Also inhalt von Extras.Txt:OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 20.09.2012 16:35:52 - Run 1
OTL by OldTimer - Version 3.2.64.0 Folder = D:\Niki\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,92 Gb Available Physical Memory | 89,85% Memory free
4,41 Gb Paging File | 4,30 Gb Available in Paging File | 97,48% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Programme
Drive C: | 150,01 Gb Total Space | 91,53 Gb Free Space | 61,02% Space Free | Partition Type: NTFS
Drive D: | 781,51 Gb Total Space | 762,01 Gb Free Space | 97,50% Space Free | Partition Type: NTFS
Drive E: | 607,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MINI | User Name: Niki | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 3.Manage] -- "C:\Programme\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung
"80:TCP" = 80:TCP:*:Disabled:Windows-Remoteverwaltung - Kompatibilitätsmodus (HTTP eingehend)
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Electronic Arts\BattleForge\Bootstrapper.exe" = C:\Programme\Electronic Arts\BattleForge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher -- (EA Phenomic)
"C:\Programme\Electronic Arts\BattleForge\BattleForge.exe" = C:\Programme\Electronic Arts\BattleForge\BattleForge.exe:*:Enabled:BattleForge™ -- (EA Phenomic)
"C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server
"C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server
"C:\Programme\ITTerritory\DragonsDe\DwarClientDe.exe" = C:\Programme\ITTerritory\DragonsDe\DwarClientDe.exe:*:Enabled:DRACHENKRIEG
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"D:\Niki\Eigene Dateien\Downloads\facebook-pic00005267.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\Programme\Warcraft III\Warcraft III.exe" = C:\Programme\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Programme\PTC\PVX\i486_nt\obj\productview.exe" = C:\Programme\PTC\PVX\i486_nt\obj\productview.exe:*:Enabled:ProductView Express -- (PTC)
"C:\Programme\ProENGINEER Schools Edition\i486_nt\nms\nmsd.exe" = C:\Programme\ProENGINEER Schools Edition\i486_nt\nms\nmsd.exe:*:Enabled:Pro/ENGINEER Wildfire from PTC -- (PTC)
"C:\Programme\ProENGINEER Schools Edition\i486_nt\obj\pro_comm_msg.exe" = C:\Programme\ProENGINEER Schools Edition\i486_nt\obj\pro_comm_msg.exe:*:Enabled:Pro/ENGINEER Wildfire from PTC -- (PTC)
"C:\Programme\ProENGINEER Schools Edition\i486_nt\obj\xtop.exe" = C:\Programme\ProENGINEER Schools Edition\i486_nt\obj\xtop.exe:*:Enabled:Pro/ENGINEER Wildfire from PTC -- (PTC)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08F32589-5E39-42B8-8BC5-6A8126ED2A70}" = Microsoft Visual C++ 2008 Redistributable Package
"{09100081-2C94-4A67-8E55-8483C019C7D2}" = Microsoft Encarta 2009 - Enzyklopädie
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{17D6BCE2-757A-4A68-A5CD-032E557E1978}" = LightScribe Diagnostic Utility
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1B280FAF-AE10-4E31-A41A-DB3917D651DC}" = ACDSee Pro 3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43E57D32-0C22-4E90-8332-AA3B445E4CEC}_is1" = SGC 2.0.1.248
"{485C9280-B899-4D46-86F3-B3E459636EE5}" = Yu-Gi-Oh! Power of Chaos KAIBA THE REVENGE
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6294CE03-1A16-4610-891E-FDAF9A585A54}" = SA52xx Device Manager
"{63218538-4A69-497F-8455-904261B0E9E4}" = CorelDRAW Graphics Suite X3
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{7373184D-8E8F-4308-912A-3901071FA1AD}" = LightScribe Applications
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7727B4B6-6FAD-4C10-9DA3-664FABC2167E}" = Youda Farmer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7BF68B83-5057-4D4B-0093-28285EEB9EE3}" = Harry Potter II
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F831576-6246-42C7-B523-55B3F96509CC}" = LogMeIn
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8D8B167A-ED0F-43F1-AC10-3F4379F7CBBB}" = MediaConverter 2.5 for Philips
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00D1-0407-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (German)
"{917E73C2-C7DA-4C12-9774-A6A2730BCAAB}" = Worms Forts Under Siege
"{94824ADD-8F26-43D2-84DB-22E11F377E5E}" = Microsoft English TTS Engine
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96172E04-BB14-45F6-A77B-8EE7A421B903}" = SAPI Wrapper
"{97D0C0A1-7E64-4B05-A2EE-61D2CE23F154}" = TTS Wrapper
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A066194B-DC8F-449A-8E0F-B57BDD3A2072}" = SyncToy 2.1 (x86)
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6629839-6636-4998-95D6-2B0F52141861}_is1" = SGC 2.0.1.250
"{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}" = SweetIM Toolbar for Internet Explorer 4.2
"{A81A974F-8A22-43E6-9243-5198FF758DA1}" = SweetIM for Messenger 3.6
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96BFADF-A159-4395-8E9C-A9E2F059A3BB}" = Camtasia Studio 7
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BFF2D920-80F2-46E9-8246-79A20BB9D8B2}" = Crazy Machines - Neues aus dem Labor
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C82185E8-C27B-4EF4-2010-3333BC2C2B6D}" = Microsoft AutoRoute 2010
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{C9FB6FFC-B3D2-4AA0-AC05-73DB7796B638}" = DE
"{CA83357B-931E-44DC-AD43-9996FEEB8116}" = Acronis*True*Image
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU
"{D58D1297-B2FA-4C6F-B6D4-E1819368ED2E}" = Pro/ENGINEER Thumbnail Viewer 1.0
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8 Ultra Edition HD
"{D7D50E0C-27DD-4999-BC05-E026B580F93A}" = Electronic Arts Product Registration
