Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can browse the internet but cannot connect to online games [Solved]


  • This topic is locked This topic is locked

#16
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Please run OTL again and select all users then click quick scan.


Post OTL.txt and I will check it for remnants!
  • 0

Advertisements


#17
Modin

Modin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
OTL logfile created on: 16.07.2012 21:29:06 - Run 5
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,25 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 33,90% Memory free
5,09 Gb Paging File | 2,39 Gb Available in Paging File | 46,89% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 6,07 Gb Free Space | 20,71% Space Free | Partition Type: NTFS
Drive D: | 98,70 Gb Total Space | 15,94 Gb Free Space | 16,15% Space Free | Partition Type: NTFS
Drive E: | 8,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MARTIN | User Name: Mörtl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.07.12 21:16:55 | 000,008,704 | ---- | M] (Hi-Rez Studios) -- D:\Games\Smite\HiPatchService.exe
PRC - [2012.07.10 18:56:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\Downloads\OTL.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.06.25 12:41:33 | 000,144,384 | ---- | M] (Adobe Systems Inc.) -- D:\Games\League of Legends\rads\projects\lol_air_client\releases\0.0.0.171\deploy\LolClient.exe
PRC - [2012.06.25 12:26:49 | 002,686,976 | ---- | M] () -- D:\Games\League of Legends\rads\projects\lol_launcher\releases\0.0.0.76\deploy\LoLLauncher.exe
PRC - [2012.06.23 12:21:19 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.06.22 11:02:54 | 003,556,864 | ---- | M] (X-Legend Entertaimment) -- D:\Games\GrandFantasia-DE\GrandFantasia.exe
PRC - [2012.06.17 20:03:28 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.05.26 06:32:44 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.26 14:33:38 | 003,111,744 | ---- | M] (DT Soft Ltd) -- D:\Programme\DAEMON Tools Pro\DTAgent.exe
PRC - [2012.04.26 14:33:16 | 002,743,104 | ---- | M] (DT Soft Ltd) -- D:\Programme\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.29 15:40:42 | 001,294,336 | ---- | M] () -- D:\Games\League of Legends\rads\system\rads_user_kernel.exe
PRC - [2011.01.05 23:23:48 | 000,222,568 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010.12.14 17:44:20 | 000,216,456 | ---- | M] (Geek Software GmbH) -- D:\Programme\pdf24\pdf24.exe
PRC - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.02.01 22:51:56 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.02.01 22:51:52 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2010.01.14 00:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- D:\Programme\Winamp\winampa.exe
PRC - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe
PRC - [2008.06.25 14:13:48 | 005,625,344 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.05.12 00:33:52 | 000,479,232 | ---- | M] (Hewlett-Packard Co.) -- D:\Programme\HP\Digital Imaging\bin\hpqimzone.exe


========== Modules (No Company Name) ==========

MOD - [2012.06.30 22:27:40 | 009,459,912 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
MOD - [2012.06.25 12:26:49 | 002,686,976 | ---- | M] () -- D:\Games\League of Legends\rads\projects\lol_launcher\releases\0.0.0.76\deploy\LoLLauncher.exe
MOD - [2012.06.17 20:03:27 | 002,042,848 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.06.14 12:07:29 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012.06.14 00:56:42 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.06.14 00:48:36 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_661ee55a\system.drawing.dll
MOD - [2012.06.14 00:48:30 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_4759fd05\system.windows.forms.dll
MOD - [2012.06.14 00:48:20 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012.05.16 01:03:28 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012.05.16 01:02:34 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.05.16 01:00:38 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.16 00:58:59 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.16 00:58:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.05.16 00:53:21 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_381d9d0c\mscorlib.dll
MOD - [2012.05.16 00:53:15 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_afb934ab\system.xml.dll
MOD - [2012.05.16 00:53:07 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_5dbeca5b\system.dll
MOD - [2012.05.16 00:53:03 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012.05.16 00:53:02 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- D:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.10.29 15:40:42 | 001,294,336 | ---- | M] () -- D:\Games\League of Legends\rads\system\rads_user_kernel.exe
MOD - [2010.05.06 17:53:39 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.05.06 17:53:39 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.05.06 17:53:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2010.04.25 12:57:36 | 000,970,752 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2010.04.25 01:44:53 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2010.04.22 15:27:02 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2010.04.22 15:27:02 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_de_a53cf5803f4c3827\hpqisrtb.resources.dll
MOD - [2010.04.22 15:27:00 | 000,774,144 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2010.04.22 15:26:59 | 000,294,912 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_de_a53cf5803f4c3827\hpqbakup.resources.dll
MOD - [2010.04.22 15:26:46 | 000,380,928 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2010.04.22 15:26:46 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_de_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2010.04.22 15:26:24 | 001,032,192 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2010.04.22 15:26:24 | 000,331,776 | ---- | M] () -- c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_de_a53cf5803f4c3827\hpqedit.resources.dll
MOD - [2010.04.22 15:26:23 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2010.04.22 15:26:22 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2010.04.22 15:26:20 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2010.04.22 15:26:17 | 000,512,000 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2010.04.22 15:26:17 | 000,015,360 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\3.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2010.04.22 15:26:17 | 000,010,752 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\3.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2010.04.22 15:26:16 | 000,364,544 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2010.04.22 15:26:16 | 000,188,416 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2010.04.22 15:26:16 | 000,135,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_de_a53cf5803f4c3827\hpqcc2.resources.dll
MOD - [2010.04.22 15:26:16 | 000,122,880 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_de_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2010.04.22 15:26:16 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2010.04.22 15:26:16 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2010.04.22 15:26:16 | 000,045,056 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2010.04.22 15:26:16 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2010.04.22 15:26:16 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2010.04.22 15:26:16 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2010.04.22 15:26:16 | 000,012,800 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_de_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2010.04.22 15:26:15 | 000,589,824 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2010.04.22 15:24:57 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2010.04.22 15:24:57 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2010.04.22 15:24:57 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_de_a53cf5803f4c3827\hpqprrsc.resources.dll
MOD - [2010.04.22 15:24:56 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2010.04.22 15:24:56 | 000,225,280 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2010.04.22 15:24:56 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2010.04.22 15:24:56 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2010.04.22 15:24:56 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2010.04.22 15:24:56 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2010.04.22 15:24:56 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2010.04.22 15:24:56 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2010.04.22 15:24:56 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2010.04.22 15:24:19 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.04.22 15:24:19 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_de_b77a5c561934e089\system.resources.dll
MOD - [2010.04.22 15:23:35 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2010.03.15 16:57:20 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- D:\Programme\WinRAR\RarExt.dll
MOD - [2009.07.30 09:36:26 | 000,157,696 | ---- | M] () -- D:\Games\GrandFantasia-DE\CrashRpt.dll
MOD - [2008.06.25 14:13:48 | 005,625,344 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe
MOD - [2008.04.15 10:07:34 | 000,053,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.07.20 17:06:42 | 000,217,088 | ---- | M] () -- D:\Games\GrandFantasia-DE\data\MILES\mssvoice.asi
MOD - [2006.07.20 17:05:20 | 000,112,640 | ---- | M] () -- D:\Games\GrandFantasia-DE\data\MILES\msseax.flt
MOD - [2006.07.20 17:05:20 | 000,039,936 | ---- | M] () -- D:\Games\GrandFantasia-DE\data\MILES\mssds3d.flt
MOD - [2006.07.20 17:04:52 | 000,150,016 | ---- | M] () -- D:\Games\GrandFantasia-DE\data\MILES\mssmp3.asi
MOD - [2006.07.20 17:03:48 | 000,028,160 | ---- | M] () -- D:\Games\GrandFantasia-DE\data\MILES\mssdolby.flt
MOD - [2006.07.20 17:03:46 | 000,380,416 | ---- | M] () -- D:\Games\GrandFantasia-DE\mss32.dll
MOD - [2006.07.20 17:03:46 | 000,113,664 | ---- | M] () -- D:\Games\GrandFantasia-DE\data\MILES\mssdsp.flt
MOD - [2006.07.20 17:03:46 | 000,042,496 | ---- | M] () -- D:\Games\GrandFantasia-DE\data\MILES\msssrs.flt
MOD - [2006.04.27 11:34:12 | 000,029,184 | ---- | M] () -- D:\Games\GrandFantasia-DE\WebBrowser.dll
MOD - [2006.01.10 10:50:20 | 000,024,576 | R--- | M] () -- C:\WINDOWS\system32\AsIO.dll
MOD - [2005.05.11 16:39:32 | 000,565,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\pngio.dll
MOD - [2005.02.05 05:02:46 | 000,053,760 | ---- | M] () -- D:\Games\GrandFantasia-DE\zlib.dll


========== Win32 Services (SafeList) ==========

SRV - [2012.07.12 21:16:55 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- D:\Games\Smite\HiPatchService.exe -- (HiPatchService)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.06.23 12:21:19 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.06.17 20:03:28 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.08 15:13:28 | 000,185,856 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.05 23:23:48 | 000,222,568 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.02.24 22:01:00 | 003,432,444 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2004.09.29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Programme\Garena Classic\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (azo1oiei)
DRV - [2012.07.08 19:37:07 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.08.30 17:28:46 | 006,435,432 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011.01.05 23:23:40 | 000,042,112 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2011.01.03 10:38:36 | 000,136,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.01.03 10:38:36 | 000,121,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011.01.03 10:38:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010.12.21 07:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.12.21 07:55:02 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2010.12.21 07:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010.12.21 07:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010.12.19 13:33:03 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.12.19 13:32:54 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.12.19 13:32:54 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.04.01 04:50:10 | 000,103,424 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FXX\qcusbser.sys -- (qcusbser)
DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.03.17 14:24:06 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2008.06.25 18:47:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://leagueoflegends.com/
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://www.google.co...ch?hl=en-GB&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\11002 [2012.03.20 12:43:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Programme\Web Assistant\Firefox [2012.06.30 16:12:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.07.10 17:42:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.07.10 17:42:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\11002 [2012.03.20 12:43:06 | 000,000,000 | ---D | M]

[2010.04.22 16:13:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Extensions
[2012.06.30 16:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\extensions
[2012.07.14 21:19:42 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions
[2010.07.25 10:11:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.25 18:35:55 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.31 22:03:38 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\[email protected]
[2012.06.30 16:07:00 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\[email protected]
[2012.07.14 19:34:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.10.07 14:41:45 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MöRTL\ANWENDUNGSDATEN\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\[email protected]
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MöRTL\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ZZITQSK4.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MöRTL\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ZZITQSK4.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MöRTL\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ZZITQSK4.DEFAULT\EXTENSIONS\[email protected]
[2012.06.30 16:12:29 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAMME\WEB ASSISTANT\FIREFOX
[2012.06.17 20:03:29 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.17 20:03:24 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.17 20:03:24 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.17 20:03:24 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.17 20:03:23 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.17 20:03:23 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.17 20:03:23 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Programme\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Anwendungsdaten\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Programme\DNA\plugins\npbtdna.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programme\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: General Crawler = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: Web Assistant = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: GoPhoto.it = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.1_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: General Crawler = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: Web Assistant = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: GoPhoto.it = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.1_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.07.15 21:45:43 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Aeria Ignite] C:\Programme\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LifeCam] C:\Programme\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PDFPrint] D:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [Six Engine] C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe ()
O4 - HKLM..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1993962763-746137067-839522115-1003..\Run: [Akamai NetSession Interface] C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-1993962763-746137067-839522115-1003..\Run: [DAEMON Tools Pro Agent] D:\Programme\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1993962763-746137067-839522115-1003..\Run: [Media Finder] "C:\Programme\Media Finder\Media Finder.exe" /opentotray File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk = D:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Dokumente und Einstellungen\Mörtl\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-746137067-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-1993962763-746137067-839522115-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1340790576406 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6293937-AC61-425D-9EAE-F1BF34B1623E}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.04.22 15:09:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011.11.23 18:38:29 | 000,000,000 | R--D | M] - E:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2011.11.23 18:38:29 | 006,567,544 | R--- | M] (UBISOFT) - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2011.11.23 18:38:29 | 000,147,034 | R--- | M] () - E:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2011.11.23 18:38:29 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{3dc32e40-c925-11e1-bc97-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{3dc32e40-c925-11e1-bc97-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3dc32e40-c925-11e1-bc97-806d6172696f}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2011.11.23 18:38:29 | 006,567,544 | R--- | M] (UBISOFT)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.07.16 21:05:16 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2012.07.16 21:05:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AeriaGames
[2012.07.16 21:05:14 | 000,000,000 | ---D | C] -- C:\Programme\Aeria Games
[2012.07.16 21:05:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Aeria Games & Entertainment
[2012.07.16 20:43:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai
[2012.07.16 20:43:00 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012.07.15 21:51:31 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.07.10 19:07:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012.07.10 18:32:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Chromium
[2012.07.10 18:32:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\My Games
[2012.07.10 17:56:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hi-Rez Studios
[2012.07.10 17:56:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Hi-Rez Studios
[2012.07.10 17:56:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Application Data
[2012.07.10 15:50:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\NetSpeedMonitor
[2012.07.10 15:34:42 | 000,000,000 | ---D | C] -- C:\Programme\NetSpeedMonitor
[2012.07.10 10:31:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Avira
[2012.07.10 10:26:22 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012.07.10 10:26:20 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.07.10 10:26:20 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.07.10 10:26:20 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.07.10 10:26:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2012.07.09 09:29:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Ubisoft
[2012.07.08 21:27:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\Assassin's Creed Revelations
[2012.07.08 20:47:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PunkBuster
[2012.07.08 20:47:14 | 000,000,000 | ---D | C] -- C:\Programme\Ubisoft
[2012.07.08 19:37:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DAEMON Tools Pro
[2012.07.08 19:36:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro
[2012.06.30 20:54:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.06.30 16:17:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Media Finder
[2012.06.30 16:13:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Premium
[2012.06.30 16:12:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OptimizerPro
[2012.06.30 16:12:29 | 000,000,000 | ---D | C] -- C:\Programme\Web Assistant
[2012.06.30 16:11:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2012.06.30 16:07:02 | 000,000,000 | ---D | C] -- C:\Programme\Gophoto.it
[2012.06.30 16:05:55 | 000,000,000 | ---D | C] -- C:\Programme\1ClickDownload
[2012.06.26 10:48:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.06.25 12:05:04 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Mörtl\Recent
[2012.06.25 10:21:26 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Mörtl\PrivacIE
[2012.06.23 12:22:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Sun
[2012.06.23 12:22:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.06.23 12:21:53 | 000,000,000 | ---D | C] -- C:\Programme\Oracle
[2012.06.23 12:21:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Oracle
[2012.06.21 22:11:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Plants vs. Zombies
[2012.06.21 14:13:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2012.06.21 14:13:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Games
[2012.06.21 14:11:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Big Fish Games
[2012.06.21 14:09:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BigFishGamesCache

