Hallo,
ich bin langsam doch mehr am verzweifeln.
hier der text.
OTLOTL Logfile: Code:
OTL logfile created on: 18.12.2011 18:58:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Max\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 81,74% Memory free
6,19 Gb Paging File | 5,82 Gb Available in Paging File | 94,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 59,00 Gb Total Space | 8,98 Gb Free Space | 15,22% Space Free | Partition Type: NTFS
Drive E: | 230,59 Gb Total Space | 34,19 Gb Free Space | 14,83% Space Free | Partition Type: NTFS
Computer Name: WORKSTATION | User Name: Max | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.18 18:57:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL(2).exe
PRC - [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.08.05 20:48:17 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.06.09 22:14:40 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.04.21 03:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2008.03.18 20:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2009.12.08 00:25:26 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.06.09 22:14:40 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.27 22:42:40 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 10:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.11.17 06:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.06.10 06:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.06.10 06:23:00 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.05.02 21:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.03.26 19:32:04 | 000,081,192 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD)
DRV - [2008.03.21 20:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007.05.24 01:33:58 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2005.02.11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = CINEMA 3D - 3D TV der nächsten Generation - Pentouch TV - PZ850 Plasma TV - LG Deutschland
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = CINEMA 3D - 3D TV der nächsten Generation - Pentouch TV - PZ850 Plasma TV - LG Deutschland
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = CINEMA 3D - 3D TV der nächsten Generation - Pentouch TV - PZ850 Plasma TV - LG Deutschland
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Max\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.02 01:18:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.16 01:38:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.10.17 22:58:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.12.16 01:38:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Max\Program Files\DNA [2011.03.03 12:56:09 | 000,000,000 | ---D | M]
[2009.04.05 19:17:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Extensions
[2011.12.11 00:13:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\01legc20.default\extensions
[2010.06.07 20:14:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\01legc20.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.10.03 11:17:54 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\01legc20.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.12.10 00:49:44 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\01legc20.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011.06.05 11:42:12 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\01legc20.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2010.10.09 14:33:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010.10.09 14:33:54 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.03.03 12:56:09 | 000,000,000 | ---D | M] (No name found) -- C:\USERS\MAX\PROGRAM FILES\DNA
[2011.12.02 01:18:36 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.02 01:18:36 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.02 01:18:36 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.02 01:18:36 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.02 01:18:36 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.01.27 15:00:57 | 000,001,211 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 Registration wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com Adobe wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [firefox.exe] C:\Users\Max\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
O4 - HKCU..\Run: [Windows Update] C:\Windows\system32\Updater.exe File not found