"{DA9DAC64-C947-47BA-B411-8A1959B177CF}" = LightScribe System Software 1.14.25.1
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E6CB18CD-04EF-4C6A-A5F3-5F49E7332895}" = O&O Defrag Professional Edition
"{EDEFC3A2-350F-45F1-AC8E-2B3A2D352235}" = ProductView Express 9.1
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Applian FLV Player2.0.24" = Applian FLV Player
"avast" = avast! Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"BrotherSoft_Extreme Toolbar" = BrotherSoft Extreme Toolbar
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"Crossrider" = Crossrider Web Apps
"Deluxe Pacman_is1" = Deluxe Pacman v1.59
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Studio_is1" = Free Studio version 5.2.1
"Free YouTube Download_is1" = Free YouTube Download version 3.1.31.706
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.29.825
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III Complete
"HEROLD Telefonbuch CD home + route" = HEROLD Telefonbuch CD home + route
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}" = Electronic Arts Product Registration
"Juggernaut_is1" = Juggernaut (with media), version 1.0.10
"LimeWire" = LimeWire 5.5.14
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Neffy" = Neffy 1,3,29,0
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Norton Commander" = Norton Commander
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PHPNukeEN Toolbar" = PHPNukeEN Toolbar
"Plants vs. Zombies *" = Plants vs. Zombies *
"Pro/ENGINEER Schools Edition Release Wildfire 5.0 Datecode M040" = Pro/ENGINEER Schools Edition Release Wildfire 5.0 Datecode M040
"Puzzle Collection" = Microsoft Entertainment Pack: The Puzzle Collection
"Recuva" = Recuva
"tvbrowser" = TV-Browser 2.7.5
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.4
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WhiteSmoke Updater Service" = WhiteSmoke Updater Service
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinLiveSuite_Wave3" = Windows Live Essentials
"Winload Toolbar" = Winload Toolbar
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Youda Survivor 1.00" = Youda Survivor 1.00
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"Warcraft III" = Warcraft III: All Products
========== Last 20 Event Log Errors ==========
[ Antivirus Events ]
Error - 05.03.2010 11:59:50 | Computer Name = MINI | Source = avast! | ID = 33554522
Description =
Error - 05.03.2010 11:59:50 | Computer Name = MINI | Source = avast! | ID = 33554522
Description =
Error - 24.03.2010 14:51:20 | Computer Name = MINI | Source = avast! | ID = 33554522
Description =
Error - 24.03.2010 14:51:53 | Computer Name = MINI | Source = avast! | ID = 33554522
Description =
Error - 24.03.2010 14:51:53 | Computer Name = MINI | Source = avast! | ID = 33554522
Description =
Error - 24.03.2010 14:51:54 | Computer Name = MINI | Source = avast! | ID = 33554522
Description =
Error - 27.03.2010 09:01:24 | Computer Name = MINI | Source = avast! | ID = 33554522
Description =
Error - 27.03.2010 09:01:39 | Computer Name = MINI | Source = avast! | ID = 33554522
Description =
Error - 27.03.2010 09:01:39 | Computer Name = MINI | Source = avast! | ID = 33554522
Description =
Error - 27.03.2010 09:53:21 | Computer Name = MINI | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 13.09.2012 10:16:35 | Computer Name = MINI | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 13.09.2012 10:35:54 | Computer Name = MINI | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 13.09.2012 10:42:51 | Computer Name = MINI | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 13.09.2012 10:45:02 | Computer Name = MINI | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 16.09.2012 16:34:13 | Computer Name = MINI | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 17.09.2012 14:44:14 | Computer Name = MINI | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 18.09.2012 08:29:21 | Computer Name = MINI | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 19.09.2012 08:27:21 | Computer Name = MINI | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 19.09.2012 08:29:57 | Computer Name = MINI | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 20.09.2012 08:19:14 | Computer Name = MINI | Source = PerfNet | ID = 2002
Description = Der Redirectordienst konnte nicht geöffnet werden. Die Redirectorleistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
[ System Events ]
Error - 19.09.2012 13:01:04 | Computer Name = MINI | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Aavmker4 AmdK8 AsIO aswSnx aswSP aswTdi Fips
Error - 19.09.2012 13:33:05 | Computer Name = MINI | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 19.09.2012 13:35:29 | Computer Name = MINI | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 20.09.2012 08:19:18 | Computer Name = MINI | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Client Service für NetWare" wurde mit folgendem Fehler
beendet: %%2
Error - 20.09.2012 08:19:18 | Computer Name = MINI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Treiber für parallelen Anschluss" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 20.09.2012 08:19:18 | Computer Name = MINI | Source = Service Control Manager | ID = 7023
Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet: %%1747
Error - 20.09.2012 08:36:00 | Computer Name = MINI | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Aavmker4 AmdK8 AsIO aswSnx aswSP aswTdi Fips
Error - 20.09.2012 09:52:53 | Computer Name = MINI | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 20.09.2012 10:15:43 | Computer Name = MINI | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "iPod
