| Daywalker73 | 25.03.2012 17:48 |
OTL.txtOTL Logfile: Code:
OTL logfile created on: 25.03.2012 18:23:14 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Dokumente und Einstellungen\Papa\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1023,17 Mb Total Physical Memory | 535,17 Mb Available Physical Memory | 52,31% Memory free
2,56 Gb Paging File | 1,91 Gb Available in Paging File | 74,44% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 229,74 Gb Total Space | 171,67 Gb Free Space | 74,72% Space Free | Partition Type: NTFS
Computer Name: HIGHTECH-A492D2 | User Name: Papa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.03.25 18:05:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Papa\Desktop\OTL.exe
PRC - [2011.10.24 17:51:19 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2011.08.20 15:21:47 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.08.20 15:21:45 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe
PRC - [2011.06.09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.11.13 07:34:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 23:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008.05.02 03:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe
PRC - [2008.05.02 03:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe
PRC - [2008.05.02 03:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.29 23:37:20 | 000,561,213 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006.11.29 23:35:42 | 001,396,820 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2005.10.27 17:01:16 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Programme\Multimedia Card Reader\shwicon2k.exe
PRC - [2004.09.08 05:56:34 | 002,203,648 | ---- | M] () -- C:\mysql\bin\mysqld-nt.exe
PRC - [2004.02.25 18:06:20 | 000,212,992 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Video\LogiTray.exe
PRC - [2004.02.25 17:39:48 | 000,176,128 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Video\FxSvr2.exe
PRC - [2004.02.25 17:15:50 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
========== Modules (No Company Name) ==========
MOD - [2010.01.28 14:57:53 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009.02.27 17:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2006.08.11 21:43:10 | 000,196,608 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2006.08.11 21:43:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2004.09.08 05:56:34 | 002,203,648 | ---- | M] () -- C:\mysql\bin\mysqld-nt.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2011.08.20 15:21:47 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.08.20 15:21:45 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2008.05.02 03:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007.01.09 18:16:12 | 000,061,440 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe -- (MZCCntrl)
SRV - [2004.09.08 05:56:34 | 002,203,648 | ---- | M] () [Auto | Running] -- C:\mysql\bin\mysqld-nt.exe -- (MySQL)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011.08.20 15:21:47 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.08.20 15:21:47 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.25 17:51:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.02.29 04:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008.02.29 04:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008.02.29 04:12:48 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007.01.03 18:25:18 | 000,027,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\frmupgr.sys -- (DFUBTUSB)
DRV - [2006.12.04 15:33:34 | 000,067,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006.12.04 15:33:34 | 000,047,907 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006.12.04 15:33:34 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006.12.04 15:33:32 | 000,863,402 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006.12.04 15:33:32 | 000,329,901 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006.10.09 16:03:56 | 000,017,152 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MInfraIS\MIINPazx.sys -- (MIINPazX)
DRV - [2006.10.09 15:46:44 | 000,017,536 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)
DRV - [2006.10.04 10:14:26 | 000,017,280 | ---- | M] (Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MAcNdis5.sys -- (MACNDIS5)
DRV - [2006.08.01 13:07:02 | 004,356,608 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.02.26 23:46:20 | 000,081,408 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005.10.27 17:01:06 | 000,038,468 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004.08.13 11:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.02.14 12:09:20 | 000,244,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://startsear.ch/?aff=1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{2C77C3AE-091A-442A-8C7F-2CFD9E5F35AE}: "URL" = hxxp://startsear.ch/?aff=1&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://seafight.de/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {2C77C3AE-091A-442A-8C7F-2CFD9E5F35AE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{2C77C3AE-091A-442A-8C7F-2CFD9E5F35AE}: "URL" = hxxp://startsear.ch/?aff=1&q={searchTerms}
IE - HKCU\..\SearchScopes\{83EE0E1D-A90B-48EF-9817-2DF6F248A384}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Programme\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.14 22:47:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\10019 [2012.03.20 12:15:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.03.08 06:32:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.02.25 12:07:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\10019 [2012.03.20 12:15:36 | 000,000,000 | ---D | M]