========== Files - Modified Within 30 Days ==========

[2012.07.16 21:05:15 | 000,001,725 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aeria Ignite.lnk
[2012.07.16 21:04:03 | 000,001,210 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-746137067-839522115-1003UA.job
[2012.07.16 21:04:01 | 000,001,158 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-746137067-839522115-1003Core.job
[2012.07.16 10:00:57 | 000,527,534 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.07.16 10:00:57 | 000,502,744 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.16 10:00:57 | 000,088,268 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.07.16 10:00:56 | 000,105,628 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.07.16 09:58:26 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2012.07.16 09:56:59 | 000,198,612 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.07.16 09:56:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.15 21:45:43 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.07.14 07:28:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.13 13:14:42 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\HRUPPROG.DIE.NOW
[2012.07.12 19:49:57 | 000,002,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\Google Chrome.lnk
[2012.07.12 09:16:02 | 000,123,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.12 09:03:58 | 000,157,952 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.11 23:30:37 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.07.10 17:56:13 | 000,000,640 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Smite Closed Beta.lnk
[2012.07.10 17:56:13 | 000,000,631 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Hi-Rez Diagnostics and Support.lnk
[2012.07.10 16:49:11 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.07.10 14:43:38 | 000,045,194 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\room_v3.dat
[2012.07.10 11:41:35 | 000,494,693 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\Alter Verwalter.jpg
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.07.03 10:21:06 | 000,002,047 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2012.06.30 22:33:42 | 000,000,142 | -H-- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\.~lock.ycyvcxxcyvbvvbvcb.odt#
[2012.06.30 22:31:03 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.06.30 21:00:28 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012.06.30 16:17:05 | 000,000,703 | ---- | M] () -- C:\user.js
[2012.06.27 18:30:59 | 000,561,593 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\bilder papa gebu.odt
[2012.06.27 18:20:22 | 000,260,237 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertel.gif
[2012.06.27 18:19:33 | 000,131,534 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertl2.GIF
[2012.06.26 19:02:20 | 000,040,430 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\cqwxleiy.JPG
[2012.06.26 18:56:50 | 000,019,305 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\TS.JPG
[2012.06.25 20:20:17 | 000,003,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\test.JPG
[2012.06.22 15:08:33 | 000,387,410 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\pb.bmp

========== Files Created - No Company Name ==========

[2012.07.16 21:05:15 | 000,001,725 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aeria Ignite.lnk
[2012.07.13 13:14:42 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\HRUPPROG.DIE.NOW
[2012.07.10 17:56:13 | 000,000,640 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Smite Closed Beta.lnk
[2012.07.10 17:56:13 | 000,000,631 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Hi-Rez Diagnostics and Support.lnk
[2012.07.10 11:41:35 | 000,494,693 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\Alter Verwalter.jpg
[2012.06.30 22:33:42 | 000,000,142 | -H-- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\.~lock.ycyvcxxcyvbvvbvcb.odt#
[2012.06.30 22:31:03 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader X.lnk
[2012.06.30 22:31:03 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.06.30 21:00:26 | 000,001,650 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
[2012.06.30 21:00:26 | 000,000,836 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk
[2012.06.30 21:00:26 | 000,000,640 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk
[2012.06.30 16:12:33 | 000,000,703 | ---- | C] () -- C:\user.js
[2012.06.30 10:37:00 | 000,045,194 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\room_v3.dat
[2012.06.27 18:30:58 | 000,561,593 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\bilder papa gebu.odt
[2012.06.27 18:19:28 | 000,131,534 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertl2.GIF
[2012.06.27 18:14:06 | 000,260,237 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertel.gif
[2012.06.26 19:00:44 | 000,040,430 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\cqwxleiy.JPG
[2012.06.26 18:56:50 | 000,019,305 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\TS.JPG
[2012.06.26 10:49:44 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.06.25 20:20:17 | 000,003,366 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\test.JPG
[2012.06.22 14:18:34 | 000,387,410 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\pb.bmp
[2012.05.17 23:03:22 | 000,087,352 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.05.15 21:05:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.03.31 04:52:14 | 000,179,814 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.03.31 04:52:14 | 000,179,814 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1993962763-746137067-839522115-1003-0.dat
[2012.02.11 22:37:14 | 000,000,854 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\recently-used.xbel
[2011.05.14 08:52:58 | 000,030,253 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2011.01.24 21:06:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011.01.21 09:32:03 | 000,000,003 | ---- | C] () -- C:\WINDOWS\treeskp.sys
[2011.01.21 09:32:03 | 000,000,003 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2011.01.12 13:16:57 | 000,001,206 | ---- | C] () -- C:\WINDOWS\DISNEY.INI
[2011.01.04 17:10:56 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011.01.04 17:10:56 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011.01.04 17:10:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011.01.04 17:10:56 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2010.10.31 22:43:09 | 000,138,056 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PnkBstrK.sys
[2010.10.31 22:42:41 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.10.18 19:43:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.10.18 19:43:00 | 000,042,112 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.10.10 19:00:19 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2010.09.22 12:12:49 | 000,003,010 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PData.MMM
[2010.09.22 12:12:49 | 000,003,010 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PData.MM1
[2010.08.22 09:59:20 | 000,000,037 | ---- | C] () -- C:\WINDOWS\mpegtoiPodconverter.ini
[2010.08.22 09:58:25 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SysMPEGtoiPod.dat
[2010.08.08 00:42:56 | 000,029,440 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.04.22 17:26:10 | 000,123,392 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.22 15:37:07 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

========== LOP Check ==========

[2012.05.13 00:47:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net
[2010.05.06 17:59:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bentley
[2012.06.30 16:47:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Big Fish Games
[2010.12.19 13:45:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2010.12.11 22:26:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2012.07.08 20:24:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro
[2011.05.11 14:16:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2011.04.28 17:00:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Firefly Studios
[2012.07.10 17:56:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hi-Rez Studios
[2012.01.07 18:39:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\id Software
[2012.06.30 16:28:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2010.07.09 19:45:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mquadr.at
[2012.06.30 16:12:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OptimizerPro
[2012.06.30 16:13:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Premium
[2011.02.28 20:24:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2012.06.21 15:14:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2012.07.08 21:27:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010.08.19 13:39:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010.05.11 13:49:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2010.07.09 18:49:46 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{0AB34A1C-91C1-45BB-8B32-A0746A30DC96}
[2010.06.22 14:49:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.07.09 15:28:34 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{C3358ED5-0ADD-4BA0-8F60-B5A7CD34BD14}
[2010.09.30 07:52:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\PDF Software
[2011.07.14 13:21:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\.minecraft
[2012.07.16 21:05:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Aeria Games & Entertainment
[2011.06.15 16:39:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Ahnenblatt
[2010.09.22 12:12:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\AUTOSICH
[2010.05.06 17:59:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Bentley
[2012.06.25 12:06:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DAEMON Tools Lite
[2012.07.08 20:24:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DAEMON Tools Pro
[2012.05.23 11:19:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DVDVideoSoft
[2012.05.23 11:19:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.06.12 11:56:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Facebook
[2011.05.31 15:34:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\GenJ3
[2010.12.16 12:13:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\GetRightToGo
[2011.04.28 14:43:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\gtk-2.0
[2011.05.19 21:41:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\ICQ
[2011.08.24 19:00:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\id Software
[2010.06.30 00:42:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\LolClient
[2012.05.24 13:57:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\LolClient2
[2012.06.30 16:21:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Media Finder
[2012.07.16 21:35:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\NetSpeedMonitor
[2011.02.14 17:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Notepad++
[2011.05.15 00:29:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Octoshape
[2010.04.25 12:58:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\OpenOffice.org
[2012.06.23 12:21:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Oracle
[2010.09.04 21:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PDF Software
[2012.07.08 20:47:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PunkBuster
[2010.10.18 19:41:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Samsung
[2012.05.14 10:28:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\ScummVM
[2012.06.25 12:06:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\TS3Client
[2010.09.15 20:05:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Ubisoft
[2012.01.07 18:17:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Unity
[2012.07.16 09:58:26 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:B1FBBD09

< End of report >
  • 0

#18
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
It appears to be gone.

Are you experiencing any issues now?
  • 0

#19
Modin

Modin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
I have problems removing this sweetIM toolbar thingy that kinda freaks me out. It doesn't appear in the regular list of programs to uninstall/install if you know what I mean. Apart from this my computer seems to be fine. Thanks again ;)
  • 0

#20
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
SweetIM removal


Step 1.

Click Start >> Control Panel >> Add/Remove Programs >> Select SweetIM Toolbar and then click uninstall, follow the prompts and reboot the computer.


Step 2.

For Firefox:


  • Launch Mozilla Firefox and click the "Tools" menu located on the top of the browser. Click "Add-ons" to launch the Add-on window.
  • Select "SweetIM Toolbar for Firefox" and click "Uninstall." Firefox uninstalls and removes the toolbar from your browser.
  • Close and relaunch your web browser to complete the process.


Step 3.

For Chrome:

  • Click “Customize” from the browser navigation bar (includes a wrench icon).
  • Click “Tools” > ”Extensions” when the new menu appears.
  • Click the “Remove” (trashcan icon) button on the right of the extension you would like to remove.
  • Click the Uninstall button in the confirmation window.

  • 0

#21
Modin

Modin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Okay thank you. I think that's all I could think of asking for ;)
I just want to say thank you for all the nice help and support, without you I'd be quite lost and would prolly have to find a cd-drive to reinstall windows n stuff... . Thank you good sire :D
  • 0

#22
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Your logs now appears clean :thumbsup:

The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done



Run OTL and hit the cleanup button. It will remove all the programs we have used plus itself.


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programs on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#23
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

#24
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Topic is reopened. Please perform the following scans:


Step 1.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

If it does not run rename it iexplore.exe and try it again.


Step 2.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under Extra Registry Select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


Step 3.