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3960A564-9B05-4F4B-BCCE-E563DE3B891F}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Max\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Max\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2593e44b-2297-11de-b0b0-00238b2f8477}\Shell - "" = AutoRun
O33 - MountPoints2\{2593e44b-2297-11de-b0b0-00238b2f8477}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{c7de5027-e042-11de-9cb4-00238b2f8477}\Shell\AutoRun\command - "" = F:\pbudsara.exe
O33 - MountPoints2\{c7de5027-e042-11de-9cb4-00238b2f8477}\Shell\open\Command - "" = F:\pbudsara.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {31A2711E-2325-FD01-999B-4F22E46E92C0} - Internet Explorer
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9383C1A5-09C1-F801-CDF7-128C2378B1FA} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E6B6BEAC-D0C5-8850-0404-B609225ED60E} -
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - File not found
MsConfig - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - File not found
MsConfig - StartUpReg: BitTorrent DNA - hkey= - key= - C:\Users\Max\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
MsConfig - StartUpReg: LG Magnifier - hkey= - key= - File not found
MsConfig - StartUpReg: MsUpdate - hkey= - key= - File not found
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011.12.18 18:57:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL(2).exe
[2011.12.18 18:50:50 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe
[2011.12.16 02:00:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe Premiere Pro CS4
[2011.12.16 01:37:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2011.12.14 00:45:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe Premiere Pro CS5.5
[2011.12.11 13:47:42 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\Echo & The Bunnymen-evergreen
[2011.12.10 15:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011.12.10 12:31:57 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\Hotel
[2011.12.10 12:17:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2011.12.10 12:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5
[2011.12.10 12:09:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011.12.10 01:08:10 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2011.12.10 01:07:27 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Dropbox
[2011.12.10 01:07:00 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\Nadja
[2011.12.05 08:04:00 | 000,000,000 | ---D | C] -- C:\ProgramData\YouTube Downloader
[2011.12.05 08:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader
[2011.11.28 08:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\WinpkFilter
========== Files - Modified Within 30 Days ==========
[2011.12.18 18:57:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL(2).exe
[2011.12.18 18:55:05 | 006,426,582 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.12.18 18:55:05 | 002,391,748 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.18 18:55:05 | 002,030,218 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.12.18 18:55:05 | 001,834,204 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.18 18:50:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe
[2011.12.18 18:48:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.16 19:39:34 | 000,117,821 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.12.16 19:39:22 | 000,117,821 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.12.16 19:39:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.16 19:39:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.16 18:01:11 | 006,340,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.12.16 01:38:16 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2011.12.16 01:38:16 | 000,001,806 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2011.12.16 01:24:36 | 000,107,008 | ---- | M] () -- C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.16 01:19:34 | 000,032,183 | ---- | M] () -- C:\Users\Max\Desktop\berger 4.jpg
[2011.12.16 01:19:30 | 000,022,888 | ---- | M] () -- C:\Users\Max\Desktop\berger 3.jpg
[2011.12.16 01:19:22 | 000,029,971 | ---- | M] () -- C:\Users\Max\Desktop\berger 2.jpg
[2011.12.16 01:19:16 | 000,041,379 | ---- | M] () -- C:\Users\Max\Desktop\berger 1.jpg
[2011.12.16 01:19:01 | 000,037,086 | ---- | M] () -- C:\Users\Max\Desktop\167438_125415930858108_100001691055508_152813_710911_n.jpg
[2011.12.16 00:47:23 | 062,272,700 | ---- | M] () -- C:\Users\Max\Desktop\Be A Manwolf Today.mp4
[2011.12.16 00:45:38 | 000,070,399 | ---- | M] () -- C:\Users\Max\Desktop\mode portrait.jpg