[2011.09.18 20:23:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Extensions
[2012.03.08 06:33:12 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\g3vxpppx.default\extensions
[2012.01.15 12:50:13 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\g3vxpppx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.12.06 21:42:13 | 000,000,000 | ---D | M] (toolplugin) -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\g3vxpppx.default\extensions\welcome@toolmin.com
[2011.05.17 13:12:44 | 000,002,333 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\g3vxpppx.default\searchplugins\askcom.xml
[2011.09.08 18:21:56 | 000,002,342 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\g3vxpppx.default\searchplugins\icq-search.xml
[2011.10.02 07:33:21 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\g3vxpppx.default\searchplugins\icqplugin-1.xml
[2011.11.10 04:04:47 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\g3vxpppx.default\searchplugins\icqplugin-2.xml
[2011.09.20 10:25:28 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\g3vxpppx.default\searchplugins\icqplugin.xml
[2011.09.18 18:04:14 | 000,002,506 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\g3vxpppx.default\searchplugins\SearchResults.xml
[2011.07.11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Mozilla\Firefox\Profiles\g3vxpppx.default\searchplugins\startsear.xml
[2012.02.12 16:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.03.20 12:15:36 | 000,000,000 | ---D | M] (Java String Helper) -- C:\WINDOWS\SYSTEM32\10019
[2012.03.08 06:32:45 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.10.31 14:18:11 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2009.10.26 16:53:52 | 000,102,400 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012.03.08 06:32:40 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.08 06:32:40 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.03.08 06:32:40 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.08 06:32:40 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.06 21:42:14 | 000,000,158 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search the web.src
[2011.09.18 18:04:14 | 000,002,506 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\SearchResults.xml
[2012.03.08 06:32:40 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.08 06:32:40 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\17.0.963.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\17.0.963.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.18_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011.10.28 15:37:33 | 000,437,921 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15061 more lines...
O2 - BHO: (no name) - {184AA5E6-741D-464a-820E-94B3ABC2F3B4} - No CLSID value found.
O2 - BHO: (no name) - {975670D0-7EFB-4fa8-90FA-3AE575B9FB77} - No CLSID value found.
O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\toolplugin\toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Sunkist2k] C:\Programme\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5E5FA89-C5C6-4E22-AA58-ED703AEDA944}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programme\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.28 16:07:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.03.25 18:05:25 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Papa\Desktop\OTL.exe
[2012.03.23 18:27:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\SUPERAntiSpyware.com
[2012.03.23 18:26:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com
[2012.03.23 18:26:38 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2012.03.23 15:11:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Papa\Startmenü\Programme\Google Chrome
[2012.03.23 13:58:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.03.20 17:31:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2012.03.20 12:15:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\10019
[2012.03.19 21:35:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\UAs
[2012.03.19 11:17:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\10018
[2012.03.18 20:02:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\10017
[2012.03.18 19:05:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xmldm
[2012.03.18 19:05:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\kock
[2012.03.14 22:48:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\DDMSettings
[2012.03.09 15:20:25 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Papa\IECompatCache
[2012.03.08 09:57:47 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Papa\IETldCache
[2012.03.08 08:26:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.03.08 08:21:45 | 000,000,000 | ---D | C] -- C:\7504bc00cb449e1f51a27b68957e
[2012.02.25 12:07:11 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.03.25 18:24:01 | 000,001,206 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-308236825-1801674531-1003UA.job
[2012.03.25 18:05:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Papa\Desktop\OTL.exe
[2012.03.25 15:37:04 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-746137067-308236825-1801674531-1003UA.job
[2012.03.24 22:37:06 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-746137067-308236825-1801674531-1003Core.job