Please post:

OTL.txt
aswMBR.txt
Extras.txt



Also give me an update on the issues you are having with your computer.
  • 0

#25
Modin

Modin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
I somehow didn't manage to save the aswMBR log at the first time so I had to rerun it after I ran OTL, hope that doesn't mess anything up.
@My issues: I could for a few days freely start any online game(or pretty much any other program which required connection to the internet) and everything appeared to be fine. Now today I had the same problem again(for example Diablo III doesn't start properly saying an unexpected error had occured right on the patcher). I can log on to a few games though[EDIT: appearently I can't anymore, I could do so earlier today though; 2nd EDIT: my ability to connect seems to come and go]. Also windows tries to install word document reader on startup(just wanted to mention it though I don't think it has anything to do with the issue) It ran malware bytes but it didn't find any infected file.
greetings
Modin


aswMBR:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-20 15:50:36
-----------------------------
15:50:36.203 OS Version: Windows 5.1.2600 Service Pack 3
15:50:36.203 Number of processors: 4 586 0xF0B
15:50:36.203 ComputerName: MARTIN UserName: Mörtl
15:50:36.390 Initialize success
15:50:40.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-7
15:50:40.781 Disk 0 Vendor: SAMSUNG_HD322HJ 1AC01113 Size: 305245MB BusType: 3
15:50:40.796 Disk 0 MBR read successfully
15:50:40.796 Disk 0 MBR scan
15:50:40.796 Disk 0 Windows XP default MBR code
15:50:40.796 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 29996 MB offset 63
15:50:40.796 Disk 0 Partition - 00 0F Extended LBA 101065 MB offset 61432560
15:50:40.796 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 101065 MB offset 61432623
15:50:40.812 Disk 0 scanning sectors +268414020
15:50:40.843 Disk 0 scanning C:\WINDOWS\system32\drivers
15:50:45.312 Service scanning
15:50:51.125 Modules scanning
15:50:53.765 Disk 0 trace - called modules:
15:50:53.781 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys PCIIDEX.SYS
15:50:53.781 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b141ab8]
15:50:53.781 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000073[0x8b1539e8]
15:50:53.781 5 ACPI.sys[b9e63620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-7[0x8b152d98]
15:50:53.781 Scan finished successfully
15:51:44.968 Disk 0 MBR has been saved successfully to "D:\Family\Martin\MBR.dat"
15:51:44.968 The log file has been saved successfully to "D:\Family\Martin\aswMBR log.txt"


OTL:
OTL logfile created on: 20.07.2012 15:43:23 - Run 2
OTL by OldTimer - Version 3.2.54.0 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,25 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 79,44% Memory free
5,09 Gb Paging File | 4,53 Gb Available in Paging File | 88,99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 8,26 Gb Free Space | 28,19% Space Free | Partition Type: NTFS
Drive D: | 98,70 Gb Total Space | 12,46 Gb Free Space | 12,63% Space Free | Partition Type: NTFS

Computer Name: MARTIN | User Name: Mörtl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.07.20 15:40:13 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe
PRC - [2012.07.12 21:16:55 | 000,008,704 | ---- | M] (Hi-Rez Studios) -- D:\Games\Smite\HiPatchService.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.06.23 12:21:19 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.05.26 06:32:44 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.26 14:33:38 | 003,111,744 | ---- | M] (DT Soft Ltd) -- D:\Programme\DAEMON Tools Pro\DTAgent.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.01.05 23:23:48 | 000,222,568 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010.12.14 17:44:20 | 000,216,456 | ---- | M] (Geek Software GmbH) -- D:\Programme\pdf24\pdf24.exe
PRC - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.02.01 22:51:56 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.02.01 22:51:52 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2010.01.14 00:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- D:\Programme\Winamp\winampa.exe
PRC - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe
PRC - [2008.06.25 14:13:48 | 005,625,344 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.05.12 00:33:52 | 000,479,232 | ---- | M] (Hewlett-Packard Co.) -- D:\Programme\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2004.09.29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


========== Modules (No Company Name) ==========

MOD - [2012.06.14 12:07:29 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012.06.14 00:56:42 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.06.14 00:48:36 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_661ee55a\system.drawing.dll
MOD - [2012.06.14 00:48:30 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_4759fd05\system.windows.forms.dll
MOD - [2012.06.14 00:48:20 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012.05.16 01:03:28 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012.05.16 01:02:34 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.05.16 01:00:38 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.16 00:58:59 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.16 00:58:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.05.16 00:53:21 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_381d9d0c\mscorlib.dll
MOD - [2012.05.16 00:53:15 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_afb934ab\system.xml.dll
MOD - [2012.05.16 00:53:07 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_5dbeca5b\system.dll
MOD - [2012.05.16 00:53:03 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012.05.16 00:53:02 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- D:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2010.05.06 17:53:39 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.05.06 17:53:39 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.05.06 17:53:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2010.04.25 12:57:36 | 000,970,752 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2010.04.25 01:44:53 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2010.04.22 15:27:02 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2010.04.22 15:27:02 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_de_a53cf5803f4c3827\hpqisrtb.resources.dll
MOD - [2010.04.22 15:27:00 | 000,774,144 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2010.04.22 15:26:59 | 000,294,912 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_de_a53cf5803f4c3827\hpqbakup.resources.dll
MOD - [2010.04.22 15:26:46 | 000,380,928 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2010.04.22 15:26:46 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_de_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2010.04.22 15:26:24 | 001,032,192 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2010.04.22 15:26:24 | 000,331,776 | ---- | M] () -- c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_de_a53cf5803f4c3827\hpqedit.resources.dll
MOD - [2010.04.22 15:26:23 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2010.04.22 15:26:22 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2010.04.22 15:26:20 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2010.04.22 15:26:17 | 000,512,000 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2010.04.22 15:26:17 | 000,015,360 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\3.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2010.04.22 15:26:17 | 000,010,752 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\3.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2010.04.22 15:26:16 | 000,364,544 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2010.04.22 15:26:16 | 000,188,416 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2010.04.22 15:26:16 | 000,135,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_de_a53cf5803f4c3827\hpqcc2.resources.dll
MOD - [2010.04.22 15:26:16 | 000,122,880 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_de_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2010.04.22 15:26:16 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2010.04.22 15:26:16 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2010.04.22 15:26:16 | 000,045,056 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2010.04.22 15:26:16 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2010.04.22 15:26:16 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2010.04.22 15:26:16 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2010.04.22 15:26:16 | 000,012,800 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_de_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2010.04.22 15:26:15 | 000,589,824 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2010.04.22 15:24:57 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2010.04.22 15:24:57 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2010.04.22 15:24:57 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_de_a53cf5803f4c3827\hpqprrsc.resources.dll
MOD - [2010.04.22 15:24:56 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2010.04.22 15:24:56 | 000,225,280 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2010.04.22 15:24:56 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2010.04.22 15:24:56 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2010.04.22 15:24:56 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2010.04.22 15:24:56 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2010.04.22 15:24:56 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2010.04.22 15:24:56 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2010.04.22 15:24:56 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2010.04.22 15:24:19 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.04.22 15:24:19 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_de_b77a5c561934e089\system.resources.dll
MOD - [2010.04.22 15:23:35 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2010.03.15 16:57:20 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2008.06.25 14:13:48 | 005,625,344 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.01.10 10:50:20 | 000,024,576 | R--- | M] () -- C:\WINDOWS\system32\AsIO.dll
MOD - [2005.05.11 16:39:32 | 000,565,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\pngio.dll


========== Win32 Services (SafeList) ==========

SRV - [2012.07.20 15:31:01 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.19 08:20:34 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.12 21:16:55 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- D:\Games\Smite\HiPatchService.exe -- (HiPatchService)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.06.23 12:21:19 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.05.08 15:13:28 | 000,185,856 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.05 23:23:48 | 000,222,568 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.02.24 22:01:00 | 003,432,444 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2004.09.29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Programme\Garena Classic\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Games\Flyff\Flyff\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOKUME~1\MRTL~1\LOKALE~1\Temp\aswMBR.sys -- (aswMBR)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (anov4kbk)
DRV - [2012.07.08 19:37:07 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.03.20 16:48:28 | 000,004,774 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2011.08.30 17:28:46 | 006,435,432 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011.01.05 23:23:40 | 000,042,112 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2011.01.03 10:38:36 | 000,136,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.01.03 10:38:36 | 000,121,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011.01.03 10:38:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010.12.21 07:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.12.21 07:55:02 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2010.12.21 07:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010.12.21 07:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010.12.19 13:33:03 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.12.19 13:32:54 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.12.19 13:32:54 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.04.01 04:50:10 | 000,103,424 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FXX\qcusbser.sys -- (qcusbser)
DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.03.17 14:24:06 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2008.06.25 18:47:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://leagueoflegends.com/
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://www.google.co...ch?hl=en-GB&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\11002 [2012.03.20 12:43:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Programme\Web Assistant\Firefox [2012.06.30 16:12:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.07.19 08:20:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.07.10 17:42:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\11002 [2012.03.20 12:43:06 | 000,000,000 | ---D | M]

[2010.04.22 16:13:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Extensions
[2012.06.30 16:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\extensions
[2012.07.19 10:27:12 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions
[2010.07.25 10:11:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.25 18:35:55 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.31 22:03:38 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\[email protected]
[2012.06.30 16:07:00 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\[email protected]
[2012.07.14 19:34:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.10.07 14:41:45 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MöRTL\ANWENDUNGSDATEN\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\[email protected]
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MöRTL\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ZZITQSK4.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MöRTL\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ZZITQSK4.DEFAULT\EXTENSIONS\[email protected]
[2012.06.30 16:12:29 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAMME\WEB ASSISTANT\FIREFOX
[2012.07.19 08:20:35 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.17 20:03:24 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.17 20:03:24 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.17 20:03:24 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.17 20:03:23 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.17 20:03:23 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.17 20:03:23 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: http://search.babylo...000002215853a55
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.babylo...000002215853a55
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Programme\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Anwendungsdaten\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Programme\DNA\plugins\npbtdna.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programme\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: General Crawler = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: Web Assistant = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: GoPhoto.it = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.1_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: General Crawler = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: Web Assistant = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: GoPhoto.it = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.1_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.07.18 02:33:41 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Aeria Ignite] C:\Programme\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LifeCam] C:\Programme\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PDFPrint] D:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [Six Engine] C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe ()
O4 - HKLM..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1993962763-746137067-839522115-1003..\Run: [Akamai NetSession Interface] C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-1993962763-746137067-839522115-1003..\Run: [DAEMON Tools Pro Agent] D:\Programme\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1993962763-746137067-839522115-1003..\Run: [Media Finder] "C:\Programme\Media Finder\Media Finder.exe" /opentotray File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk = D:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Dokumente und Einstellungen\Mörtl\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-746137067-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-1993962763-746137067-839522115-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1340790576406 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6293937-AC61-425D-9EAE-F1BF34B1623E}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.04.22 15:09:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012.07.20 15:29:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Flyff
[2012.07.17 09:41:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Aeria Games
[2012.07.16 22:03:40 | 000,000,000 | ---D | C] -- C:\Programme\Gameforge
[2012.07.16 22:03:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Gameforge
[2012.07.16 21:05:16 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2012.07.16 21:05:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AeriaGames
[2012.07.16 21:05:14 | 000,000,000 | ---D | C] -- C:\Programme\Aeria Games
[2012.07.16 21:05:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Aeria Games & Entertainment
[2012.07.16 20:43:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai
[2012.07.16 20:43:00 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012.07.15 21:51:31 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.07.10 19:07:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012.07.10 18:32:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Chromium
[2012.07.10 18:32:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\My Games
[2012.07.10 17:56:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hi-Rez Studios
[2012.07.10 17:56:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Hi-Rez Studios
[2012.07.10 17:56:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Application Data
[2012.07.10 15:50:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\NetSpeedMonitor
[2012.07.10 15:34:42 | 000,000,000 | ---D | C] -- C:\Programme\NetSpeedMonitor
[2012.07.10 10:31:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Avira
[2012.07.10 10:26:22 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012.07.10 10:26:20 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.07.10 10:26:20 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.07.10 10:26:20 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.07.10 10:26:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2012.07.08 21:27:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\Assassin's Creed Revelations
[2012.07.08 20:47:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PunkBuster
[2012.07.08 20:47:14 | 000,000,000 | ---D | C] -- C:\Programme\Ubisoft
[2012.07.08 19:37:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DAEMON Tools Pro
[2012.07.08 19:36:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro
[2012.06.30 22:27:40 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.06.30 22:27:40 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.06.30 20:54:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.06.30 16:17:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Media Finder
[2012.06.30 16:13:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Premium
[2012.06.30 16:12:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OptimizerPro
[2012.06.30 16:12:29 | 000,000,000 | ---D | C] -- C:\Programme\Web Assistant
[2012.06.30 16:11:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2012.06.30 16:07:02 | 000,000,000 | ---D | C] -- C:\Programme\Gophoto.it
[2012.06.30 16:05:55 | 000,000,000 | ---D | C] -- C:\Programme\1ClickDownload
[2012.06.26 10:48:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.06.25 12:05:04 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Mörtl\Recent
[2012.06.25 10:24:39 | 002,869,264 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Mörtl\Desktop\dotNetFx35setup.exe
[2012.06.25 10:21:26 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Mörtl\PrivacIE
[2012.06.23 12:22:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Sun
[2012.06.23 12:22:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.06.23 12:21:53 | 000,000,000 | ---D | C] -- C:\Programme\Oracle
[2012.06.23 12:21:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Oracle
[2012.06.23 12:21:38 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.06.23 12:21:31 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.06.23 12:21:31 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.06.21 22:11:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Plants vs. Zombies
[2012.06.21 14:13:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2012.06.21 14:13:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Games
[2012.06.21 14:11:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Big Fish Games
[2012.06.21 14:09:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BigFishGamesCache

