\Programme\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Xfire\xfire.exe" = C:\Programme\Xfire\xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\HLSW\hlsw.exe" = C:\Programme\HLSW\hlsw.exe:*:Enabled:HLSW Application -- (Stripf Software)
"C:\Programme\Steam\Steam.exe" = C:\Programme\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ -- (ICQ, LLC.)
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\ICQ7.6\ICQ.exe" = C:\Programme\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
"C:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = C:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- ()
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winklhqgg.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winklhqgg.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winpbjhmc.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winpbjhmc.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winmmny.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winmmny.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winoxoxgo.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winoxoxgo.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winijbcxk.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winijbcxk.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winlvdv.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winlvdv.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winwpbf.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winwpbf.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\wingcuqdg.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\wingcuqdg.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winhvmvse.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winhvmvse.exe:*:Enabled:ipsec
"C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" = C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe:*:Enabled:ipsec -- (Adobe Systems Incorporated)
"C:\Programme\Avira\AntiVir Desktop\avgnt.exe" = C:\Programme\Avira\AntiVir Desktop\avgnt.exe:*:Enabled:ipsec -- (Avira GmbH)
"c:\programme\avira\antivir desktop\avcenter.exe" = c:\programme\avira\antivir desktop\avcenter.exe:*:Enabled:ipsec -- (Avira GmbH)
"C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe" = C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe:*:Enabled:ipsec -- (Yuna Software)
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\windvrxe.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\windvrxe.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\windshr.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\windshr.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winroglpt.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winroglpt.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winqfpk.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winqfpk.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winyfspl.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winyfspl.exe:*:Enabled:ipsec
"C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe" = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe:*:Enabled:ipsec -- (Google Inc.)
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winnwaal.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winnwaal.exe:*:Enabled:ipsec
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:ipsec -- (Mozilla Corporation)
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winaowsxb.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winaowsxb.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winfgyps.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winfgyps.exe:*:Enabled:ipsec
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winnlgjtv.exe" = C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\winnlgjtv.exe:*:Enabled:ipsec
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Teamspeak 3 Server\ts3server_win32.exe" = C:\Teamspeak 3 Server\ts3server_win32.exe:*:Enabled:TeamSpeak 3 Server -- (TeamSpeak Systems GmbH)
"C:\Programme\Steam\steamapps\common\payday the heist\payday_win32_release.exe" = C:\Programme\Steam\steamapps\common\payday the heist\payday_win32_release.exe:*:Enabled:PAYDAY: The Heist
"C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Programme\Steam\steamapps\laurinwinkel\counter-strike source\hl2.exe" = C:\Programme\Steam\steamapps\laurinwinkel\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
"C:\Programme\Steam\steamapps\sheepkillersvluck1\counter-strike source\hl2.exe" = C:\Programme\Steam\steamapps\sheepkillersvluck1\counter-strike source\hl2.exe:*:Enabled:hl2
"C:\Programme\Steam\steamapps\313190194\counter-strike source\hl2.exe" = C:\Programme\Steam\steamapps\313190194\counter-strike source\hl2.exe:*:Enabled:hl2
"C:\Programme\Steam\steamapps\xemginfgunz\counter-strike source\hl2.exe" = C:\Programme\Steam\steamapps\xemginfgunz\counter-strike source\hl2.exe:*:Enabled:hl2
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\PGunZ\Universe Network\Universe GunZ Alpha (Protected)\U-GunZ.exe" = C:\PGunZ\Universe Network\Universe GunZ Alpha (Protected)\U-GunZ.exe:*:Enabled:UGunz -- (Universe GunZ)
"C:\Dokumente und Einstellungen\Administrator\Desktop\Universe GunZ Alpha (Protected)\U-GunZ.exe" = C:\Dokumente und Einstellungen\Administrator\Desktop\Universe GunZ Alpha (Protected)\U-GunZ.exe:*:Enabled:UGunz -- (Universe GunZ)
"C:\Programme\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe" = C:\Programme\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
"C:\Dokumente und Einstellungen\Administrator\Desktop\UG 0.1 Alpha\U-GunZ.exe" = C:\Dokumente und Einstellungen\Administrator\Desktop\UG 0.1 Alpha\U-GunZ.exe:*:Enabled:UGunz
"C:\Programme\Steam\steamapps\common\sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe" = C:\Programme\Steam\steamapps\common\sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe:*:Enabled:Sanctum -- (Coffee Stain Studios AB)
"C:\Programme\Steam\steamapps\laurinwinkel\counter-strike\hl.exe" = C:\Programme\Steam\steamapps\laurinwinkel\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0904.1 
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}" = DDS Thumbnail Viewer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{913C4C4F-9E3E-41A6-A614-1BDC1352A225}" = Special Effects Voices
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AA9045-EAE3-4FF2-BFF7-2DB66A29B4A0}" = Patch Muraner-MT3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E43196CF-182A-4D9E-9CE7-69616DBEE3B0}" = Ad-Aware
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"AC Tool" = AC Tool
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"DivX Setup" = DivX-Setup
"Enable S3 for USB Device" = Enable S3 for USB Device
"Fraps" = Fraps (remove only)
"HLSW_is1" = HLSW v1.4.0.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MSNINST" = MSN
"Muraner-MT3 3.1" = Muraner-MT3 3.1
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.62.1347" = Opera 11.62
"PowerISO" = PowerISO
"PSP Video 9" = PSP Video 9 5.04
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"Steam App 240" = Counter-Strike: Source
"Steam App 8980" = Borderlands
"Steam App 91600" = Sanctum
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Thumbplug TGA" = Thumbplug TGA
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"VLC media player" = VLC media player 2.0.1
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}" = HHD Software Free Hex Editor Neo 4.95
"BloodlineGunZ The Beginning V1" = BloodlineGunZ The Beginning V1
"FileZilla Client" = FileZilla Client 3.5.3
"Freestyle GunZ Version 7" = Freestyle GunZ Version 7
"Google Chrome" = Google Chrome
"Maniac Gunz V1" = Maniac Gunz V1
"Meebo Notifier" = Meebo Notifier
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Universe GunZ" = Universe GunZ
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 5.5.2012 15:43:11 | Computer Name = KHÂRN | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 5.5.2012 15:46:39 | Computer Name = KHÂRN | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 5.5.2012 15:46:39 | Computer Name = KHÂRN | Source = PerfNet | ID = 2005
Description = Die Leistungsinformationen vom Serverdienst konnten nicht gelesen 
werden.  Es werden keine Server-Leistungsinformationen zurückgegeben.  Der zurückgegebene
 Fehlercode befindet sich in DWORD 0, der IOSB.Status ist DWORD 1 und  die IOSB.Information
 ist DWORD 2.
 