[2012.03.24 21:24:04 | 000,001,154 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-308236825-1801674531-1003Core.job
[2012.03.23 18:26:45 | 000,001,642 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.03.23 15:11:21 | 000,002,357 | ---- | M] () -- C:\Dokumente und Einstellungen\Papa\Desktop\Google Chrome.lnk
[2012.03.23 14:36:00 | 000,081,858 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.03.23 14:34:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.03.23 14:18:14 | 000,107,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.03.23 13:58:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.03.20 15:34:34 | 000,000,013 | ---- | M] () -- C:\WINDOWS\System32\urhtps.dat
[2012.03.10 14:29:28 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.03.08 08:21:30 | 000,459,188 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.03.08 08:21:30 | 000,441,546 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.03.08 08:21:30 | 000,084,702 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.03.08 08:21:30 | 000,071,482 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.02.25 12:07:24 | 000,001,709 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.03.23 18:26:45 | 000,001,642 | ---- | C] () -- C:\Dokumente und Einstellungen\Papa\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.03.23 15:11:21 | 000,002,357 | ---- | C] () -- C:\Dokumente und Einstellungen\Papa\Desktop\Google Chrome.lnk
[2012.03.23 15:10:43 | 000,001,206 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-308236825-1801674531-1003UA.job
[2012.03.23 15:10:42 | 000,001,154 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-308236825-1801674531-1003Core.job
[2012.03.20 15:34:34 | 000,000,013 | ---- | C] () -- C:\WINDOWS\System32\urhtps.dat
[2012.02.25 12:07:24 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader 9.lnk
[2012.02.25 12:07:24 | 000,001,709 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2012.01.04 11:41:50 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\{2AF39E5E-FCBF-43C3-B1AE-0442852DDDEC}
[2010.12.23 13:12:07 | 000,113,711 | ---- | C] () -- C:\WINDOWS\hpoins07.dat.temp
[2010.12.14 11:58:16 | 000,000,185 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc
[2010.11.26 21:18:37 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
========== LOP Check ==========
[2009.10.01 23:21:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AdventureChronicles1
[2008.10.28 23:32:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Azureus
[2011.09.18 18:04:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2009.09.28 13:42:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FarmFrenzy2
[2009.06.24 20:07:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GameHouse
[2009.09.26 13:58:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HoverBee Studios
[2010.11.11 18:03:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2009.10.07 16:46:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IntDreams
[2010.02.12 16:23:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus!
[2011.08.20 14:33:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mquadr.at
[2009.09.28 19:44:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mushroom Age
[2009.10.09 19:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NeptunesAdve
[2009.09.28 13:45:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlayFirst
[2010.09.20 13:02:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sandlot Games
[2010.12.14 12:06:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Soluto
[2008.12.04 21:55:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2012.02.13 21:37:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WhiteCap (Holiday Edition)
[2009.07.05 08:59:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2011.10.29 16:04:28 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{1B0B54CA-AA7D-41D3-A84A-29E7C9CB13A2}
[2009.08.12 18:21:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Azureus
[2011.09.18 17:51:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Bandoo
[2012.03.14 22:48:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\DDMSettings
[2011.08.23 19:32:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\ElevatedDiagnostics
[2009.10.09 12:00:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Friday's games
[2009.04.17 05:33:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\GUTEN ABEND
[2010.04.16 07:15:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Hallo
[2011.10.19 11:48:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\ICQ
[2010.02.21 21:49:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Image Zone Express
[2009.09.28 13:45:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\PlayFirst
[2011.09.18 18:05:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\searchquband
[2009.09.22 17:33:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\SecretIslandDeuBF
[2009.09.19 12:52:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Skip-Bo
[2009.12.12 21:54:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\SpinTop Games
[2008.12.04 21:55:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\T-Online
[2010.09.07 23:16:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\TeamViewer
[2011.12.06 21:42:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\toolplugin
[2011.09.08 07:29:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\TS3Client
[2010.11.30 14:23:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Valuga Software