========== Files - Modified Within 30 Days ==========

[2012.07.20 15:40:42 | 000,527,534 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.07.20 15:40:42 | 000,502,744 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.20 15:40:42 | 000,105,628 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.07.20 15:40:42 | 000,088,268 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.07.20 15:36:02 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2012.07.20 15:35:55 | 000,198,612 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.07.20 15:35:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.20 15:31:03 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.07.20 15:30:55 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.07.20 15:30:55 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.07.20 15:04:02 | 000,001,210 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-746137067-839522115-1003UA.job
[2012.07.20 09:18:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.19 21:04:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-746137067-839522115-1003Core.job
[2012.07.18 02:47:44 | 000,157,952 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.18 02:46:18 | 000,000,630 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.18 02:33:41 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.07.17 16:49:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.07.16 22:03:41 | 000,001,930 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AION Free-To-Play.lnk
[2012.07.16 21:05:15 | 000,001,725 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aeria Ignite.lnk
[2012.07.13 13:14:42 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\HRUPPROG.DIE.NOW
[2012.07.12 19:49:57 | 000,002,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\Google Chrome.lnk
[2012.07.12 09:16:02 | 000,123,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.11 23:30:37 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.07.10 17:56:13 | 000,000,640 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Smite Closed Beta.lnk
[2012.07.10 17:56:13 | 000,000,631 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Hi-Rez Diagnostics and Support.lnk
[2012.07.10 14:43:38 | 000,045,194 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\room_v3.dat
[2012.07.10 11:41:35 | 000,494,693 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\Alter Verwalter.jpg
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.07.03 10:21:06 | 000,002,047 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2012.06.30 22:33:42 | 000,000,142 | -H-- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\.~lock.ycyvcxxcyvbvvbvcb.odt#
[2012.06.30 22:31:03 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.06.30 21:00:28 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012.06.30 16:17:05 | 000,000,703 | ---- | M] () -- C:\user.js
[2012.06.27 18:30:59 | 000,561,593 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\bilder papa gebu.odt
[2012.06.27 18:20:22 | 000,260,237 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertel.gif
[2012.06.27 18:19:33 | 000,131,534 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertl2.GIF
[2012.06.26 19:02:20 | 000,040,430 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\cqwxleiy.JPG
[2012.06.26 18:56:50 | 000,019,305 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\TS.JPG
[2012.06.25 20:20:17 | 000,003,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\test.JPG
[2012.06.25 10:24:41 | 002,869,264 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Mörtl\Desktop\dotNetFx35setup.exe
[2012.06.23 12:21:18 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.06.23 12:21:18 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.06.23 12:21:18 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.06.23 12:21:18 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.06.22 15:08:33 | 000,387,410 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\pb.bmp

========== Files Created - No Company Name ==========

[2012.07.20 15:31:03 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.07.18 02:46:18 | 000,000,630 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.16 22:03:41 | 000,001,930 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AION Free-To-Play.lnk
[2012.07.16 21:05:15 | 000,001,725 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aeria Ignite.lnk
[2012.07.13 13:14:42 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\HRUPPROG.DIE.NOW
[2012.07.10 17:56:13 | 000,000,640 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Smite Closed Beta.lnk
[2012.07.10 17:56:13 | 000,000,631 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Hi-Rez Diagnostics and Support.lnk
[2012.07.10 11:41:35 | 000,494,693 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\Alter Verwalter.jpg
[2012.06.30 22:33:42 | 000,000,142 | -H-- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\.~lock.ycyvcxxcyvbvvbvcb.odt#
[2012.06.30 22:31:03 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader X.lnk
[2012.06.30 22:31:03 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.06.30 21:00:26 | 000,001,650 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
[2012.06.30 21:00:26 | 000,000,836 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk
[2012.06.30 21:00:26 | 000,000,640 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk
[2012.06.30 16:12:33 | 000,000,703 | ---- | C] () -- C:\user.js
[2012.06.30 10:37:00 | 000,045,194 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\room_v3.dat
[2012.06.27 18:30:58 | 000,561,593 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\bilder papa gebu.odt
[2012.06.27 18:19:28 | 000,131,534 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertl2.GIF
[2012.06.27 18:14:06 | 000,260,237 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertel.gif
[2012.06.26 19:00:44 | 000,040,430 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\cqwxleiy.JPG
[2012.06.26 18:56:50 | 000,019,305 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\TS.JPG
[2012.06.26 10:49:44 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.06.25 20:20:17 | 000,003,366 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\test.JPG
[2012.06.22 14:18:34 | 000,387,410 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\pb.bmp
[2012.05.17 23:03:22 | 000,087,352 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.05.15 21:05:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.03.31 04:52:14 | 000,545,302 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1993962763-746137067-839522115-1003-0.dat
[2012.03.31 04:52:14 | 000,183,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.02.11 22:37:14 | 000,000,854 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\recently-used.xbel
[2011.05.14 08:52:58 | 000,030,253 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2011.01.24 21:06:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011.01.21 09:32:03 | 000,000,003 | ---- | C] () -- C:\WINDOWS\treeskp.sys
[2011.01.21 09:32:03 | 000,000,003 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2011.01.12 13:16:57 | 000,001,206 | ---- | C] () -- C:\WINDOWS\DISNEY.INI
[2011.01.04 17:10:56 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011.01.04 17:10:56 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011.01.04 17:10:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011.01.04 17:10:56 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2010.10.31 22:43:09 | 000,138,056 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PnkBstrK.sys
[2010.10.31 22:42:41 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.10.18 19:43:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.10.18 19:43:00 | 000,042,112 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.10.10 19:00:19 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2010.09.22 12:12:49 | 000,003,010 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PData.MMM
[2010.09.22 12:12:49 | 000,003,010 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PData.MM1
[2010.08.22 09:59:20 | 000,000,037 | ---- | C] () -- C:\WINDOWS\mpegtoiPodconverter.ini
[2010.08.22 09:58:25 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SysMPEGtoiPod.dat
[2010.08.08 00:42:56 | 000,029,440 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.04.22 17:26:10 | 000,123,392 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.22 15:37:07 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

========== LOP Check ==========

[2012.05.13 00:47:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net
[2010.05.06 17:59:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bentley
[2012.06.30 16:47:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Big Fish Games
[2010.12.19 13:45:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2010.12.11 22:26:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2012.07.08 20:24:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro
[2011.05.11 14:16:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2011.04.28 17:00:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Firefly Studios
[2012.07.10 17:56:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hi-Rez Studios
[2012.01.07 18:39:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\id Software
[2012.06.30 16:28:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2010.07.09 19:45:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mquadr.at
[2012.06.30 16:12:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OptimizerPro
[2012.06.30 16:13:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Premium
[2011.02.28 20:24:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2012.06.21 15:14:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2012.07.08 21:27:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010.08.19 13:39:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010.05.11 13:49:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2010.07.09 18:49:46 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{0AB34A1C-91C1-45BB-8B32-A0746A30DC96}
[2010.06.22 14:49:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.07.09 15:28:34 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{C3358ED5-0ADD-4BA0-8F60-B5A7CD34BD14}
[2010.09.30 07:52:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\PDF Software
[2011.07.14 13:21:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\.minecraft
[2012.07.16 21:05:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Aeria Games & Entertainment
[2011.06.15 16:39:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Ahnenblatt
[2010.09.22 12:12:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\AUTOSICH
[2010.05.06 17:59:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Bentley
[2012.06.25 12:06:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DAEMON Tools Lite
[2012.07.08 20:24:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DAEMON Tools Pro
[2012.05.23 11:19:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DVDVideoSoft
[2012.05.23 11:19:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.06.12 11:56:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Facebook
[2011.05.31 15:34:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\GenJ3
[2010.12.16 12:13:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\GetRightToGo
[2011.04.28 14:43:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\gtk-2.0
[2011.05.19 21:41:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\ICQ
[2011.08.24 19:00:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\id Software
[2010.06.30 00:42:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\LolClient
[2012.05.24 13:57:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\LolClient2
[2012.06.30 16:21:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Media Finder
[2012.07.20 15:45:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\NetSpeedMonitor
[2011.02.14 17:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Notepad++
[2011.05.15 00:29:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Octoshape
[2010.04.25 12:58:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\OpenOffice.org
[2012.06.23 12:21:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Oracle
[2010.09.04 21:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PDF Software
[2012.07.08 20:47:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PunkBuster
[2010.10.18 19:41:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Samsung
[2012.05.14 10:28:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\ScummVM
[2012.06.25 12:06:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\TS3Client
[2010.09.15 20:05:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Ubisoft
[2012.01.07 18:17:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Unity
[2012.07.20 15:36:02 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2004.08.04 00:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 15:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SERVICES >
[2001.08.23 14:00:00 | 000,007,111 | ---- | M] () MD5=FDA6D81BABFB01A4504B66080EADF975 -- C:\WINDOWS\system32\drivers\etc\services

< MD5 for: SERVICES.ASFX >
[2012.04.04 07:53:56 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Programme\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx

< MD5 for: SERVICES.ASFX22 >
[2011.06.06 12:55:32 | 000,000,627 | R--- | M] () MD5=C25DC0D9A0098C3677CBC8AACADA1472 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA71301B744AA0100000010\10.1.0\services.asfx22

< MD5 for: SERVICES.CFG >
[2012.04.04 07:53:54 | 000,585,987 | ---- | M] () MD5=7BAB089A4F862C6BC86E0201D5BF1779 -- C:\Programme\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011.06.06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA71301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.EXE >
[2008.04.14 04:22:59 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=4BB6A83640F1D1792AD21CE767B621C6 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 04:22:59 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=4BB6A83640F1D1792AD21CE767B621C6 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009.02.09 12:04:47 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=65F6B774819BD727358157CEDEA67B8E -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 11:48:30 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=A07CA23EA361A01E627D911CF139B950 -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 13:21:35 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=A3EDBE9053889FB24AB22492472B39DC -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 13:21:35 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=A3EDBE9053889FB24AB22492472B39DC -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:21:35 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=A3EDBE9053889FB24AB22492472B39DC -- C:\WINDOWS\system32\services.exe
[2004.08.04 00:58:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=EDB6B81761BD60F32F740BBC40AFB676 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009.02.09 13:14:22 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=F0A7D59AF279326528715B206669B86C -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe

< MD5 for: SERVICES.EXE.000 >
[2004.08.04 00:58:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=EDB6B81761BD60F32F740BBC40AFB676 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe.000

< MD5 for: SERVICES.MSC >
[2001.08.23 14:00:00 | 000,033,068 | ---- | M] () MD5=D5B861FD9DC5A781FEB11F12C6E87238 -- C:\WINDOWS\system32\services.msc

< MD5 for: SERVICES.RDB >
[2010.02.01 22:59:00 | 000,262,144 | ---- | M] () MD5=00D8C85E07B0D69A27816B54E56EF85B -- C:\Programme\OpenOffice.org 3\URE\misc\services.rdb
[2010.02.01 22:52:28 | 005,505,024 | ---- | M] () MD5=20999743CA8D1F7132B0BFCE952F2295 -- C:\Programme\OpenOffice.org 3\Basis\program\services.rdb