[2011.12.13 22:28:05 | 000,382,840 | ---- | M] () -- C:\Users\Max\Desktop\johnwesley_music4books2.png
[2011.12.13 21:18:04 | 000,030,664 | ---- | M] () -- C:\Users\Max\Desktop\Kontoumsaetze_700_529812000_20111213_211803.pdf
[2011.12.13 21:17:43 | 000,015,720 | ---- | M] () -- C:\Users\Max\Desktop\Kontoumsaetze_700_529812000_20111213_211742.pdf
[2011.12.13 21:04:38 | 000,475,252 | ---- | M] () -- C:\Users\Max\Desktop\Müller+Milch_1.pdf
[2011.12.13 00:51:34 | 000,022,112 | ---- | M] () -- C:\Users\Max\Desktop\likebutton3.jpg
[2011.12.12 22:18:31 | 012,035,770 | ---- | M] () -- C:\Users\Max\Desktop\El Guincho - Bombay.flv
[2011.12.11 00:12:20 | 000,045,903 | ---- | M] () -- C:\Users\Max\Desktop\krissey.jpg
[2011.12.11 00:11:37 | 000,052,660 | ---- | M] () -- C:\Users\Max\Desktop\elvis gisi.jpg
[2011.12.10 12:55:18 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.12.10 11:56:20 | 000,000,928 | ---- | M] () -- C:\Users\Max\Desktop\CyberLink YouCam.lnk
[2011.12.10 01:08:28 | 000,000,919 | ---- | M] () -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011.12.09 21:32:41 | 002,977,896 | ---- | M] () -- C:\Users\Max\Desktop\Swing Kids - Intro To Photography.mp3
========== Files Created - No Company Name ==========
[2011.12.16 01:38:16 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
[2011.12.16 01:38:16 | 000,001,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
[2011.12.16 01:38:16 | 000,001,806 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2011.12.16 01:38:16 | 000,001,806 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Professional.lnk
[2011.12.16 01:19:34 | 000,032,183 | ---- | C] () -- C:\Users\Max\Desktop\berger 4.jpg
[2011.12.16 01:19:29 | 000,022,888 | ---- | C] () -- C:\Users\Max\Desktop\berger 3.jpg
[2011.12.16 01:19:22 | 000,029,971 | ---- | C] () -- C:\Users\Max\Desktop\berger 2.jpg
[2011.12.16 01:19:16 | 000,041,379 | ---- | C] () -- C:\Users\Max\Desktop\berger 1.jpg
[2011.12.16 01:19:01 | 000,037,086 | ---- | C] () -- C:\Users\Max\Desktop\167438_125415930858108_100001691055508_152813_710911_n.jpg
[2011.12.16 00:46:29 | 062,272,700 | ---- | C] () -- C:\Users\Max\Desktop\Be A Manwolf Today.mp4
[2011.12.16 00:45:37 | 000,070,399 | ---- | C] () -- C:\Users\Max\Desktop\mode portrait.jpg
[2011.12.13 22:27:58 | 000,382,840 | ---- | C] () -- C:\Users\Max\Desktop\johnwesley_music4books2.png
[2011.12.13 21:18:04 | 000,030,664 | ---- | C] () -- C:\Users\Max\Desktop\Kontoumsaetze_700_529812000_20111213_211803.pdf
[2011.12.13 21:17:43 | 000,015,720 | ---- | C] () -- C:\Users\Max\Desktop\Kontoumsaetze_700_529812000_20111213_211742.pdf
[2011.12.13 21:04:10 | 000,475,252 | ---- | C] () -- C:\Users\Max\Desktop\Müller+Milch_1.pdf
[2011.12.13 00:51:28 | 000,022,112 | ---- | C] () -- C:\Users\Max\Desktop\likebutton3.jpg
[2011.12.12 22:15:59 | 012,035,770 | ---- | C] () -- C:\Users\Max\Desktop\El Guincho - Bombay.flv
[2011.12.11 00:12:20 | 000,045,903 | ---- | C] () -- C:\Users\Max\Desktop\krissey.jpg
[2011.12.11 00:11:36 | 000,052,660 | ---- | C] () -- C:\Users\Max\Desktop\elvis gisi.jpg
[2011.12.10 12:15:29 | 000,000,974 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
[2011.12.10 12:09:51 | 000,000,874 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011.12.10 11:56:20 | 000,000,928 | ---- | C] () -- C:\Users\Max\Desktop\CyberLink YouCam.lnk
[2011.12.10 01:11:46 | 002,977,896 | ---- | C] () -- C:\Users\Max\Desktop\Swing Kids - Intro To Photography.mp3
[2011.12.10 01:08:28 | 000,000,919 | ---- | C] () -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011.11.28 08:24:24 | 000,001,013 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinpkFilter API Reference.lnk
[2011.11.28 08:24:24 | 000,000,918 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall WinpkFilter Runtime Libraries.lnk
[2011.08.22 00:29:15 | 000,000,680 | ---- | C] () -- C:\Users\Max\AppData\Local\d3d9caps.dat
[2010.10.09 14:34:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.01.20 17:36:41 | 000,001,099 | ---- | C] () -- C:\Users\Max\AppData\Roaming\ShiftN.ini
[2009.11.06 10:03:57 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2009.09.24 13:00:53 | 000,000,571 | ---- | C] () -- C:\Windows\eReg.dat
[2009.04.07 21:23:46 | 000,107,008 | ---- | C] () -- C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.06 14:13:56 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.04.06 11:49:31 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.11.20 20:06:45 | 000,117,821 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.11.20 20:06:45 | 000,117,821 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.06.24 01:04:30 | 000,000,000 | ---- | C] () -- C:\Windows\lgcenter.ini