Service" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden:
{063D34A4-BF84-4B8D-B699-E8CA06504DDE}
Error - 20.09.2012 10:15:45 | Computer Name = MINI | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "iPod
Service" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden:
{063D34A4-BF84-4B8D-B699-E8CA06504DDE}
< End of report >
--- --- ---
und von OTL.Txt:OTL Logfile: Code:
OTL logfile created on: 20.09.2012 16:35:52 - Run 1
OTL by OldTimer - Version 3.2.64.0 Folder = D:\Niki\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,92 Gb Available Physical Memory | 89,85% Memory free
4,41 Gb Paging File | 4,30 Gb Available in Paging File | 97,48% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Programme
Drive C: | 150,01 Gb Total Space | 91,53 Gb Free Space | 61,02% Space Free | Partition Type: NTFS
Drive D: | 781,51 Gb Total Space | 762,01 Gb Free Space | 97,50% Space Free | Partition Type: NTFS
Drive E: | 607,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MINI | User Name: Niki | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.09.20 16:35:01 | 000,600,064 | ---- | M] (OldTimer Tools) -- D:\Niki\Eigene Dateien\Downloads\OTL.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2002.12.31 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2012.09.12 15:06:00 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.16 18:58:22 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2012.04.30 16:42:34 | 000,549,744 | ---- | M] () [Auto | Stopped] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UpdaterService\wsupdsvc.exe -- (UpdaterService)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.12.20 22:08:27 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Programme\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2011.12.20 22:08:16 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Programme\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011.12.12 14:29:48 | 000,183,296 | ---- | M] () [Auto | Stopped] -- C:\Programme\Social Grammar Checker\ExtensionUpdaterService.exe -- (Social Grammar Checker Updater)
SRV - [2011.12.07 16:19:28 | 000,183,296 | ---- | M] () [Auto | Stopped] -- C:\Programme\SGC\ExtensionUpdaterService.exe -- (SGC Updater)
SRV - [2010.11.08 13:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Programme\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010.07.04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Stopped] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.12.16 19:26:00 | 003,453,712 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2009.05.04 19:11:49 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2008.11.04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.09.04 06:02:24 | 001,295,616 | ---- | M] (O&O Software GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2008.08.22 15:19:14 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008.06.24 16:05:56 | 000,537,896 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2008.04.17 14:14:00 | 000,102,712 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.10.26 14:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
SRV - [2005.10.04 01:39:26 | 000,172,032 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\xpsec.sys -- (xpsec)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\xcpip.sys -- (xcpip)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Atgrrowtu)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (amrqmdgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\0yyn6.sys -- (0yyn6.sys)
DRV - [2012.05.23 18:49:30 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2012.05.21 04:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudobex.sys -- (ssudobex)
DRV - [2012.05.21 04:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.05.21 04:09:00 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\windows\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.03.07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\windows\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.12.20 22:08:17 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010.06.14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.02.25 05:16:11 | 000,247,008 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2009.02.25 05:16:11 | 000,030,080 | ---- | M] (Acronis) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009.02.25 05:16:10 | 000,096,032 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2009.02.25 04:51:24 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.09.29 10:06:08 | 000,876,288 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008.08.24 21:22:40 | 000,014,208 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.08.05 06:29:28 | 000,039,456 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2008.08.01 05:36:26 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008.08.01 05:36:20 | 000,054,784 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008.07.24 18:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Stopped] -- C:\Programme\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008.07.24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.02.14 08:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.11.02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006.07.02 00:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.08.12 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Analysis of program downloads scanned for viruses and spyware.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {EC54184C-6983-4A3A-A907-867F36CE0483}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{BBF3793E-32F7-4C64-A7A4-E96AFD47C811}: "URL" = Analysis of program downloads scanned for viruses and spyware.