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:23:02 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=4FBC75B74479C7A6F829E0CA19DF3366 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:23:02 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=4FBC75B74479C7A6F829E0CA19DF3366 -- C:\WINDOWS\system32\svchost.exe
[2004.08.04 00:58:16 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=65A819B121EB6FDAB4400EA42BDFFE64 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 00:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 00:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:B1FBBD09

< End of report >


OTL extras:
OTL Extras logfile created on: 20.07.2012 15:43:23 - Run 2
OTL by OldTimer - Version 3.2.54.0 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,25 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 79,44% Memory free
5,09 Gb Paging File | 4,53 Gb Available in Paging File | 88,99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 8,26 Gb Free Space | 28,19% Space Free | Partition Type: NTFS
Drive D: | 98,70 Gb Total Space | 12,46 Gb Free Space | 12,63% Space Free | Partition Type: NTFS

Computer Name: MARTIN | User Name: Mörtl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1993962763-746137067-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57074:TCP" = 57074:TCP:*:Enabled:Pando Media Booster
"57074:UDP" = 57074:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"57074:TCP" = 57074:TCP:*:Enabled:Pando Media Booster
"57074:UDP" = 57074:UDP:*:Enabled:Pando Media Booster
"8395:TCP" = 8395:TCP:*:Enabled:League of Legends Launcher
"8395:UDP" = 8395:UDP:*:Enabled:League of Legends Launcher
"8396:TCP" = 8396:TCP:*:Enabled:League of Legends Launcher
"8396:UDP" = 8396:UDP:*:Enabled:League of Legends Launcher
"8397:TCP" = 8397:TCP:*:Enabled:League of Legends Launcher
"8397:UDP" = 8397:UDP:*:Enabled:League of Legends Launcher
"8398:TCP" = 8398:TCP:*:Enabled:League of Legends Launcher
"8398:UDP" = 8398:UDP:*:Enabled:League of Legends Launcher
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1403:UDP" = 1403:UDP:*:Enabled:Windows Media Format SDK (winamp.exe)
"6112:TCP" = 6112:TCP:*:Enabled:Warcraft
"8088:TCP" = 8088:TCP:*:Enabled:lol
"8399:TCP" = 8399:TCP:*:Enabled:afdsdf
"8400:TCP" = 8400:TCP:*:Enabled:sadfasd
"5001:UDP" = 5001:UDP:*:Enabled:fdsf
"5002:TCP" = 5002:TCP:*:Enabled:fsadfsd
"5003:TCP" = 5003:TCP:*:Enabled:lol2
"1119:TCP" = 1119:TCP:*:Enabled:tst
"4747:TCP" = 4747:TCP:*:Enabled:mws
"4747:UDP" = 4747:UDP:*:Enabled:nws
"1035:TCP" = 1035:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"D:\Games\justcause\Steam.exe" = D:\Games\justcause\Steam.exe:*:Enabled:Steam
"D:\Games\justcause\SteamApps\common\just cause 2 demo\JustCause2.exe" = D:\Games\justcause\SteamApps\common\just cause 2 demo\JustCause2.exe:*:Enabled:Just Cause 2 Demo
"D:\Games\League of Legends\Air\LolClient.exe" = D:\Games\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby
"D:\Games\League of Legends\Game\League of Legends.exe" = D:\Games\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client
"D:\Programme\mIRC\mirc.exe" = D:\Programme\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Programme\aon\aonController\aonController.exe" = C:\Programme\aon\aonController\aonController.exe:*:Enabled:Controller -- (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: [email protected])
"D:\Games\Siedler III\s3.exe" = D:\Games\Siedler III\s3.exe:*:Enabled:Siedler3
"C:\Programme\Microsoft LifeCam\LifeCam.exe" = C:\Programme\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Programme\Microsoft LifeCam\LifeEnC2.exe" = C:\Programme\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Programme\Microsoft LifeCam\LifeExp.exe" = C:\Programme\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Programme\Microsoft LifeCam\LifeTray.exe" = C:\Programme\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"D:\Games\Assassin's Creed II\AssassinsCreedIIGame.exe" = D:\Games\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II
"D:\Games\Assassin's Creed II\AssassinsCreedII.exe" = D:\Games\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update
"D:\Games\Assassin's Creed II\UPlayBrowser.exe" = D:\Games\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB
"D:\Programme\VideoLAN\VLC\vlc.exe" = D:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"D:\Games\Stronghold1\Stronghold.exe" = D:\Games\Stronghold1\Stronghold.exe:*:Enabled:Stronghold
"D:\Games\UT\System\UnrealTournament.exe" = D:\Games\UT\System\UnrealTournament.exe:*:Enabled:UnrealTournament -- ()
"D:\Games\Counter-Strike 1.6\hl.exe" = D:\Games\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher
"C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary
"D:\Games\Metin2\Metin2\metin2client.bin" = D:\Games\Metin2\Metin2\metin2client.bin:*:Enabled:metin2client
"D:\Programme\LOLReplay\LOLReplay.exe" = D:\Programme\LOLReplay\LOLReplay.exe:*:Enabled:LOL Replay
"D:\Games\World of Warcraft\Launcher.exe" = D:\Games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher
"D:\Games\World of Warcraft\Launcher.patch.exe" = D:\Games\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher
"D:\Games\World of Warcraft\BackgroundDownloader.exe" = D:\Games\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader
"D:\Games\Warcraft III\Warcraft III.exe" = D:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III
"D:\Games\Warcraft III\yawle.exe" = D:\Games\Warcraft III\yawle.exe:*:Enabled:yawle
"D:\Games\Warcraft III\Frozen Throne.exe" = D:\Games\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne
"D:\Programme\Garena Classic\Garena.exe" = D:\Programme\Garena Classic\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe" = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface -- (Akamai Technologies, Inc)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\vghd\bin\Virtuagirl_Downloader.exe" = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\vghd\bin\Virtuagirl_Downloader.exe:*:Enabled:DLManager
"D:\Games\OpenLieroX\OpenLieroX.exe" = D:\Games\OpenLieroX\OpenLieroX.exe:*:Enabled:OpenLieroX
"D:\Games\AOE 2\age2_x1.exe" = D:\Games\AOE 2\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Downloads\Diablo-III-8370-deDE-Installer-downloader.exe" = D:\Downloads\Diablo-III-8370-deDE-Installer-downloader.exe:*:Enabled:Blizzard Downloader
"D:\Downloads\Diablo-III-8370-deDE-Installer-downloader(1).exe" = D:\Downloads\Diablo-III-8370-deDE-Installer-downloader(1).exe:*:Enabled:Blizzard Downloader
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.524\Agent.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.524\Agent.exe:*:Enabled:Blizzard Agent
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.954\Agent.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.954\Agent.exe:*:Enabled:Blizzard Agent
"D:\Downloads\Diablo-III-8370-enGB-Installer-downloader.exe" = D:\Downloads\Diablo-III-8370-enGB-Installer-downloader.exe:*:Enabled:Blizzard Downloader
"D:\Games\Diablo III\Diablo III\Diablo III.exe" = D:\Games\Diablo III\Diablo III\Diablo III.exe:*:Enabled:Diablo III -- (Blizzard Entertainment)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.976\Agent.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.976\Agent.exe:*:Enabled:Blizzard Agent
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.998\Agent.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.998\Agent.exe:*:Enabled:Blizzard Agent -- (Blizzard Entertainment)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.1040\Agent.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.1040\Agent.exe:*:Enabled:Blizzard Agent -- (Blizzard Entertainment)
"D:\Games\LoL\League of Legends\lol.launcher.exe" = D:\Games\LoL\League of Legends\lol.launcher.exe:*:Enabled:League of Legends spielen
"D:\Games\League of Legends\lol.launcher.admin.exe" = D:\Games\League of Legends\lol.launcher.admin.exe:*:Enabled:lol.launcher.admin -- ()
"C:\Programme\MSN Gaming Zone\Windows\hrtzzm.exe" = C:\Programme\MSN Gaming Zone\Windows\hrtzzm.exe:*:Enabled:Internet-Hearts -- (Microsoft Corporation)
"C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager
"C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- ()
"D:\Games\acrev\ACRMP.exe" = D:\Games\acrev\ACRMP.exe:*:Enabled:Assassin's Creed Revelations Multiplayer


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0DE8527A-FE3E-4FCA-A023-D57EF0B796C9}_is1" = Plants vs. Zombies 1.0.4.7924 (by Scar)
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{195FF80D-6C1E-4B7A-A48E-45C0AEAC0F24}" = Microsoft LifeCam
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1C30EE39-7644-49CC-9E04-D2D2009D7FBD}" = BVRP_CUE
"{1ED31028-6D65-4CFD-AD03-8E484A052FE7}" = aonUpdate
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.439
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite Closed Beta
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{57F5CC1D-2E00-4008-8CEC-EFE61B2E58AE}" = Visual Basic for Applications ® Core - German
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{699BAC7F-DC10-4709-97D8-45379301BBE7}" = NVIDIA PhysX v8.08.01
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7B08D306-7266-4647-A926-2F78817ED1E0}" = Microsoft Corporation
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.9.0
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86501894-E722-4385-A792-B7C2F28FAE7B}" = NetSpeedMonitor 2.5.4.0 x86
"{88838D48-0421-4F2B-AF81-D08D206DEE4C}_is1" = Flyff
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{904B64C4-49D8-4941-A2B6-D13D06C5CD8B}" = Controller
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{94F15234-1602-49AA-9D8C-4E0655173725}" = Aeria Ignite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B42A6552-1A83-4D79-9137-AB0C9036249A}" = Quake Live Mozilla Plugin
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB1EBA58-4829-4AE5-A9C8-7170E7BA7005}" = Emu64 V4.30
"{FB97C283-1F3C-42D4-AE01-ADC1DC12F774}" = Visual Basic for Applications ® Core
"{FBE371D7-5430-4485-B0EC-529BF08C10CA}" = Bentley MicroStation V8i 08.11.05.17
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Aeria Ignite" = Aeria Ignite
"Aeria Ignite 1.7.1238" = Aeria Ignite
"aonUpdate" = aonUpdate
"Avira AntiVir Desktop" = Avira Free Antivirus
"Controller" = Controller
"DAEMON Tools Pro" = DAEMON Tools Pro
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EADM" = EA Download Manager
"FileHippo.com" = FileHippo.com Update Checker
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube Download_is1" = Free YouTube Download version 3.1.27.508
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"GameSpy Arcade" = GameSpy Arcade
"Garena Classic 2011" = Garena Classic 2011
"GenealogyJ 6592" = GenealogyJ 6592
"GIMP-2_is1" = GIMP 2.8.0
"HP Document Viewer" = HP Document Viewer 5.3
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Photo & Imaging" = HP Image Zone 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"ie8" = Windows Internet Explorer 8
"InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"Little Fighter 2" = Little Fighter 2 version 2.0
"Magic Workstation_is1" = Magic Workstation 0.94f
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"mIRC" = mIRC
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MTG GamePack for Magic Workstation_is1" = MTG GamePack for Magic Workstation
"NCLauncher_GameForge" = NC Launcher (GameForge)
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"PokerStars" = PokerStars
"Replay Explorer_is1" = Replay Explorer 2
"S3" = Die Siedler III Gold Edition
"ST6UNST #1" = Quick64 v1.0 BETA (Full)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"UnZip Me" = UnZip Me
"VLC media player" = VLC media player 1.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1993962763-746137067-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.07.2012 03:41:45 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 15.07.2012 07:32:07 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 15.07.2012 07:32:45 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 15.07.2012 16:10:57 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Smite.exe, Version 0.1.954.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 16.07.2012 03:58:16 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 16.07.2012 03:58:38 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 16.07.2012 04:15:15 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 17.07.2012 03:43:27 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 19.07.2012 02:20:18 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 20.07.2012 03:21:16 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

[ System Events ]
Error - 17.07.2012 20:32:30 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..

Error - 17.07.2012 20:32:30 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "FsUsbExService" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.

Error - 17.07.2012 20:32:30 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "Hi-Rez Studios Authenticate and Update Service" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.

Error - 17.07.2012 20:32:30 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.

Error - 17.07.2012 20:32:31 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.

Error - 17.07.2012 20:32:31 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "MSCamSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.

Error - 17.07.2012 20:32:31 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.

Error - 17.07.2012 20:32:40 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.

Error - 17.07.2012 20:33:41 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..

Error - 20.07.2012 09:31:49 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2001


< End of report >

Edited by Modin, 20 July 2012 - 08:43 AM.

  • 0

Advertisements


#26
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.