[2008.06.24 00:33:11 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.06.24 00:23:59 | 000,000,212 | ---- | C] () -- C:\Windows\lgps.ini
[2008.06.24 00:07:24 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.06.23 07:54:15 | 006,426,582 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.06.23 07:54:15 | 002,030,218 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.06.23 07:54:15 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.06.23 07:54:15 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.01.21 03:24:14 | 000,100,043 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 006,340,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 002,391,748 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 001,834,204 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
========== LOP Check ==========
[2009.08.11 21:51:14 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Ableton
[2011.10.05 21:32:47 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Audacity
[2011.12.16 17:55:45 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\BitTorrent
[2011.05.08 12:06:47 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Canon
[2009.12.22 22:21:43 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Cycling '74
[2011.03.12 01:45:40 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\DNA
[2011.12.16 19:40:36 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Dropbox
[2011.10.16 00:38:42 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\FileZilla
[2010.03.30 12:43:13 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Imagenomic
[2010.02.08 12:42:52 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\inkscape
[2011.06.20 18:56:02 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\LolClient
[2009.04.05 22:41:30 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Mp3tag
[2009.05.18 20:48:05 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\TheLastRipper
[2011.10.17 22:58:53 | 000,000,000 | ---D | M] -- C:\Users\Max\AppData\Roaming\Thunderbird
[2011.12.10 12:55:25 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2009.04.05 18:39:21 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2008.06.23 07:55:58 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.05.08 11:20:37 | 000,000,000 | -H-D | M] -- C:\CanoScan
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2008.06.24 00:47:35 | 000,000,000 | ---D | M] -- C:\Intel
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.12.10 11:54:42 | 000,000,000 | R--D | M] -- C:\Program Files
[2010.07.05 19:09:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2011.12.10 15:26:03 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.12.16 16:32:36 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009.04.05 22:23:47 | 000,000,000 | ---D | M] -- C:\Temp
[2009.04.05 18:33:51 | 000,000,000 | R--D | M] -- C:\Users
[2011.12.16 20:03:44 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTOR.SYS >
[2008.04.21 03:29:56 | 000,394,776 | ---- | M] (Intel Corporation) MD5=8BD53925C5675BC9A5EFE12E2A42BE31 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.04.21 03:29:38 | 000,317,464 | ---- | M] (Intel Corporation) MD5=9F1220113A3A7F4F08042C699324D073 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.04.21 03:29:38 | 000,317,464 | ---- | M] (Intel Corporation) MD5=9F1220113A3A7F4F08042C699324D073 -- C:\Windows\System32\drivers\iaStor.sys
[2008.04.21 03:29:38 | 000,317,464 | ---- | M] (Intel Corporation) MD5=9F1220113A3A7F4F08042C699324D073 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_18bd4575\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\System32\user32.dll
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2010.02.08 12:49:51 | 000,000,734 | ---- | M] () -- C:\Users\Max\.recently-used.xbel
[2011.12.18 18:59:04 | 002,883,584 | -HS- | M] () -- C:\Users\Max\NTUSER.DAT
[2011.12.18 18:59:03 | 000,262,144 | -H-- | M] () -- C:\Users\Max\ntuser.dat.LOG1
[2009.04.05 18:33:52 | 000,000,000 | -H-- | M] () -- C:\Users\Max\ntuser.dat.LOG2
[2011.12.16 21:31:22 | 000,065,536 | -HS- | M] () -- C:\Users\Max\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2011.12.16 21:31:22 | 000,524,288 | -HS- | M] () -- C:\Users\Max\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009.04.05 18:40:08 | 000,524,288 | -HS- | M] () -- C:\Users\Max\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2009.04.05 18:33:52 | 000,000,020 | -HS- | M] () -- C:\Users\Max\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< End of report >