IE - HKLM\..\SearchScopes\{EC54184C-6983-4A3A-A907-867F36CE0483}: "URL" = Analysis of program downloads scanned for viruses and spyware.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Facemoods Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A4 C4 B3 2E FE CC C9 01 [binary data]
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Programme\BrotherSoft_Extreme\prxtbBro2.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Programme\PHPNukeEN\prxtbPHP2.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCfox000&fl=0&ptb=Kl_EIC5NhHHPDS6sH.9axw&url=hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=sb&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
IE - HKCU\..\SearchScopes\{BBF3793E-32F7-4C64-A7A4-E96AFD47C811}: "URL" = Analysis of program downloads scanned for viruses and spyware.
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=APL
IE - HKCU\..\SearchScopes\{EC54184C-6983-4A3A-A907-867F36CE0483}: "URL" = Analysis of program downloads scanned for viruses and spyware.
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "hxxp://downloads.phpnuke.org/en/index.php?rvs=hompag"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/"
FF - prefs.js..extensions.enabledAddons: fbosf@nolofone.com:2.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: fbdislike@doweb.fr:1.2.3
FF - prefs.js..extensions.enabledItems: {53724739-8c9b-4b6d-904d-de60ae2a431c}:1.1.6
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..keyword.URL: "hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCfox000&fl=0&ptb=Kl_EIC5NhHHPDS6sH.9axw&url=hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ptc.com/ProductViewLite: C:\Programme\Gemeinsame Dateien\PTC\np6_pvapplite9.dll (PTC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Niki\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Programme\Google\Google Gears\Firefox\ [2010.03.19 20:57:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A6629839-6636-4998-95D6-2B0F52141861}: C:\Programme\Social Grammar Checker\Firefox [2011.12.12 20:09:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{43E57D32-0C22-4E90-8332-AA3B445E4CEC}: C:\Programme\SGC\Firefox [2011.12.07 20:09:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\crossriderapp435@crossrider.com: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CodecCheck\firefox [2011.12.18 23:06:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Programme\Alwil Software\Avast5\WebRep\FF [2012.04.13 05:15:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.09.12 15:06:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.04.06 12:17:53 | 000,000,000 | ---D | M]
[2010.10.05 21:33:17 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Extensions
[2010.10.05 21:33:17 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Extensions\mozswing@mozswing.org
[2012.08.22 12:23:04 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions
[2010.10.08 19:20:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.08.22 12:22:58 | 000,000,000 | ---D | M] (Winload Community Toolbar) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2012.08.22 12:23:04 | 000,000,000 | ---D | M] (BrotherSoft Extreme Community Toolbar) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
[2012.08.22 12:22:41 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012.08.22 12:22:47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.10 21:25:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.08.22 12:22:52 | 000,000,000 | ---D | M] (PHPNukeEN Community Toolbar) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}
[2010.07.23 23:09:43 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.03.10 18:28:12 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2011.12.18 23:04:50 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.05.07 13:57:26 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\engine@conduit.com
[2009.10.06 17:48:49 | 000,000,000 | ---D | M] ("PennerBar") -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\pennerbar3@pennergame.de
[2012.08.20 11:23:07 | 000,207,494 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\fbdislike@doweb.fr.xpi
[2012.06.20 17:36:11 | 000,052,005 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\extensions\fbosf@nolofone.com.xpi
[2011.12.18 23:04:41 | 000,003,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Mozilla\Firefox\Profiles\9yfmpxgh.default\searchplugins\sweetim.xml
[2012.05.04 14:25:20 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.12 15:06:02 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.04.05 20:21:29 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll
[2012.03.06 19:02:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.12 15:05:54 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.03.06 19:02:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 20:42:29 | 000,002,048 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.03.06 19:02:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.06 19:02:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.06 19:02:12 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.10.05 21:38:30 | 000,421,098 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 全讯网,åšå½©ä¼˜æƒ*,皇å†*æ*£ç½‘cr67com,皇å†*比分,皇å†*å³æ—¶æŒ‡æ•°,太阳城代ç†112scg,tt娱ä¹åŸŽ8bc8,网上真钱娱
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf!