Error - 5.5.2012 15:46:39 | Computer Name = KHÂRN | Source = PerfNet | ID = 2006
Description = Die Server Queue-Leistungsinformationen konnten nicht gelesen werden.
Es
 werden keine Server-Leistungsinformationen zurückgegeben.  Der zurückgegebene Fehlercode
 ist DWORD 0, der IOSB.Status ist DWORD 1 und  die IOSB.Information ist DWORD 2.
 
Error - 5.5.2012 15:46:39 | Computer Name = KHÂRN | Source = PerfNet | ID = 2005
Description = Die Leistungsinformationen vom Serverdienst konnten nicht gelesen 
werden.  Es werden keine Server-Leistungsinformationen zurückgegeben.  Der zurückgegebene
 Fehlercode befindet sich in DWORD 0, der IOSB.Status ist DWORD 1 und  die IOSB.Information
 ist DWORD 2.
 
Error - 5.5.2012 15:46:39 | Computer Name = KHÂRN | Source = PerfNet | ID = 2006
Description = Die Server Queue-Leistungsinformationen konnten nicht gelesen werden.
Es
 werden keine Server-Leistungsinformationen zurückgegeben.  Der zurückgegebene Fehlercode
 ist DWORD 0, der IOSB.Status ist DWORD 1 und  die IOSB.Information ist DWORD 2.
 
Error - 5.5.2012 17:17:30 | Computer Name = KHÂRN | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 5.5.2012 17:19:10 | Computer Name = KHÂRN | Source = Lavasoft Ad-Aware Service | ID = 0
Description = 
 
Error - 6.5.2012 08:18:07 | Computer Name = KHÂRN | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 6.5.2012 09:00:02 | Computer Name = KHÂRN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung otl.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
 
[ System Events ]
Error - 5.5.2012 17:17:28 | Computer Name = KHÂRN | Source = NetDDE | ID = 204
Description = Anzahl an LANAS konnte nicht bestimmt werden.
 
Error - 5.5.2012 17:17:28 | Computer Name = KHÂRN | Source = NetDDE | ID = 12
Description = Initialisierung von "NDDENB32"-DLL fehlgeschlagen.
 
Error - 5.5.2012 17:17:31 | Computer Name = KHÂRN | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort  aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
Sie
 sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der  Microsoft
 Management Console (MMC).
 
Error - 5.5.2012 17:17:32 | Computer Name = KHÂRN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 5.5.2012 17:20:39 | Computer Name = KHÂRN | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers
 fehlgeschlagen:   %%5
 
Error - 5.5.2012 17:20:39 | Computer Name = KHÂRN | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers
 fehlgeschlagen:   %%5
 
Error - 6.5.2012 08:18:02 | Computer Name = KHÂRN | Source = NetDDE | ID = 204
Description = Anzahl an LANAS konnte nicht bestimmt werden.
 
Error - 6.5.2012 08:18:02 | Computer Name = KHÂRN | Source = NetDDE | ID = 12
Description = Initialisierung von "NDDENB32"-DLL fehlgeschlagen.
 
Error - 6.5.2012 08:18:09 | Computer Name = KHÂRN | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort  aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
Sie
 sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der  Microsoft
 Management Console (MMC).
 
Error - 6.5.2012 08:18:09 | Computer Name = KHÂRN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
 
< End of report >