SC Reset:

  • Open Notepad.
  • Copy and Paste everything from the Code Box below into Notepad: <-- Start >> Run... type in notepad and select OK
net stop winmgmt
rd %systemroot%\system32\wbem\repository
net start winmgmt

  • Go to File >> Save As
  • Save File name as "reset.bat" <-- Make sure to include the quotes.
  • Change Save as Type to All Files and save the file to your Desktop.


Double Click on reset.bat . A command window will open, when prompted type in Y then hit the enter/return key.

When completed the command window will close. Reboot your computer. <-- Make sure you do this.


Step 2.

Download the adwCleaner

  • Run the Tool
    Windows Vista and Windows 7 users:
    Right click in the adwCleaner.exe and select the option
    Posted Image
  • Select the Delete button.
  • When the scan completes, it will open a notepad windows.
  • Please, copy the content of this file in your next reply.


Step 3.

Re-run OTL
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under Extra Registry Select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


Step 4.

Please post:

AdwCleaner log
OTL.txt
Extras.txt



Do you recognize this Dhcp name server address: 10.0.0.138 ?

Also give me an update on your computer issues.
  • 0

#27
Modin

Modin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
10.0.0.138 is the standart gateway to my modem
as it appears I can connect/log on to online games --> what wasn't posible before is now ^^(I can't say if it's some random appearance or not)

AdwCleaner log
# AdwCleaner v1.703 - Logfile created 07/20/2012 at 19:17:11
# Updated 20/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Mörtl - MARTIN
# Running from : D:\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Web Assistant Updater

***** [Files / Folders] *****

Folder Deleted : C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Media Finder
Folder Deleted : C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]
Folder Deleted : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
Folder Deleted : C:\Programme\Conduit
Folder Deleted : C:\Programme\Web Assistant

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2849855
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DT Soft
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=113480&tt=280612_5_&babsrc=NT_ss&mntrId=d43aab5b000000000000002215853a55 --> hxxp://www.google.com

*************************

AdwCleaner[S1].txt - [5212 octets] - [20/07/2012 19:17:11]

########## EOF - C:\AdwCleaner[S1].txt - [5340 octets] ##########


OTL.txt
OTL logfile created on: 20.07.2012 19:22:14 - Run 3
OTL by OldTimer - Version 3.2.54.0 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,25 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 74,80% Memory free
5,09 Gb Paging File | 4,41 Gb Available in Paging File | 86,66% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 7,35 Gb Free Space | 25,08% Space Free | Partition Type: NTFS
Drive D: | 98,70 Gb Total Space | 12,46 Gb Free Space | 12,63% Space Free | Partition Type: NTFS

Computer Name: MARTIN | User Name: Mörtl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.07.20 15:40:13 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe
PRC - [2012.07.19 08:20:35 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.07.12 21:16:55 | 000,008,704 | ---- | M] (Hi-Rez Studios) -- D:\Games\Smite\HiPatchService.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.06.23 12:21:19 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.05.26 06:32:44 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
PRC - [2012.05.24 23:20:51 | 001,241,184 | ---- | M] (Aeria Games & Entertainment) -- C:\Programme\Aeria Games\Ignite\aeriaignite.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.26 14:33:38 | 003,111,744 | ---- | M] (DT Soft Ltd) -- D:\Programme\DAEMON Tools Pro\DTAgent.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.01.05 23:23:48 | 000,222,568 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010.12.14 17:44:20 | 000,216,456 | ---- | M] (Geek Software GmbH) -- D:\Programme\pdf24\pdf24.exe
PRC - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.02.01 22:51:56 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.02.01 22:51:52 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2010.01.14 00:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- D:\Programme\Winamp\winampa.exe
PRC - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe
PRC - [2008.06.25 14:13:48 | 005,625,344 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.05.12 00:33:52 | 000,479,232 | ---- | M] (Hewlett-Packard Co.) -- D:\Programme\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2004.09.29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


========== Modules (No Company Name) ==========

MOD - [2012.07.19 08:20:34 | 002,003,424 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.06.14 12:07:29 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012.06.14 00:56:42 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.06.14 00:55:26 | 013,197,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\54d61af44b1dedee6aea0d1bbc46b13a\System.Windows.Forms.ni.dll
MOD - [2012.06.14 00:51:15 | 017,998,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\5d585d5428ce69abc28238ffa9f4d3a2\PresentationFramework.ni.dll
MOD - [2012.06.14 00:50:59 | 011,451,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\fe068ba4be8f6cb7d6a58bccff05c75e\PresentationCore.ni.dll
MOD - [2012.06.14 00:50:49 | 003,856,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\62f103f9e662d263ec2ecacc49d4525b\WindowsBase.ni.dll
MOD - [2012.06.14 00:50:47 | 001,666,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\4a668799513e369a54fdab8b3f74de92\System.Drawing.ni.dll
MOD - [2012.06.14 00:48:36 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_661ee55a\system.drawing.dll
MOD - [2012.06.14 00:48:30 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_4759fd05\system.windows.forms.dll
MOD - [2012.06.14 00:48:20 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012.05.16 01:04:27 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\26ee061618887d629a9f7072970ffb85\System.EnterpriseServices.ni.dll
MOD - [2012.05.16 01:04:27 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\26ee061618887d629a9f7072970ffb85\System.EnterpriseServices.Wrapper.dll
MOD - [2012.05.16 01:04:26 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\ce2aa3a5e89c326055ac8e2a309232f7\System.Transactions.ni.dll
MOD - [2012.05.16 01:04:25 | 002,637,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9bfda0add366eea12ea0402e60d01e84\System.Runtime.Serialization.ni.dll
MOD - [2012.05.16 01:04:22 | 001,781,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\9b6f1bcb2cf4e6ad429cd721b942f30f\System.Xaml.ni.dll
MOD - [2012.05.16 01:03:28 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012.05.16 01:02:34 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.05.16 01:00:38 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.16 00:58:59 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.16 00:58:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.05.16 00:56:07 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\190e1740c9b998105a47ec31df0b6f11\PresentationFramework.Luna.ni.dll
MOD - [2012.05.16 00:53:21 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_381d9d0c\mscorlib.dll
MOD - [2012.05.16 00:53:15 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_afb934ab\system.xml.dll
MOD - [2012.05.16 00:53:07 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_5dbeca5b\system.dll
MOD - [2012.05.16 00:53:03 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012.05.16 00:53:02 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2012.05.16 00:49:16 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\9f5111b0b58258c3a4bbcfb8bf27374c\System.Data.ni.dll
MOD - [2012.05.16 00:49:10 | 007,052,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\14ba6251d6ec84c9579ed3d3e10b30c1\System.Core.ni.dll
MOD - [2012.05.16 00:49:07 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\5ee8bf77e7b3e25cdbff6e1c299574fe\System.Xml.ni.dll
MOD - [2012.05.16 00:49:04 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\0c8e950df17a0abec10888e8ad966cbe\System.Configuration.ni.dll
MOD - [2012.05.16 00:49:01 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f399163bb35597da7141ccdb7f39d16\System.ni.dll
MOD - [2012.05.16 00:48:54 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- D:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010.05.06 17:53:39 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.05.06 17:53:39 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.05.06 17:53:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2010.04.25 12:57:36 | 000,970,752 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2010.04.25 01:44:53 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2010.04.22 15:27:02 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2010.04.22 15:27:02 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_de_a53cf5803f4c3827\hpqisrtb.resources.dll
MOD - [2010.04.22 15:27:00 | 000,774,144 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2010.04.22 15:26:59 | 000,294,912 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_de_a53cf5803f4c3827\hpqbakup.resources.dll
MOD - [2010.04.22 15:26:46 | 000,380,928 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2010.04.22 15:26:46 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_de_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2010.04.22 15:26:24 | 001,032,192 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2010.04.22 15:26:24 | 000,331,776 | ---- | M] () -- c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_de_a53cf5803f4c3827\hpqedit.resources.dll
MOD - [2010.04.22 15:26:23 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2010.04.22 15:26:22 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2010.04.22 15:26:20 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2010.04.22 15:26:17 | 000,512,000 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2010.04.22 15:26:17 | 000,015,360 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\3.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2010.04.22 15:26:17 | 000,010,752 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\3.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2010.04.22 15:26:16 | 000,364,544 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2010.04.22 15:26:16 | 000,188,416 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2010.04.22 15:26:16 | 000,135,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_de_a53cf5803f4c3827\hpqcc2.resources.dll
MOD - [2010.04.22 15:26:16 | 000,122,880 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_de_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2010.04.22 15:26:16 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2010.04.22 15:26:16 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2010.04.22 15:26:16 | 000,045,056 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2010.04.22 15:26:16 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2010.04.22 15:26:16 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2010.04.22 15:26:16 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2010.04.22 15:26:16 | 000,012,800 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_de_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2010.04.22 15:26:15 | 000,589,824 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2010.04.22 15:24:57 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2010.04.22 15:24:57 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2010.04.22 15:24:57 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_de_a53cf5803f4c3827\hpqprrsc.resources.dll
MOD - [2010.04.22 15:24:56 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2010.04.22 15:24:56 | 000,225,280 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2010.04.22 15:24:56 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2010.04.22 15:24:56 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2010.04.22 15:24:56 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2010.04.22 15:24:56 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2010.04.22 15:24:56 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2010.04.22 15:24:56 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2010.04.22 15:24:56 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2010.04.22 15:24:19 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.04.22 15:24:19 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_de_b77a5c561934e089\system.resources.dll
MOD - [2010.04.22 15:23:35 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2010.03.15 16:57:20 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2008.06.25 14:13:48 | 005,625,344 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.01.10 10:50:20 | 000,024,576 | R--- | M] () -- C:\WINDOWS\system32\AsIO.dll
MOD - [2005.05.11 16:39:32 | 000,565,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\pngio.dll


========== Win32 Services (SafeList) ==========

SRV - [2012.07.20 16:03:29 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.19 08:20:34 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.12 21:16:55 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- D:\Games\Smite\HiPatchService.exe -- (HiPatchService)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.06.23 12:21:19 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.05 23:23:48 | 000,222,568 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.02.24 22:01:00 | 003,432,444 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2004.09.29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Programme\Garena Classic\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0ms4o30)
DRV - [2012.07.08 19:37:07 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.08.30 17:28:46 | 006,435,432 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011.01.05 23:23:40 | 000,042,112 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2011.01.03 10:38:36 | 000,136,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.01.03 10:38:36 | 000,121,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011.01.03 10:38:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010.12.21 07:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.12.21 07:55:02 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2010.12.21 07:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010.12.21 07:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010.12.19 13:33:03 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.12.19 13:32:54 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.12.19 13:32:54 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.04.01 04:50:10 | 000,103,424 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FXX\qcusbser.sys -- (qcusbser)
DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.03.17 14:24:06 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2008.06.25 18:47:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://leagueoflegends.com/
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://www.google.co...ch?hl=en-GB&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\11002 [2012.03.20 12:43:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.07.19 08:20:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.07.10 17:42:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\11002 [2012.03.20 12:43:06 | 000,000,000 | ---D | M]