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14523 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (SGC) - {43E57D32-0C22-4E90-8332-AA3B445E4CEC} - C:\Programme\SGC\Extension32.dll ()
O2 - BHO: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Programme\BrotherSoft_Extreme\prxtbBro2.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (SGC) - {A6629839-6636-4998-95D6-2B0F52141861} - C:\Programme\Social Grammar Checker\Extension32.dll ()
O2 - BHO: (CrossRider) - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Programme\CrossriderWebApps\Crossrider.dll ()
O2 - BHO: (PHPNukeEN Toolbar) - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Programme\PHPNukeEN\prxtbPHP2.dll (Conduit Ltd.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Programme\BrotherSoft_Extreme\prxtbBro2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (PHPNukeEN Toolbar) - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Programme\PHPNukeEN\prxtbPHP2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BrotherSoft Extreme Toolbar) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - C:\Programme\BrotherSoft_Extreme\prxtbBro2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PHPNukeEN Toolbar) - {DD02A4EB-4AFD-4D60-99D8-E67F964CA813} - C:\Programme\PHPNukeEN\prxtbPHP2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Programme\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [{9B480B0D-40FB-D360-7414-B59C6831C8D4}] "C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Egxy\zouq.exe" File not found
O4 - HKCU..\Run: [CrossRiderPlugin] C:\Programme\CrossriderWebApps\Crossrider.exe (Crossrider)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [KiesAirMessage] C:\Programme\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesHelper] C:\Programme\Samsung\Kies\KiesHelper.exe /s File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [lcijwwancrqdfnu] C:\WINDOWS\lcijwwan.exe ()
O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe File not found
O4 - HKCU..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\windows\System32\Macromed\Flash\FlashUtil32_11_3_300_271_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O8 - Extra context menu item: &Search - hxxp://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCfox000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Web-Suche - C:\Programme\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Encarta Suchleiste - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1286248744437 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1286248736156 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE56DB4E-25ED-4D59-AD86-39CC5A0593AC}: NameServer = 192.168.1.1,195.3.96.67
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\windows\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Niki\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Niki\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - C:\windows\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.01.26 04:38:22 | 000,528,384 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2003.09.10 14:16:12 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{bc47df5b-430d-11de-ba6e-002215b8247c}\Shell - "" = AutoRun
O33 - MountPoints2\{bc47df5b-430d-11de-ba6e-002215b8247c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bc47df5b-430d-11de-ba6e-002215b8247c}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O34 - HKLM BootExecute: (aswBoot.exe /M:80e3799a)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73E0820B-CCCC-4D71-D68C-2BD3842916B0} - Java (Sun)
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: LanmanWorkstation - File not found
NetSvcs: Messenger - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma Loader.lnk - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Windows Search.lnk - C:\Programme\Windows Desktop Search\WindowsSearch.exe - (Microsoft Corporation)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ArcSoft Connection Service - hkey= - key= - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
MsConfig - StartUpReg: Ask and Record FLV Service - hkey= - key= - File not found
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Programme\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: LogMeIn GUI - hkey= - key= - C:\Programme\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
MsConfig - StartUpReg: NBKeyScan - hkey= - key= - C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: NPSStartup - hkey= - key= - File not found
MsConfig - StartUpReg: nwiz - hkey= - key= - File not found
MsConfig - StartUpReg: OODefragTray - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10
========== Files/Folders - Created Within 30 Days ==========
[2012.09.13 15:47:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ehslkhgncqlumjx
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.20 16:31:27 | 000,002,399 | ---- | M] () -- D:\Niki\Desktop\vba.ini