[2011.08.21 11:48:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\wargaming.net
[2010.09.03 11:13:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\YoudaGames
[2010.11.20 20:24:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Zylom
[2009.09.22 23:17:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Papa\Anwendungsdaten\Zylom 3 Days Zoo Mystery
[2012.03.24 22:37:06 | 000,000,992 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-746137067-308236825-1801674531-1003Core.job
[2012.03.25 15:37:04 | 000,001,014 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-746137067-308236825-1801674531-1003UA.job
========== Purity Check ==========
< End of report >
--- --- ---
Extra.txtOTL Logfile: Code:
OTL Extras logfile created on: 25.03.2012 18:23:14 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Dokumente und Einstellungen\Papa\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1023,17 Mb Total Physical Memory | 535,17 Mb Available Physical Memory | 52,31% Memory free
2,56 Gb Paging File | 1,91 Gb Available in Paging File | 74,44% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 229,74 Gb Total Space | 171,67 Gb Free Space | 74,72% Space Free | Partition Type: NTFS
Computer Name: HIGHTECH-A492D2 | User Name: Papa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"ANTIVIRUSDISABLENOTIFY" = 0
"FIREWALLDISABLENOTIFY" = 0
"UPDATESDISABLENOTIFY" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6
"C:\Programme\Azureus\Azureus.exe" = C:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus -- (Azureus Inc)
"C:\Programme\Nero\Nero 7\Nero ShowTime\ShowTime.exe" = C:\Programme\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime
"C:\Dokumente und Einstellungen\Papa\Eigene Dateien\ICQ\476747730\ReceivedFiles\375139550 pinky26 Antonia\Weisseradler-Script 1.071\mirc.exe" = C:\Dokumente und Einstellungen\Papa\Eigene Dateien\ICQ\476747730\ReceivedFiles\375139550 pinky26 Antonia\Weisseradler-Script 1.071\mirc.exe:*:Enabled:mIRC
"C:\Dokumente und Einstellungen\Papa\Eigene Dateien\Programme\Weisseradler-Script 1.071\mirc.exe" = C:\Dokumente und Einstellungen\Papa\Eigene Dateien\Programme\Weisseradler-Script 1.071\mirc.exe:*:Enabled:mIRC
"C:\Programme\Motorola\Software Update\msu.exe" = C:\Programme\Motorola\Software Update\msu.exe:*:Enabled:msu
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\Philips\Intelligent Agent\Philips Intelligent Agent.exe" = C:\Programme\Philips\Intelligent Agent\Philips Intelligent Agent.exe:*:Enabled:Philips Intelligent Agent
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"H:\DVD-START.EXE" = H:\DVD-START.EXE:*:Enabled:Schnellstart-DVD
"C:\Games\World_of_Tanks\WOTLauncher.exe" = C:\Games\World_of_Tanks\WOTLauncher.exe:*:Enabled:World of Tanks Launcher
"C:\Games\World_of_Tanks\WorldOfTanks.exe" = C:\Games\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks
"C:\Programme\SpacialAudio\SAMBC\SAMBC.exe" = C:\Programme\SpacialAudio\SAMBC\SAMBC.exe:*:Enabled:SAMBC -- ()
"C:\Programme\SopCast\adv\SopAdver.exe" = C:\Programme\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver
"C:\Programme\SopCast\SopCast.exe" = C:\Programme\SopCast\SopCast.exe:*:Enabled:SopCast Main Application
"C:\Programme\TVUPlayer\TVUPlayer.exe" = C:\Programme\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component
"C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Dokumente und Einstellungen\Papa\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{07B02BD4-E799-4945-B240-166CA9A9BE2D}" = Multimedia Card Reader
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2466E904-7E48-4597-9321-722CF02930EB}" = 5600
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{466B21EE-2858-4845-B2B3-056FC544DAA3}" = Logitech QuickCam
"{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}" = HP PSC & Officejet 5.3.B Corporate Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{82F2B38B-1426-443D-874C-AC25675E7BEB}" = Windows Live Mail
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{895539a0-5031-4e6e-b543-b75c86c742b5}" = Nero 9 Lite
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BFD5AC8A-5884-4da8-9873-3DF8E3DCCE18}" = 5600Trb
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C549017A-FFAB-4679-9112-26E83DD82DB5}" = Enterprise
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC7984C5-020D-4944-85A0-58D09D4A8BFB}" = 5600_Help
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Azureus" = Azureus
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"GildenIdent 1.5" = GildenIdent 1.5
"GreenBrowser_is1" = GreenBrowser
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"iLivid" = iLivid
"InstallShield_{07B02BD4-E799-4945-B240-166CA9A9BE2D}" = Multimedia Card Reader
"Language Pack for Ad-aware 6" = Language Pack for Ad-aware 6
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 10.0.1 (x86 de)" = Mozilla Firefox 10.0.1 (x86 de)
"MySQL Servers and Clients 4.0.21" = MySQL Servers and Clients 4.0.21
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PokerStars" = PokerStars
"QcDrv" = Logitech® Camera-Treiber
"SAM3" = SAM3 (remove only)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VLC media player" = VLC media player 1.1.11
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"XP Codec Pack" = XP Codec Pack
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.03.2012 14:29:25 | Computer Name = HIGHTECH-A492D2 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1396690332.