--- --- ---
EXTRASOTL Logfile: Code:
OTL Extras logfile created on: 18.12.2011 18:58:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Max\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 81,74% Memory free
6,19 Gb Paging File | 5,82 Gb Available in Paging File | 94,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 59,00 Gb Total Space | 8,98 Gb Free Space | 15,22% Space Free | Partition Type: NTFS
Drive E: | 230,59 Gb Total Space | 34,19 Gb Free Space | 14,83% Space Free | Partition Type: NTFS
Computer Name: WORKSTATION | User Name: Max | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08BB415A-17C3-4932-B556-A114CAC2861B}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12FD588C-C02B-4437-BA60-507EC22AE273}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{1E120A34-F981-4D06-AB17-72BFBCBFDE00}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2221B248-B040-4A16-B452-33460977825E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{23A4EA30-1F11-4EE6-BC71-2D77BE27EFEB}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{26EC19D7-D016-4252-AD13-994DC842950A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{413B4FD7-B7D9-4F4C-AAF2-63AB1498EF2D}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{6C7EFEF3-5ED4-43F7-9523-7C7EA9846F2D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7F707F2F-76CD-467A-ACC3-753F5A7D8FA9}" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe |
"{84CD7AD9-9E60-4688-B6BD-BEDC784F64A8}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8539C574-46EC-456F-BA2D-2B95C5EC9935}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AE91F43E-E809-425F-BD40-156F45D3EAA1}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{AEBE41E0-4D80-459D-8F1C-7BAB799A982A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B0BD9342-31E9-452E-9EE5-635E24C4A611}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B8E10016-82BE-4A78-885A-1F1ECBC2CBA3}" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe |
"{CB97BF84-9CB5-40A1-95ED-FC9F7ED08800}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{E13D926F-B6F1-4299-8B10-DBB484FB6C52}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{E51F8028-0058-4F68-A2EE-C49E63FCDC1A}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{0FC4CC35-B08F-42AC-8D66-F3152232D757}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{4668EF57-FBB5-4EAE-8315-F941091CF097}C:\users\max\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\max\program files\dna\btdna.exe |
"TCP Query User{46E24645-7998-412E-99E2-38590E4F839E}C:\users\max\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{69A9A7D5-0022-4B35-A706-BDE542A2E217}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{96873F44-7322-474F-A73B-02E3500B4D12}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{9E2CFE79-EB8D-4E1D-A812-44FCBE5E2804}C:\program files\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"TCP Query User{BF36DF19-94D2-4DEA-8F97-FF115809AF8C}C:\program files\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"TCP Query User{EEB4355B-8E4B-4EF4-B42D-37525F0570DD}C:\users\max\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\max\program files\dna\btdna.exe |
"UDP Query User{04A78CEF-84B6-4FA9-BE28-DB09A88ACD73}C:\users\max\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{123A65FB-0C39-448A-B7B0-8E09F2511EB6}C:\program files\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"UDP Query User{3C40D761-F27E-4DF1-8EB4-89407B508E18}C:\users\max\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\max\program files\dna\btdna.exe |
"UDP Query User{5D4F0244-BFF9-4052-87CC-F17FADF6FB83}C:\users\max\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\max\program files\dna\btdna.exe |
"UDP Query User{A0EE4047-00DA-4EA3-A009-1C781B963F35}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{A6B2AAF8-2209-434D-8A23-2D8A7DB3D8B6}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{C83EBAC3-98E7-462B-9E4A-659C6B80F30C}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{E3100F71-2E20-4930-B3F1-52A2B8573C59}C:\program files\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseekns\slsk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12001D97-ED15-4D04-B4A6-32D16A71844C}" = Adobe Photoshop Lightroom 2.6.1
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{52A4E146-A102-4ED0-970F-6B1715EB3C86}" = Quake Live Mozilla Plugin