[2010.04.22 16:13:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Extensions
[2012.06.30 16:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\extensions
[2012.07.19 10:27:12 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions
[2010.07.25 10:11:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.25 18:35:55 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.31 22:03:38 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\[email protected]
[2012.06.30 16:07:00 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Mozilla\Firefox\Profiles\zzitqsk4.default\extensions\[email protected]
[2012.07.14 19:34:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.10.07 14:41:45 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MöRTL\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ZZITQSK4.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MöRTL\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\ZZITQSK4.DEFAULT\EXTENSIONS\[email protected]
[2012.07.19 08:20:35 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.17 20:03:24 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.17 20:03:24 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.17 20:03:24 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.17 20:03:23 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.17 20:03:23 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.17 20:03:23 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: http://search.babylo...000002215853a55
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.babylo...000002215853a55
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Programme\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Anwendungsdaten\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Dokumente und Einstellungen\M\u00F6rtl\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Programme\DNA\plugins\npbtdna.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programme\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: General Crawler = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: Web Assistant = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: GoPhoto.it = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.1_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: General Crawler = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: Web Assistant = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: GoPhoto.it = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.1_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.07.18 02:33:41 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Aeria Ignite] C:\Programme\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LifeCam] C:\Programme\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PDFPrint] D:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [Six Engine] C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe ()
O4 - HKLM..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1993962763-746137067-839522115-1003..\Run: [Akamai NetSession Interface] C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-1993962763-746137067-839522115-1003..\Run: [DAEMON Tools Pro Agent] D:\Programme\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk = D:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Dokumente und Einstellungen\Mörtl\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-746137067-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-1993962763-746137067-839522115-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1340790576406 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6293937-AC61-425D-9EAE-F1BF34B1623E}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.04.22 15:09:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012.07.20 15:29:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Flyff
[2012.07.17 09:41:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Aeria Games
[2012.07.16 22:03:40 | 000,000,000 | ---D | C] -- C:\Programme\Gameforge
[2012.07.16 22:03:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Gameforge
[2012.07.16 21:05:16 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2012.07.16 21:05:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AeriaGames
[2012.07.16 21:05:14 | 000,000,000 | ---D | C] -- C:\Programme\Aeria Games
[2012.07.16 21:05:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Aeria Games & Entertainment
[2012.07.16 20:43:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai
[2012.07.16 20:43:00 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012.07.15 21:51:31 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.07.10 19:07:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012.07.10 18:32:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Chromium
[2012.07.10 18:32:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\My Games
[2012.07.10 17:56:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hi-Rez Studios
[2012.07.10 17:56:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Hi-Rez Studios
[2012.07.10 17:56:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Application Data
[2012.07.10 15:50:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\NetSpeedMonitor
[2012.07.10 15:34:42 | 000,000,000 | ---D | C] -- C:\Programme\NetSpeedMonitor
[2012.07.10 10:31:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Avira
[2012.07.10 10:26:22 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012.07.10 10:26:20 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.07.10 10:26:20 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.07.10 10:26:20 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.07.10 10:26:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2012.07.08 21:27:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\Assassin's Creed Revelations
[2012.07.08 20:47:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PunkBuster
[2012.07.08 20:47:14 | 000,000,000 | ---D | C] -- C:\Programme\Ubisoft
[2012.07.08 19:37:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DAEMON Tools Pro
[2012.07.08 19:36:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro
[2012.06.30 22:27:40 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.06.30 22:27:40 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.06.30 20:54:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.06.30 16:13:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Premium
[2012.06.30 16:12:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OptimizerPro
[2012.06.30 16:07:02 | 000,000,000 | ---D | C] -- C:\Programme\Gophoto.it
[2012.06.30 16:05:55 | 000,000,000 | ---D | C] -- C:\Programme\1ClickDownload
[2012.06.26 10:48:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.06.25 12:05:04 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Mörtl\Recent
[2012.06.25 10:24:39 | 002,869,264 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Mörtl\Desktop\dotNetFx35setup.exe
[2012.06.25 10:21:26 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Mörtl\PrivacIE
[2012.06.23 12:22:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Sun
[2012.06.23 12:22:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.06.23 12:21:53 | 000,000,000 | ---D | C] -- C:\Programme\Oracle
[2012.06.23 12:21:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Oracle
[2012.06.23 12:21:38 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.06.23 12:21:31 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.06.23 12:21:31 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.06.21 22:11:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Plants vs. Zombies
[2012.06.21 14:13:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2012.06.21 14:13:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Games
[2012.06.21 14:11:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Big Fish Games
[2012.06.21 14:09:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BigFishGamesCache

========== Files - Modified Within 30 Days ==========

[2012.07.20 19:24:20 | 000,527,534 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.07.20 19:24:20 | 000,502,744 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.20 19:24:20 | 000,105,628 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.07.20 19:24:20 | 000,088,268 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.07.20 19:20:15 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2012.07.20 19:19:41 | 000,198,612 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.07.20 19:19:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.20 19:04:00 | 000,001,210 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-746137067-839522115-1003UA.job
[2012.07.20 19:03:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.07.20 18:26:10 | 000,000,077 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\reset.bat
[2012.07.20 16:03:28 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.07.20 16:03:28 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.07.20 09:18:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.19 21:04:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-746137067-839522115-1003Core.job
[2012.07.18 02:47:44 | 000,157,952 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.18 02:46:18 | 000,000,630 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.18 02:33:41 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.07.17 16:49:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.07.16 22:03:41 | 000,001,930 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AION Free-To-Play.lnk
[2012.07.16 21:05:15 | 000,001,725 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aeria Ignite.lnk
[2012.07.13 13:14:42 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\HRUPPROG.DIE.NOW
[2012.07.12 19:49:57 | 000,002,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\Google Chrome.lnk
[2012.07.12 09:16:02 | 000,123,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.11 23:30:37 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.07.10 17:56:13 | 000,000,640 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Smite Closed Beta.lnk
[2012.07.10 17:56:13 | 000,000,631 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Hi-Rez Diagnostics and Support.lnk
[2012.07.10 14:43:38 | 000,045,194 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\room_v3.dat
[2012.07.10 11:41:35 | 000,494,693 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\Alter Verwalter.jpg
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.07.03 10:21:06 | 000,002,047 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2012.06.30 22:33:42 | 000,000,142 | -H-- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\.~lock.ycyvcxxcyvbvvbvcb.odt#
[2012.06.30 22:31:03 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.06.30 21:00:28 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012.06.30 16:17:05 | 000,000,703 | ---- | M] () -- C:\user.js
[2012.06.27 18:30:59 | 000,561,593 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\bilder papa gebu.odt
[2012.06.27 18:20:22 | 000,260,237 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertel.gif
[2012.06.27 18:19:33 | 000,131,534 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertl2.GIF
[2012.06.26 19:02:20 | 000,040,430 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\cqwxleiy.JPG
[2012.06.26 18:56:50 | 000,019,305 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\TS.JPG
[2012.06.25 20:20:17 | 000,003,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\test.JPG
[2012.06.25 10:24:41 | 002,869,264 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Mörtl\Desktop\dotNetFx35setup.exe
[2012.06.23 12:21:18 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.06.23 12:21:18 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.06.23 12:21:18 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.06.23 12:21:18 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.06.22 15:08:33 | 000,387,410 | ---- | M] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\pb.bmp

========== Files Created - No Company Name ==========

[2012.07.20 18:26:10 | 000,000,077 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\reset.bat
[2012.07.20 15:31:03 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.07.18 02:46:18 | 000,000,630 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.16 22:03:41 | 000,001,930 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AION Free-To-Play.lnk
[2012.07.16 21:05:15 | 000,001,725 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aeria Ignite.lnk
[2012.07.13 13:14:42 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\HRUPPROG.DIE.NOW
[2012.07.10 17:56:13 | 000,000,640 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Smite Closed Beta.lnk
[2012.07.10 17:56:13 | 000,000,631 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Hi-Rez Diagnostics and Support.lnk
[2012.07.10 11:41:35 | 000,494,693 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\Alter Verwalter.jpg
[2012.06.30 22:33:42 | 000,000,142 | -H-- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\.~lock.ycyvcxxcyvbvvbvcb.odt#
[2012.06.30 22:31:03 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader X.lnk
[2012.06.30 22:31:03 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.06.30 21:00:26 | 000,001,650 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
[2012.06.30 21:00:26 | 000,000,836 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk
[2012.06.30 21:00:26 | 000,000,640 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk
[2012.06.30 16:12:33 | 000,000,703 | ---- | C] () -- C:\user.js
[2012.06.30 10:37:00 | 000,045,194 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\room_v3.dat
[2012.06.27 18:30:58 | 000,561,593 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\bilder papa gebu.odt
[2012.06.27 18:19:28 | 000,131,534 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertl2.GIF
[2012.06.27 18:14:06 | 000,260,237 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\waldviertel.gif
[2012.06.26 19:00:44 | 000,040,430 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\cqwxleiy.JPG
[2012.06.26 18:56:50 | 000,019,305 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\TS.JPG
[2012.06.26 10:49:44 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.06.25 20:20:17 | 000,003,366 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Eigene Dateien\test.JPG
[2012.06.22 14:18:34 | 000,387,410 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Desktop\pb.bmp
[2012.05.17 23:03:22 | 000,087,352 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.05.15 21:05:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.03.31 04:52:14 | 000,545,302 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1993962763-746137067-839522115-1003-0.dat
[2012.03.31 04:52:14 | 000,183,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.02.11 22:37:14 | 000,000,854 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\recently-used.xbel
[2011.05.14 08:52:58 | 000,030,253 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2011.01.24 21:06:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011.01.21 09:32:03 | 000,000,003 | ---- | C] () -- C:\WINDOWS\treeskp.sys
[2011.01.21 09:32:03 | 000,000,003 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2011.01.12 13:16:57 | 000,001,206 | ---- | C] () -- C:\WINDOWS\DISNEY.INI
[2011.01.04 17:10:56 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011.01.04 17:10:56 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011.01.04 17:10:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011.01.04 17:10:56 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2010.10.31 22:43:09 | 000,138,056 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PnkBstrK.sys
[2010.10.31 22:42:41 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.10.18 19:43:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.10.18 19:43:00 | 000,042,112 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.10.10 19:00:19 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2010.09.22 12:12:49 | 000,003,010 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PData.MMM
[2010.09.22 12:12:49 | 000,003,010 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PData.MM1
[2010.08.22 09:59:20 | 000,000,037 | ---- | C] () -- C:\WINDOWS\mpegtoiPodconverter.ini
[2010.08.22 09:58:25 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SysMPEGtoiPod.dat
[2010.08.08 00:42:56 | 000,029,440 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.04.22 17:26:10 | 000,123,392 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.22 15:37:07 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

========== LOP Check ==========

[2012.05.13 00:47:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net
[2010.05.06 17:59:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bentley
[2012.06.30 16:47:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Big Fish Games
[2010.12.19 13:45:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2010.12.11 22:26:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2012.07.08 20:24:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro
[2011.05.11 14:16:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2011.04.28 17:00:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Firefly Studios
[2012.07.10 17:56:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hi-Rez Studios
[2012.01.07 18:39:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\id Software
[2010.07.09 19:45:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mquadr.at
[2012.06.30 16:12:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OptimizerPro
[2012.06.30 16:13:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Premium
[2011.02.28 20:24:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2012.06.21 15:14:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2012.07.08 21:27:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010.08.19 13:39:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010.05.11 13:49:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2010.07.09 18:49:46 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{0AB34A1C-91C1-45BB-8B32-A0746A30DC96}
[2010.06.22 14:49:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.07.09 15:28:34 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{C3358ED5-0ADD-4BA0-8F60-B5A7CD34BD14}
[2010.09.30 07:52:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\PDF Software
[2011.07.14 13:21:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\.minecraft
[2012.07.16 21:05:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Aeria Games & Entertainment
[2011.06.15 16:39:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Ahnenblatt
[2010.09.22 12:12:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\AUTOSICH
[2010.05.06 17:59:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Bentley
[2012.06.25 12:06:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DAEMON Tools Lite
[2012.07.08 20:24:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DAEMON Tools Pro
[2012.05.23 11:19:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DVDVideoSoft
[2012.05.23 11:19:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.06.12 11:56:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Facebook
[2011.05.31 15:34:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\GenJ3
[2010.12.16 12:13:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\GetRightToGo
[2011.04.28 14:43:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\gtk-2.0
[2011.05.19 21:41:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\ICQ
[2011.08.24 19:00:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\id Software
[2010.06.30 00:42:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\LolClient
[2012.05.24 13:57:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\LolClient2
[2012.07.20 19:25:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\NetSpeedMonitor
[2011.02.14 17:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Notepad++
[2011.05.15 00:29:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Octoshape
[2010.04.25 12:58:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\OpenOffice.org
[2012.06.23 12:21:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Oracle
[2010.09.04 21:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PDF Software
[2012.07.08 20:47:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\PunkBuster
[2010.10.18 19:41:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Samsung
[2012.05.14 10:28:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\ScummVM
[2012.06.25 12:06:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\TS3Client
[2010.09.15 20:05:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Ubisoft
[2012.01.07 18:17:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Unity
[2012.07.20 19:20:15 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:B1FBBD09

< End of report >


Extras.txt
OTL Extras logfile created on: 20.07.2012 19:22:14 - Run 3
OTL by OldTimer - Version 3.2.54.0 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,25 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 74,80% Memory free
5,09 Gb Paging File | 4,41 Gb Available in Paging File | 86,66% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 7,35 Gb Free Space | 25,08% Space Free | Partition Type: NTFS
Drive D: | 98,70 Gb Total Space | 12,46 Gb Free Space | 12,63% Space Free | Partition Type: NTFS