[2012.09.20 16:20:20 | 000,043,520 | ---- | M] () -- C:\windows\System32\CmdLineExt03.dll
[2012.09.20 16:20:07 | 000,001,324 | ---- | M] () -- C:\windows\System32\d3d9caps.dat
[2012.09.20 14:34:38 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2012.09.20 14:34:24 | 000,664,040 | ---- | M] () -- C:\windows\System32\oodbs.lor
[2012.09.19 14:30:29 | 000,001,086 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.19 14:30:25 | 000,000,276 | ---- | M] () -- C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-861567501-1897051121-682003330-1005.job
[2012.09.19 14:30:25 | 000,000,268 | ---- | M] () -- C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-861567501-1897051121-682003330-1004.job
[2012.09.16 22:34:01 | 000,002,228 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2012.09.13 15:52:00 | 000,001,090 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.13 15:47:08 | 000,074,128 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\bvsqfayqifidlwn
[2012.09.13 15:46:59 | 000,075,776 | ---- | M] () -- C:\windows\lcijwwan.exe
[2012.09.13 15:46:59 | 000,075,776 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lcijwwan.exe
[2012.09.13 14:58:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012.09.11 19:49:04 | 000,000,276 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
[2012.09.02 18:54:00 | 000,000,276 | ---- | M] () -- C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-861567501-1897051121-682003330-1004.job
[2012.09.01 00:46:21 | 000,000,848 | ---- | M] () -- D:\Niki\Desktop\Free YouTube to MP3 Converter.lnk
[2012.08.24 15:58:36 | 000,405,152 | ---- | M] (Newtonsoft) -- C:\windows\System32\Newtonsoft.Json.Net20.dll
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.13 15:47:06 | 000,075,776 | ---- | C] () -- C:\windows\lcijwwan.exe
[2012.09.13 15:47:06 | 000,075,776 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lcijwwan.exe
[2012.09.13 15:47:00 | 000,074,128 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\bvsqfayqifidlwn
[2012.07.09 18:13:10 | 000,819,200 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2012.07.09 18:13:10 | 000,180,224 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2012.06.12 22:34:18 | 000,618,592 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-861567501-1897051121-682003330-1004-0.dat
[2012.06.12 22:34:17 | 000,398,638 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.05.23 18:49:34 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2012.04.11 17:52:56 | 000,000,066 | ---- | C] () -- C:\Dokumente und Einstellungen\Niki\jagex_cl_runescape_LIVE1.dat
[2012.01.27 14:32:16 | 000,076,692 | -H-- | C] () -- C:\windows\System32\mlfcache.dat
[2011.10.25 16:42:35 | 000,000,040 | ---- | C] () -- C:\Dokumente und Einstellungen\Niki\jagex_cl_runescape_LIVE.dat
[2011.09.29 17:17:58 | 000,000,025 | ---- | C] () -- C:\windows\popcinfot.dat
[2011.09.29 17:17:58 | 000,000,000 | ---- | C] () -- C:\windows\popcreg.dat
[2011.06.23 14:38:45 | 000,679,344 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.06.13 13:57:44 | 000,000,032 | R--- | C] () -- C:\windows\hash.dat
[2011.06.07 11:13:38 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll
[2011.06.07 11:13:38 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll
[2011.06.07 11:13:38 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll
[2011.06.07 11:13:38 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll
[2011.02.02 18:24:58 | 000,043,520 | ---- | C] () -- C:\windows\System32\CmdLineExt03.dll
[2010.10.12 17:24:30 | 000,000,129 | ---- | C] () -- C:\Dokumente und Einstellungen\Niki\jagex_runescape_preferences2.dat
[2010.10.12 17:24:08 | 000,000,046 | ---- | C] () -- C:\Dokumente und Einstellungen\Niki\jagex_runescape_preferences.dat
[2010.10.05 05:09:45 | 000,232,968 | ---- | C] () -- C:\windows\System32\nvdrsdb0.bin
[2010.10.05 05:09:43 | 000,232,968 | ---- | C] () -- C:\windows\System32\nvdrsdb1.bin
[2010.10.05 05:09:43 | 000,000,001 | ---- | C] () -- C:\windows\System32\nvdrssel.bin
[2010.10.05 05:09:05 | 002,195,030 | ---- | C] () -- C:\windows\System32\nvdata.bin
[2010.10.05 03:55:35 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll
[2010.10.05 00:38:30 | 000,000,319 | ---- | C] () -- C:\windows\wininit.ini
[2009.10.10 19:28:21 | 000,001,500 | ---- | C] () -- C:\Dokumente und Einstellungen\Niki\.recently-used.xbel
[2009.10.01 17:49:07 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\$_hpcst$.hpc
[2009.07.26 21:57:44 | 000,034,304 | ---- | C] () -- C:\Dokumente und Einstellungen\Niki\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.05 19:57:41 | 000,000,064 | ---- | C] () -- C:\Dokumente und Einstellungen\Niki\.gtk-bookmarks
[2009.05.07 20:14:00 | 007,349,656 | ---- | C] () -- C:\Programme\FLV PlayerATBSetup.exe
========== ZeroAccess Check ==========
[2009.02.25 04:41:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