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C542173-96F0-435D-A95C-468CAAC75EA0}" = Adobe Flash Player 10 Plugin
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{B001064C-D061-4BAE-9031-416A838D5536}" = Adobe Flash Player 10 ActiveX
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.0 Professional
"Adobe AIR" = Adobe AIR
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.8 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Biet-O-Matic v2.12.5" = Biet-O-Matic v2.12.5
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"FileZilla Client" = FileZilla Client 3.5.1
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"ImagenomicNoisewareProPlugin" = Imagenomic Noiseware 4.2 Professional Plug-in (build 4205)
"ImagenomicPortraiturePlugin" = Imagenomic Portraiture 2.1 Plug-in (build 2105)
"ImagenomicRealGrainPlugin" = Imagenomic RealGrain 1.1 Plug-in (build 1103)
"Inkscape" = Inkscape 0.47
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LGFanModeTile" = LG Fan Mode Tile for Windows Mobility Center
"LGTouchPadTile" = LG TouchPad Tile for Windows Mobility Center
"Live 8.0.4" = Live 8.0.4
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.24)" = Mozilla Firefox (3.6.24)
"Mozilla Thunderbird (7.0.1)" = Mozilla Thunderbird (7.0.1)
"Mp3tag" = Mp3tag v2.43
"NVIDIA Drivers" = NVIDIA Drivers
"ShiftN_is1" = ShiftN 3.5
"Soulseek2" = SoulSeek 157 NS 13e
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 0.9.9
"WinpkFilter Runtime Libraries" = WinpkFilter Runtime Libraries
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 01.12.2011 03:12:30 | Computer Name = Workstation | Source = LoadPerf | ID = 3011
Description =
Error - 01.12.2011 20:17:36 | Computer Name = Workstation | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.3888 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: ba0 Anfangszeit: 01ccad9dae8b8680 Zeitpunkt der Beendigung:
477
Error - 01.12.2011 20:17:37 | Computer Name = Workstation | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung plugin-container.exe, Version 1.9.2.3888, Zeitstempel
0x4c7451ef, fehlerhaftes Modul ntdll.dll, Version 6.0.6001.18538, Zeitstempel 0x4cb733dc,
Ausnahmecode 0xc0000005, Fehleroffset 0x00047ae2, Prozess-ID 0x69c, Anwendungsstartzeit
01ccad9ddef3e3d0.
Error - 03.12.2011 17:48:44 | Computer Name = Workstation | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung plugin-container.exe, Version 1.9.2.4324, Zeitstempel
0x4eb2a578, fehlerhaftes Modul ntdll.dll, Version 6.0.6001.18538, Zeitstempel 0x4cb733dc,
Ausnahmecode 0xc0000005, Fehleroffset 0x00047ae2, Prozess-ID 0xac4, Anwendungsstartzeit
01ccb088e127bb20.
Error - 04.12.2011 19:25:23 | Computer Name = Workstation | Source = LoadPerf | ID = 3012
Description =
Error - 04.12.2011 19:25:23 | Computer Name = Workstation | Source = LoadPerf | ID = 3012
Description =
Error - 04.12.2011 19:25:23 | Computer Name = Workstation | Source = LoadPerf | ID = 3011
Description =
Error - 04.12.2011 20:31:00 | Computer Name = Workstation | Source = LoadPerf | ID = 3012
Description =
Error - 04.12.2011 20:31:00 | Computer Name = Workstation | Source = LoadPerf | ID = 3012
Description =
Error - 04.12.2011 20:31:00 | Computer Name = Workstation | Source = LoadPerf | ID = 3011
Description =
[ System Events ]
Error - 16.12.2011 15:05:34 | Computer Name = Workstation | Source = Service Control Manager | ID = 7001
Description =
Error - 16.12.2011 15:05:34 | Computer Name = Workstation | Source = Service Control Manager | ID = 7026
Description =
Error - 18.12.2011 13:48:37 | Computer Name = Workstation | Source = DCOM | ID = 10005
Description =
Error - 18.12.2011 13:48:39 | Computer Name = Workstation | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.7 für die Netzwerkkarte mit der Netzwerkadresse
00216B03A51E wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 18.12.2011 13:48:44 | Computer Name = Workstation | Source = DCOM | ID = 10005
Description =
Error - 18.12.2011 13:48:48 | Computer Name = Workstation | Source = DCOM | ID = 10005
Description =
Error - 18.12.2011 13:48:55 | Computer Name = Workstation | Source = DCOM | ID = 10005
Description =
Error - 18.12.2011 13:49:03 | Computer Name = Workstation | Source = DCOM | ID = 10005
Description =
Error - 18.12.2011 13:50:02 | Computer Name = Workstation | Source = Service Control Manager | ID = 7001
Description =
Error - 18.12.2011 13:50:02 | Computer Name = Workstation | Source = Service Control Manager | ID = 7026
Description =
< End of report >
--- --- ---
DANKE DANKE DANKE! |