Error - 24.03.2012 15:20:42 | Computer Name = HIGHTECH-A492D2 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung chrome.exe, Version 17.0.963.83, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x00010f1e.
Error - 24.03.2012 16:16:53 | Computer Name = HIGHTECH-A492D2 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung chrome.exe, Version 17.0.963.83, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00a167aa.
Error - 24.03.2012 17:15:44 | Computer Name = HIGHTECH-A492D2 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung chrome.exe, Version 17.0.963.83, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x003467aa.
Error - 25.03.2012 04:08:37 | Computer Name = HIGHTECH-A492D2 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung chrome.exe, Version 17.0.963.83, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x017467b4.
Error - 25.03.2012 05:02:31 | Computer Name = HIGHTECH-A492D2 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung chrome.exe, Version 17.0.963.83, fehlgeschlagenes
Modul kernel32.dll, Version 5.1.2600.5781, Fehleradresse 0x0000b056.
Error - 25.03.2012 08:47:07 | Computer Name = HIGHTECH-A492D2 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung chrome.exe, Version 17.0.963.83, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x003467aa.
Error - 25.03.2012 10:06:08 | Computer Name = HIGHTECH-A492D2 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 25.03.2012 12:07:55 | Computer Name = HIGHTECH-A492D2 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.39.2, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 25.03.2012 12:10:02 | Computer Name = HIGHTECH-A492D2 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.39.2, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 07.03.2012 01:45:11 | Computer Name = HIGHTECH-A492D2 | Source = System Error | ID = 1003
Description = Fehlercode 0000009c, 1. Parameter 00000000, 2. Parameter f7ac3050,
3. Parameter a2000000, 4. Parameter 84010400.
Error - 07.03.2012 10:54:23 | Computer Name = HIGHTECH-A492D2 | Source = System Error | ID = 1003
Description = Fehlercode 100000d1, 1. Parameter 1438f7ef, 2. Parameter 00000006,
3. Parameter 00000000, 4. Parameter f7aafd3d.
Error - 07.03.2012 15:32:32 | Computer Name = HIGHTECH-A492D2 | Source = System Error | ID = 1003
Description = Fehlercode 0000001a, 1. Parameter 00041284, 2. Parameter 080e7001,
3. Parameter 0000862f, 4. Parameter c0503000.
Error - 08.03.2012 00:29:46 | Computer Name = HIGHTECH-A492D2 | Source = System Error | ID = 1003
Description = Fehlercode 0000009c, 1. Parameter 00000000, 2. Parameter 805545f0,
3. Parameter a2000000, 4. Parameter 84010400.
Error - 08.03.2012 00:49:10 | Computer Name = HIGHTECH-A492D2 | Source = System Error | ID = 1003
Description = Fehlercode 0000009c, 1. Parameter 00000000, 2. Parameter 805545f0,
3. Parameter a2000000, 4. Parameter 84010400.
Error - 08.03.2012 04:04:02 | Computer Name = HIGHTECH-A492D2 | Source = System Error | ID = 1003
Description = Fehlercode 10000050, 1. Parameter ff530c75, 2. Parameter 00000001,
3. Parameter 804dbe15, 4. Parameter 00000000.
Error - 10.03.2012 16:16:38 | Computer Name = HIGHTECH-A492D2 | Source = System Error | ID = 1003
Description = Fehlercode 100000be, 1. Parameter f77737af, 2. Parameter 06a20121,
3. Parameter 805572d0, 4. Parameter 0000000a.
Error - 13.03.2012 03:38:52 | Computer Name = HIGHTECH-A492D2 | Source = System Error | ID = 1003
Description = Fehlercode 0000009c, 1. Parameter 00000000, 2. Parameter f7ac3050,
3. Parameter a2000000, 4. Parameter 84010400.
Error - 15.03.2012 05:21:53 | Computer Name = HIGHTECH-A492D2 | Source = System Error | ID = 1003
Description = Fehlercode 1000008e, 1. Parameter c0000005, 2. Parameter 7fd98bf7,
3. Parameter f3e08954, 4. Parameter 00000000.
Error - 23.03.2012 15:15:56 | Computer Name = HIGHTECH-A492D2 | Source = DCOM | ID = 10010
Description = Der Server "{022105BD-948A-40C9-AB42-A3300DDF097F}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
< End of report >
--- --- --- |