========== LOP Check ==========
[2010.10.05 05:07:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ACD Systems
[2010.09.25 15:27:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2011.12.18 23:00:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2011.11.13 20:01:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Big Fish Games
[2011.12.18 23:02:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CodecCheck
[2009.02.25 04:54:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2012.09.13 15:47:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ehslkhgncqlumjx
[2011.12.18 23:07:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2009.05.04 23:28:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2011.12.24 12:23:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LogMeIn
[2009.10.01 17:52:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2011.09.29 17:18:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2011.12.18 23:00:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Premium
[2012.06.11 17:10:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2011.12.20 22:28:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
[2010.06.22 16:47:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TechSmith
[2011.04.05 19:02:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2012.04.30 16:42:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UpdaterService
[2010.10.05 03:57:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010.10.05 04:46:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.05.22 20:25:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009.05.04 23:22:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\ACD Systems
[2012.05.24 21:36:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\AUTOSICH
[2011.12.18 23:00:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Babylon
[2011.12.20 22:28:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\BabylonToolbar
[2009.05.04 23:19:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\DAEMON Tools
[2009.05.04 23:20:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\DAEMON Tools Lite
[2009.05.04 23:19:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\DAEMON Tools Pro
[2012.09.01 00:46:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\DVDVideoSoft
[2012.04.11 20:54:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.01.10 18:27:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Egxy
[2009.05.08 20:00:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\FOG Downloader
[2011.06.26 15:24:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\GetRightToGo
[2009.10.10 19:28:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\gtk-2.0
[2011.01.05 19:48:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Icig
[2009.09.03 18:29:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\InterVideo
[2012.07.09 19:30:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\ITTerritory
[2011.09.23 15:44:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\LimeWire
[2012.06.15 23:36:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\OpenCandy
[2010.12.20 19:42:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\OpenOffice.org
[2009.10.01 17:52:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\PC Suite
[2012.05.10 19:51:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\PriceGong
[2011.10.10 15:06:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\PTC
[2012.01.28 15:31:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\redsn0w
[2012.06.11 16:58:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Samsung
[2012.06.11 22:06:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Temp
[2012.06.21 16:48:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Unity
[2009.05.04 23:15:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Windows Desktop Search
[2009.05.07 21:21:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\Windows Search
[2011.04.03 16:38:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Niki\Anwendungsdaten\YoudaGames
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2010.03.09 19:00:49 | 000,000,000 | ---D | M] -- C:\.jagex_cache_32
[2011.12.18 23:06:51 | 000,000,000 | ---D | M] -- C:\codec-info
[2010.10.04 21:55:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2010.11.12 16:40:59 | 000,000,000 | ---D | M] -- C:\Gamplifier
[2009.02.25 05:19:12 | 000,000,000 | ---D | M] -- C:\Install
[2009.02.25 04:56:17 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2010.10.05 05:09:00 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2010.09.09 19:52:09 | 000,000,000 | ---D | M] -- C:\Program Files
[2012.09.20 16:03:28 | 000,000,000 | R--D | M] -- C:\Programme
[2011.10.08 17:44:31 | 000,000,000 | ---D | M] -- C:\PTC
[2010.10.05 21:27:18 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2009.02.25 03:26:13 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.06.11 20:28:04 | 000,000,000 | ---D | M] -- C:\Temp
[2012.09.20 16:03:16 | 000,000,000 | ---D | M] -- C:\WINDOWS
[2011.12.04 03:50:09 | 000,000,000 | ---D | M] -- C:\Zylom Games
< %PROGRAMFILES%\*.exe >
[2009.05.07 20:14:37 | 007,349,656 | ---- | M] () -- C:\Programme\FLV PlayerATBSetup.exe
Invalid Environment Variable: LOCALAPPDATA
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2002.12.31 14:00:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\h323.tsp
[2002.12.31 14:00:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2002.12.31 14:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ipconf.tsp
[2002.12.31 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2002.12.31 14:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2002.12.31 14:00:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2002.12.31 14:00:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[2009.02.25 03:21:25 | 000,000,065 | RH-- | C] () -- C:\windows\Tasks\desktop.ini
[2009.02.25 03:26:12 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.01 15:29:48 | 000,001,086 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009.07.01 15:29:49 | 000,001,090 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2010.10.05 04:12:44 | 000,000,284 | ---- | C] () -- C:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-861567501-1897051121-682003330-1005.job
[2010.10.05 04:12:47 | 000,000,276 | ---- | C] () -- C:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-861567501-1897051121-682003330-1005.job
[2010.11.27 22:38:38 | 000,000,268 | ---- | C] () -- C:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-861567501-1897051121-682003330-1004.job
[2010.11.27 22:38:38 | 000,000,276 | ---- | C] () -- C:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-861567501-1897051121-682003330-1004.job
[2012.01.26 19:57:58 | 000,000,276 | ---- | C] () -- C:\windows\Tasks\AppleSoftwareUpdate.job
[2012.04.01 16:08:45 | 000,000,884 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
< MD5 for: AGP440.SYS >
[2002.12.31 14:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2002.12.31 14:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002.12.31 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2002.12.31 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2002.12.31 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2002.12.31 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2002.12.31 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: NETLOGON.DLL >
[2002.12.31 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2002.12.31 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2002.12.31 14:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2002.12.31 14:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: USER32.DLL >
[2002.12.31 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\dllcache\user32.dll
[2002.12.31 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2002.12.31 14:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2002.12.31 14:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2002.12.31 14:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2002.12.31 14:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2002.12.31 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2002.12.31 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.02.25 04:51:24 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.02.25 04:13:51 | 000,094,208 | ---- | M] () -- C:\windows\System32\config\default.sav
[2009.02.25 04:13:51 | 001,089,536 | ---- | M] () -- C:\windows\System32\config\software.sav
[2009.02.25 04:13:51 | 000,454,656 | ---- | M] () -- C:\windows\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
< %USERPROFILE%\*.* >
[2009.07.05 19:57:41 | 000,000,064 | ---- | M] () -- C:\Dokumente und Einstellungen\Niki\.gtk-bookmarks
[2009.10.10 19:28:21 | 000,001,500 | ---- | M] () -- C:\Dokumente und Einstellungen\Niki\.recently-used.xbel
[2012.07.19 18:37:55 | 000,000,040 | ---- | M] () -- C:\Dokumente und Einstellungen\Niki\jagex_cl_runescape_LIVE.dat
[2012.05.13 00:45:09 | 000,000,066 | ---- | M] () -- C:\Dokumente und Einstellungen\Niki\jagex_cl_runescape_LIVE1.dat
[2012.05.13 00:45:09 | 000,000,046 | ---- | M] () -- C:\Dokumente und Einstellungen\Niki\jagex_runescape_preferences.dat
[2012.05.13 00:46:12 | 000,000,129 | ---- | M] () -- C:\Dokumente und Einstellungen\Niki\jagex_runescape_preferences2.dat
[2012.09.19 19:35:30 | 011,796,480 | -H-- | M] () -- C:\Dokumente und Einstellungen\Niki\NTUSER.DAT
[2012.09.20 16:35:05 | 000,507,904 | -H-- | M] () -- C:\Dokumente und Einstellungen\Niki\ntuser.dat.LOG
[2012.09.19 19:35:30 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Niki\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2010.06.24 11:02:00 | 001,852,032 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1
< End of report >
--- --- --- |