Computer Name: MARTIN | User Name: Mörtl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1993962763-746137067-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57074:TCP" = 57074:TCP:*:Enabled:Pando Media Booster
"57074:UDP" = 57074:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"57074:TCP" = 57074:TCP:*:Enabled:Pando Media Booster
"57074:UDP" = 57074:UDP:*:Enabled:Pando Media Booster
"8395:TCP" = 8395:TCP:*:Enabled:League of Legends Launcher
"8395:UDP" = 8395:UDP:*:Enabled:League of Legends Launcher
"8396:TCP" = 8396:TCP:*:Enabled:League of Legends Launcher
"8396:UDP" = 8396:UDP:*:Enabled:League of Legends Launcher
"8397:TCP" = 8397:TCP:*:Enabled:League of Legends Launcher
"8397:UDP" = 8397:UDP:*:Enabled:League of Legends Launcher
"8398:TCP" = 8398:TCP:*:Enabled:League of Legends Launcher
"8398:UDP" = 8398:UDP:*:Enabled:League of Legends Launcher
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1403:UDP" = 1403:UDP:*:Enabled:Windows Media Format SDK (winamp.exe)
"6112:TCP" = 6112:TCP:*:Enabled:Warcraft
"8088:TCP" = 8088:TCP:*:Enabled:lol
"8399:TCP" = 8399:TCP:*:Enabled:afdsdf
"8400:TCP" = 8400:TCP:*:Enabled:sadfasd
"5001:UDP" = 5001:UDP:*:Enabled:fdsf
"5002:TCP" = 5002:TCP:*:Enabled:fsadfsd
"5003:TCP" = 5003:TCP:*:Enabled:lol2
"1119:TCP" = 1119:TCP:*:Enabled:tst
"4747:TCP" = 4747:TCP:*:Enabled:mws
"4747:UDP" = 4747:UDP:*:Enabled:nws
"1035:TCP" = 1035:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"D:\Games\justcause\Steam.exe" = D:\Games\justcause\Steam.exe:*:Enabled:Steam
"D:\Games\justcause\SteamApps\common\just cause 2 demo\JustCause2.exe" = D:\Games\justcause\SteamApps\common\just cause 2 demo\JustCause2.exe:*:Enabled:Just Cause 2 Demo
"D:\Games\League of Legends\Air\LolClient.exe" = D:\Games\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby
"D:\Games\League of Legends\Game\League of Legends.exe" = D:\Games\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client
"D:\Programme\mIRC\mirc.exe" = D:\Programme\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Programme\aon\aonController\aonController.exe" = C:\Programme\aon\aonController\aonController.exe:*:Enabled:Controller -- (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: [email protected])
"D:\Games\Siedler III\s3.exe" = D:\Games\Siedler III\s3.exe:*:Enabled:Siedler3
"C:\Programme\Microsoft LifeCam\LifeCam.exe" = C:\Programme\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Programme\Microsoft LifeCam\LifeEnC2.exe" = C:\Programme\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Programme\Microsoft LifeCam\LifeExp.exe" = C:\Programme\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Programme\Microsoft LifeCam\LifeTray.exe" = C:\Programme\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"D:\Games\Assassin's Creed II\AssassinsCreedIIGame.exe" = D:\Games\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II
"D:\Games\Assassin's Creed II\AssassinsCreedII.exe" = D:\Games\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update
"D:\Games\Assassin's Creed II\UPlayBrowser.exe" = D:\Games\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB
"D:\Programme\VideoLAN\VLC\vlc.exe" = D:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"D:\Games\Stronghold1\Stronghold.exe" = D:\Games\Stronghold1\Stronghold.exe:*:Enabled:Stronghold
"D:\Games\UT\System\UnrealTournament.exe" = D:\Games\UT\System\UnrealTournament.exe:*:Enabled:UnrealTournament -- ()
"D:\Games\Counter-Strike 1.6\hl.exe" = D:\Games\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher
"C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Dokumente und Einstellungen\Mörtl\Anwendungsdaten\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary
"D:\Games\Metin2\Metin2\metin2client.bin" = D:\Games\Metin2\Metin2\metin2client.bin:*:Enabled:metin2client
"D:\Programme\LOLReplay\LOLReplay.exe" = D:\Programme\LOLReplay\LOLReplay.exe:*:Enabled:LOL Replay
"D:\Games\World of Warcraft\Launcher.exe" = D:\Games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher
"D:\Games\World of Warcraft\Launcher.patch.exe" = D:\Games\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher
"D:\Games\World of Warcraft\BackgroundDownloader.exe" = D:\Games\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader
"D:\Games\Warcraft III\Warcraft III.exe" = D:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III
"D:\Games\Warcraft III\yawle.exe" = D:\Games\Warcraft III\yawle.exe:*:Enabled:yawle
"D:\Games\Warcraft III\Frozen Throne.exe" = D:\Games\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne
"D:\Programme\Garena Classic\Garena.exe" = D:\Programme\Garena Classic\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe" = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface -- (Akamai Technologies, Inc)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\vghd\bin\Virtuagirl_Downloader.exe" = C:\Dokumente und Einstellungen\Mörtl\Lokale Einstellungen\Anwendungsdaten\vghd\bin\Virtuagirl_Downloader.exe:*:Enabled:DLManager
"D:\Games\OpenLieroX\OpenLieroX.exe" = D:\Games\OpenLieroX\OpenLieroX.exe:*:Enabled:OpenLieroX
"D:\Games\AOE 2\age2_x1.exe" = D:\Games\AOE 2\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Downloads\Diablo-III-8370-deDE-Installer-downloader.exe" = D:\Downloads\Diablo-III-8370-deDE-Installer-downloader.exe:*:Enabled:Blizzard Downloader
"D:\Downloads\Diablo-III-8370-deDE-Installer-downloader(1).exe" = D:\Downloads\Diablo-III-8370-deDE-Installer-downloader(1).exe:*:Enabled:Blizzard Downloader
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.524\Agent.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.524\Agent.exe:*:Enabled:Blizzard Agent
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.954\Agent.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.954\Agent.exe:*:Enabled:Blizzard Agent
"D:\Downloads\Diablo-III-8370-enGB-Installer-downloader.exe" = D:\Downloads\Diablo-III-8370-enGB-Installer-downloader.exe:*:Enabled:Blizzard Downloader
"D:\Games\Diablo III\Diablo III\Diablo III.exe" = D:\Games\Diablo III\Diablo III\Diablo III.exe:*:Enabled:Diablo III -- (Blizzard Entertainment)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.976\Agent.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.976\Agent.exe:*:Enabled:Blizzard Agent
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.998\Agent.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.998\Agent.exe:*:Enabled:Blizzard Agent -- (Blizzard Entertainment)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.1040\Agent.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net\Agent\Agent.1040\Agent.exe:*:Enabled:Blizzard Agent -- (Blizzard Entertainment)
"D:\Games\LoL\League of Legends\lol.launcher.exe" = D:\Games\LoL\League of Legends\lol.launcher.exe:*:Enabled:League of Legends spielen
"D:\Games\League of Legends\lol.launcher.admin.exe" = D:\Games\League of Legends\lol.launcher.admin.exe:*:Enabled:lol.launcher.admin -- ()
"C:\Programme\MSN Gaming Zone\Windows\hrtzzm.exe" = C:\Programme\MSN Gaming Zone\Windows\hrtzzm.exe:*:Enabled:Internet-Hearts -- (Microsoft Corporation)
"C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager
"C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- ()
"D:\Games\acrev\ACRMP.exe" = D:\Games\acrev\ACRMP.exe:*:Enabled:Assassin's Creed Revelations Multiplayer


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0DE8527A-FE3E-4FCA-A023-D57EF0B796C9}_is1" = Plants vs. Zombies 1.0.4.7924 (by Scar)
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{195FF80D-6C1E-4B7A-A48E-45C0AEAC0F24}" = Microsoft LifeCam
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1C30EE39-7644-49CC-9E04-D2D2009D7FBD}" = BVRP_CUE
"{1ED31028-6D65-4CFD-AD03-8E484A052FE7}" = aonUpdate
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite Closed Beta
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{57F5CC1D-2E00-4008-8CEC-EFE61B2E58AE}" = Visual Basic for Applications ® Core - German
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{699BAC7F-DC10-4709-97D8-45379301BBE7}" = NVIDIA PhysX v8.08.01
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7B08D306-7266-4647-A926-2F78817ED1E0}" = Microsoft Corporation
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.9.0
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86501894-E722-4385-A792-B7C2F28FAE7B}" = NetSpeedMonitor 2.5.4.0 x86
"{88838D48-0421-4F2B-AF81-D08D206DEE4C}_is1" = Flyff
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{904B64C4-49D8-4941-A2B6-D13D06C5CD8B}" = Controller
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{94F15234-1602-49AA-9D8C-4E0655173725}" = Aeria Ignite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B42A6552-1A83-4D79-9137-AB0C9036249A}" = Quake Live Mozilla Plugin
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB1EBA58-4829-4AE5-A9C8-7170E7BA7005}" = Emu64 V4.30
"{FB97C283-1F3C-42D4-AE01-ADC1DC12F774}" = Visual Basic for Applications ® Core
"{FBE371D7-5430-4485-B0EC-529BF08C10CA}" = Bentley MicroStation V8i 08.11.05.17
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Aeria Ignite" = Aeria Ignite
"Aeria Ignite 1.7.1238" = Aeria Ignite
"aonUpdate" = aonUpdate
"Avira AntiVir Desktop" = Avira Free Antivirus
"Controller" = Controller
"DAEMON Tools Pro" = DAEMON Tools Pro
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EADM" = EA Download Manager
"FileHippo.com" = FileHippo.com Update Checker
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube Download_is1" = Free YouTube Download version 3.1.27.508
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"GameSpy Arcade" = GameSpy Arcade
"Garena Classic 2011" = Garena Classic 2011
"GenealogyJ 6592" = GenealogyJ 6592
"GIMP-2_is1" = GIMP 2.8.0
"HP Document Viewer" = HP Document Viewer 5.3
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Photo & Imaging" = HP Image Zone 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"ie8" = Windows Internet Explorer 8
"InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"Little Fighter 2" = Little Fighter 2 version 2.0
"Magic Workstation_is1" = Magic Workstation 0.94f
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"mIRC" = mIRC
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MTG GamePack for Magic Workstation_is1" = MTG GamePack for Magic Workstation
"NCLauncher_GameForge" = NC Launcher (GameForge)
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"PokerStars" = PokerStars
"Replay Explorer_is1" = Replay Explorer 2
"S3" = Die Siedler III Gold Edition
"ST6UNST #1" = Quick64 v1.0 BETA (Full)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"UnZip Me" = UnZip Me
"VLC media player" = VLC media player 1.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1993962763-746137067-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.07.2012 07:32:45 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 15.07.2012 16:10:57 | Computer Name = MARTIN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Smite.exe, Version 0.1.954.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 16.07.2012 03:58:16 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 16.07.2012 03:58:38 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 16.07.2012 04:15:15 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 17.07.2012 03:43:27 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 19.07.2012 02:20:18 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 20.07.2012 03:21:16 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

Error - 20.07.2012 11:03:08 | Computer Name = MARTIN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung FlashPlayerUpdateService.exe, Version 11.3.300.265,
fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000113c0.

Error - 20.07.2012 13:16:07 | Computer Name = MARTIN | Source = MsiInstaller | ID = 11706
Description = Product: DocumentViewer -- Error 1706.No valid source could be found
for product DocumentViewer. The Windows Installer cannot continue.

[ System Events ]
Error - 17.07.2012 20:32:30 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.

Error - 17.07.2012 20:32:31 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.

Error - 17.07.2012 20:32:31 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "MSCamSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.

Error - 17.07.2012 20:32:31 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.

Error - 17.07.2012 20:32:40 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.

Error - 17.07.2012 20:33:41 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..

Error - 20.07.2012 09:31:49 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2001

Error - 20.07.2012 09:57:27 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2001

Error - 20.07.2012 09:58:49 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NPPTNT2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2001

Error - 20.07.2012 13:17:26 | Computer Name = MARTIN | Source = Service Control Manager | ID = 7034
Description = Dienst "Pml Driver HPZ12" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.


< End of report >
  • 0

#28
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Can you connect now?
  • 0

#29
Modin

Modin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Yes I can. ;)
  • 0

#30
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
It appears that several of the toolbars had reinstalled on your machine. If you are asked to install something make sure it does not foist toolbars on you.

Try it for a day or two and then please come back and update me. I will leave this one open for a couple days.

Regards,

CompCav
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP