Trojaner- und Wurmbefall beseitigt oder noch vorhanden?

Catarina · 06.08.2010, 14:59

Hallo,

vor Kurzem meldete Antivir mir einen Befall mit folgenden Schädlingen:

TR/Drop.Agent.afqs
TR/Gendal.65024.M
WORM/Autorun.cxl

Ich habe dann mit Antivir alle befallenenDateien gelöscht und ein erneuter Scan meldet keine Infektion mehr.

AntiVir-Report-Datei:

Code:

ATTFilter

Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Freitag, 6. August 2010  13:34

Es wird nach 2680386 Virenstämmen gesucht.

Lizenznehmer   : Avira AntiVir Personal - FREE Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows Vista 64 Bit
Windowsversion : (plain)  [6.1.7600]
Boot Modus     : Normal gebootet
Benutzername   : Katze
Computername   : RECHNER

Versionsinformationen:
BUILD.DAT      : 9.0.0.422           Bytes  09.03.2010 10:23:00
AVSCAN.EXE     : 9.0.3.10     466689 Bytes  19.11.2009 17:18:58
AVSCAN.DLL     : 9.0.3.0       49409 Bytes  13.02.2009 11:04:10
LUKE.DLL       : 9.0.3.2      209665 Bytes  20.02.2009 10:35:44
LUKERES.DLL    : 9.0.2.0       13569 Bytes  26.01.2009 09:41:59
VBASE000.VDF   : 7.10.0.0   19875328 Bytes  06.11.2009 17:18:58
VBASE001.VDF   : 7.10.1.0    1372672 Bytes  19.11.2009 17:18:44
VBASE002.VDF   : 7.10.3.1    3143680 Bytes  20.01.2010 16:36:49
VBASE003.VDF   : 7.10.3.75    996864 Bytes  26.01.2010 16:26:34
VBASE004.VDF   : 7.10.4.203   1579008 Bytes  05.03.2010 17:22:50
VBASE005.VDF   : 7.10.6.82   2494464 Bytes  15.04.2010 19:24:38
VBASE006.VDF   : 7.10.7.218   2294784 Bytes  02.06.2010 17:49:21
VBASE007.VDF   : 7.10.9.165   4840960 Bytes  23.07.2010 15:28:17
VBASE008.VDF   : 7.10.9.166      2048 Bytes  23.07.2010 15:28:17
VBASE009.VDF   : 7.10.9.167      2048 Bytes  23.07.2010 15:28:17
VBASE010.VDF   : 7.10.9.168      2048 Bytes  23.07.2010 15:28:17
VBASE011.VDF   : 7.10.9.169      2048 Bytes  23.07.2010 15:28:17
VBASE012.VDF   : 7.10.9.170      2048 Bytes  23.07.2010 15:28:17
VBASE013.VDF   : 7.10.9.198    157696 Bytes  26.07.2010 19:25:57
VBASE014.VDF   : 7.10.9.255    997888 Bytes  29.07.2010 20:38:32
VBASE015.VDF   : 7.10.10.28    139264 Bytes  02.08.2010 16:22:58
VBASE016.VDF   : 7.10.10.52    127488 Bytes  03.08.2010 17:15:17
VBASE017.VDF   : 7.10.10.53      1536 Bytes  03.08.2010 17:15:17
VBASE018.VDF   : 7.10.10.54      1536 Bytes  03.08.2010 17:15:17
VBASE019.VDF   : 7.10.10.55      1536 Bytes  03.08.2010 17:15:17
VBASE020.VDF   : 7.10.10.56      1536 Bytes  03.08.2010 17:15:17
VBASE021.VDF   : 7.10.10.57      1536 Bytes  03.08.2010 17:15:17
VBASE022.VDF   : 7.10.10.58      1536 Bytes  03.08.2010 17:15:17
VBASE023.VDF   : 7.10.10.59      1536 Bytes  03.08.2010 17:15:17
VBASE024.VDF   : 7.10.10.60      1536 Bytes  03.08.2010 17:15:17
VBASE025.VDF   : 7.10.10.61      1536 Bytes  03.08.2010 17:15:17
VBASE026.VDF   : 7.10.10.62      1536 Bytes  03.08.2010 17:15:17
VBASE027.VDF   : 7.10.10.63      1536 Bytes  03.08.2010 17:15:17
VBASE028.VDF   : 7.10.10.64      1536 Bytes  03.08.2010 17:15:17
VBASE029.VDF   : 7.10.10.65      1536 Bytes  03.08.2010 17:15:17
VBASE030.VDF   : 7.10.10.66      1536 Bytes  03.08.2010 17:15:17
VBASE031.VDF   : 7.10.10.82    116224 Bytes  05.08.2010 20:09:56
Engineversion  : 8.2.4.32 
AEVDF.DLL      : 8.1.2.1      106868 Bytes  29.07.2010 20:38:56
AESCRIPT.DLL   : 8.1.3.42    1364347 Bytes  29.07.2010 20:38:56
AESCN.DLL      : 8.1.6.1      127347 Bytes  12.05.2010 20:05:59
AESBX.DLL      : 8.1.3.1      254324 Bytes  25.04.2010 18:25:34
AERDL.DLL      : 8.1.8.2      614772 Bytes  20.07.2010 15:20:56
AEPACK.DLL     : 8.2.3.3      471414 Bytes  29.07.2010 20:38:50
AEOFFICE.DLL   : 8.1.1.8      201081 Bytes  22.07.2010 15:20:51
AEHEUR.DLL     : 8.1.2.10    2830711 Bytes  29.07.2010 20:38:48
AEHELP.DLL     : 8.1.13.2     242039 Bytes  20.07.2010 15:20:20
AEGEN.DLL      : 8.1.3.18     393589 Bytes  29.07.2010 20:38:37
AEEMU.DLL      : 8.1.2.0      393588 Bytes  25.04.2010 18:25:33
AECORE.DLL     : 8.1.16.2     192887 Bytes  20.07.2010 15:20:14
AEBB.DLL       : 8.1.1.0       53618 Bytes  25.04.2010 18:25:33
AVWINLL.DLL    : 9.0.0.3       18177 Bytes  12.12.2008 07:47:56
AVPREF.DLL     : 9.0.3.0       44289 Bytes  01.10.2009 22:26:55
AVREP.DLL      : 8.0.0.7      159784 Bytes  18.02.2010 16:57:46
AVREG.DLL      : 9.0.0.0       36609 Bytes  07.11.2008 14:25:04
AVARKT.DLL     : 9.0.0.3      292609 Bytes  24.03.2009 14:05:37
AVEVTLOG.DLL   : 9.0.0.7      167169 Bytes  30.01.2009 09:37:04
SQLITE3.DLL    : 3.6.1.0      326401 Bytes  28.01.2009 14:03:49
SMTPLIB.DLL    : 9.2.0.25      28417 Bytes  02.02.2009 07:21:28
NETNT.DLL      : 9.0.0.0       11521 Bytes  07.11.2008 14:41:21
RCIMAGE.DLL    : 9.0.0.25    2438913 Bytes  15.05.2009 14:35:17
RCTEXT.DLL     : 9.0.73.0      87297 Bytes  19.11.2009 17:18:58

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Lokale Laufwerke
Konfigurationsdatei...................: c:\program files (x86)\avira\antivir desktop\alldrives.avp
Protokollierung.......................: niedrig
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, E:, H:, I:, J:, M:, F:, K:, L:, 
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: mittel

Beginn des Suchlaufs: Freitag, 6. August 2010  13:34

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'daupdatersvc.service.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVCM.EXE' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'RichVideo.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'KHALMNPR.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'SMSvcHost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'ARCGIS.EXE' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'mdm.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'lmgrd.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'lmgrd.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'cm106eye.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'NokiaMServer.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ASROC.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'RTSS.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SetPoint32.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RivaTuner.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'zlclient.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SetPoint.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'LGDCore.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'explorer.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'vsmon.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '0' Modul(e) wurden durchsucht
Es wurden '10' Prozesse mit '10' Modulen durchsucht

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!
    [INFO]      Bitte starten Sie den Suchlauf erneut mit Administratorrechten
Masterbootsektor HD1
    [INFO]      Es wurde kein Virus gefunden!
    [INFO]      Bitte starten Sie den Suchlauf erneut mit Administratorrechten
Masterbootsektor HD2
    [INFO]      Es wurde kein Virus gefunden!
    [INFO]      Bitte starten Sie den Suchlauf erneut mit Administratorrechten
Masterbootsektor HD3
    [INFO]      Es wurde kein Virus gefunden!
    [INFO]      Bitte starten Sie den Suchlauf erneut mit Administratorrechten
Masterbootsektor HD4
    [INFO]      Es wurde kein Virus gefunden!
    [INFO]      Bitte starten Sie den Suchlauf erneut mit Administratorrechten

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!
    [INFO]      Bitte starten Sie den Suchlauf erneut mit Administratorrechten
Bootsektor 'D:\'
    [INFO]      Es wurde kein Virus gefunden!
    [INFO]      Bitte starten Sie den Suchlauf erneut mit Administratorrechten
Bootsektor 'E:\'
    [INFO]      Es wurde kein Virus gefunden!
    [INFO]      Bitte starten Sie den Suchlauf erneut mit Administratorrechten
Bootsektor 'H:\'
    [INFO]      Im  Laufwerk 'H:\' ist kein Datenträger eingelegt!
Bootsektor 'I:\'
    [INFO]      Im  Laufwerk 'I:\' ist kein Datenträger eingelegt!
Bootsektor 'J:\'
    [INFO]      Im  Laufwerk 'J:\' ist kein Datenträger eingelegt!
Bootsektor 'M:\'
    [INFO]      Im  Laufwerk 'M:\' ist kein Datenträger eingelegt!

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '31' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\hiberfil.sys
    [WARNUNG]   Die Datei konnte nicht geöffnet werden!
    [HINWEIS]   Bei dieser Datei handelt es sich um eine Windows Systemdatei.
    [HINWEIS]   Es ist in Ordnung, dass diese Datei für die Suche nicht geöffnet werden kann.
C:\pagefile.sys
    [WARNUNG]   Die Datei konnte nicht geöffnet werden!
    [HINWEIS]   Bei dieser Datei handelt es sich um eine Windows Systemdatei.
    [HINWEIS]   Es ist in Ordnung, dass diese Datei für die Suche nicht geöffnet werden kann.
C:\Users\Katze\Downloads\DivXInstaller.exe
  [0] Archivtyp: NSIS
    --> ProgramFilesDir/Installer.exe
      [1] Archivtyp: NSIS
      --> ProgramFilesDir/[UnknownDir]
        [WARNUNG]   Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen.
    --> ProgramFilesDir/Installer.exe
      [WARNUNG]   Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen.
    [WARNUNG]   Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen.
C:\Windows\System32\drivers\sptd.sys
    [WARNUNG]   Die Datei konnte nicht geöffnet werden!
Beginne mit der Suche in 'D:\'
D:\zu sortieren\wichtiges\mrt2303\setup\SetupJiveXViewerLight.exe
  [0] Archivtyp: NSIS
    --> [TempDir]/nsistemp[UnknownDir]/install.ace
      [1] Archivtyp: ACE
      --> install.jar
        [WARNUNG]   Zu wenig Speicher! Virus bzw. unerwünschtes Programm wurde nicht entfernt!
    --> [TempDir]/nsistemp[UnknownDir]/jre.exe
      [1] Archivtyp: NSIS
      --> ThisNameIsIgnoredSoWhyBother?/jre.ace
        [2] Archivtyp: ACE
        --> lib\zi\Africa\Accra
          [WARNUNG]   Zu wenig Speicher! Virus bzw. unerwünschtes Programm wurde nicht entfernt!
        --> lib\zi\America\Adak
          [WARNUNG]   Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen.
Beginne mit der Suche in 'E:\'
Beginne mit der Suche in 'H:\'
Der zu durchsuchende Pfad H:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'I:\'
Der zu durchsuchende Pfad I:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'J:\'
Der zu durchsuchende Pfad J:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'M:\'
Der zu durchsuchende Pfad M:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'F:\' <DragonAge>
Beginne mit der Suche in 'K:\'
Der zu durchsuchende Pfad K:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'L:\'
Der zu durchsuchende Pfad L:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.


Ende des Suchlaufs: Freitag, 6. August 2010  15:34
Benötigte Zeit:  2:00:31 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  38159 Verzeichnisse wurden überprüft
 1008741 Dateien wurden geprüft
      0 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      3 Dateien konnten nicht durchsucht werden
 1008738 Dateien ohne Befall
   8448 Archive wurden durchsucht
      9 Warnungen
      2 Hinweise

HijackThis-Report-Datei:

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:43:15, on 06.08.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\RivaTuner\RivaTuner.exe
C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\RivaTuner\Tools\RTSS\RTSS.exe
C:\Program Files (x86)\ASRock Utility\OCTuner\ASROC.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Windows\system\Cm106eye.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Katze\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Asz.Citavi.IEPicker.IEPickerButton - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWow64\mscoree.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [RTSS] "C:\Program Files (x86)\RivaTuner\Tools\RTSS\RTSSWrapper.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Global Startup: forteManager.lnk = C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: &Citavi Picker... - file://C:\Program Files (x86)\Internet Explorer\PLUGINS\Citavi Picker\\ShowContextMenu.html
O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MIB0A5~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Citavi Picker - {619D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWow64\mscoree.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIB0A5~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix: 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:  
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ArcGIS License Manager - Acresso Software Inc. - C:\PROGRA~2\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Dragon Age: Origins - Inhaltsupdater (DAUpdaterSvc) - BioWare - d:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10975 bytes

Noch Verdächtiges vorhanden?

Dxdiag:

Code:

ATTFilter

------------------
System Information
------------------
Time of this report: 8/6/2010, 15:52:52
       Machine name: RECHNER
   Operating System: Windows 7 Professional 64-bit (6.1, Build 7600) (7600.win7_gdr.100226-1909)
           Language: German (Regional Setting: German)
System Manufacturer: To Be Filled By O.E.M.
       System Model: To Be Filled By O.E.M.
               BIOS: Default System BIOS
          Processor: AMD Phenom(tm) II X4 955 Processor (4 CPUs), ~3.2GHz
             Memory: 4096MB RAM
Available OS Memory: 4094MB RAM
          Page File: 1786MB used, 6400MB available
        Windows Dir: C:\Windows
    DirectX Version: DirectX 11
DX Setup Parameters: Not found
   User DPI Setting: 120 DPI (125 percent)
 System DPI Setting: 96 DPI (100 percent)
    DWM DPI Scaling: Disabled
     DxDiag Version: 6.01.7600.16385 32bit Unicode

------------
DxDiag Notes
------------
      Display Tab 1: No problems found.
        Sound Tab 1: No problems found.
        Sound Tab 2: No problems found.
        Sound Tab 3: No problems found.
        Sound Tab 4: No problems found.
          Input Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D:    0/4 (retail)
DirectDraw:  0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay:  0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow:  0/6 (retail)

---------------
Display Devices
---------------
          Card name: ATI Radeon HD 4800 Series   
       Manufacturer: ATI Technologies Inc.
          Chip type: ATI display adapter (0x9460)
           DAC type: Internal DAC(400MHz)
         Device Key: Enum\PCI\VEN_1002&DEV_9460&SUBSYS_E115174B&REV_00
     Display Memory: 2808 MB
   Dedicated Memory: 1017 MB
      Shared Memory: 1791 MB
       Current Mode: 1680 x 1050 (32 bit) (60Hz)
       Monitor Name: LG L227W (Digital)
      Monitor Model: L227W
         Monitor Id: GSM566F
        Native Mode: 1680 x 1050(p) (59.883Hz)
        Output Type: DVI
        Driver Name: atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll
Driver File Version: 8.14.0010.0716 (English)
     Driver Version: 8.681.0.0
        DDI Version: 10.1
       Driver Model: WDDM 1.1
  Driver Attributes: Final Retail
   Driver Date/Size: 11/25/2009 04:50:14, 4683776 bytes
        WHQL Logo'd: n/a
    WHQL Date Stamp: n/a
  Device Identifier: {D7B71EE2-D720-11CF-3776-1FC1A1C2C535}
          Vendor ID: 0x1002
          Device ID: 0x9460
          SubSys ID: 0xE115174B
        Revision ID: 0x0000
 Driver Strong Name: oem2.inf:ATI.Mfg.NTamd64.6.1:ati2mtag_RV7X:8.681.0.0:pci\ven_1002&dev_9460
     Rank Of Driver: 00E62001
        Video Accel: ModeMPEG2_A ModeMPEG2_C 
   Deinterlace Caps: {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {3C5323C1-6FB7-44F5-9081-056BF2EE449D}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {552C0DAD-CCBC-420B-83C8-74943CF9F1A6}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
       D3D9 Overlay: Not Supported
            DXVA-HD: Not Supported
       DDraw Status: Enabled
         D3D Status: Enabled
         AGP Status: Enabled

-------------
Sound Devices
-------------
            Description: Lautsprecher (4- USB Multi-Channel Audio Device)
 Default Sound Playback: Yes
 Default Voice Playback: No
            Hardware ID: USB\VID_0D8C&PID_0102&REV_0010&MI_00
        Manufacturer ID: 1
             Product ID: 100
                   Type: WDM
            Driver Name: CM10664.sys
         Driver Version: 7.12.0008.2140 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: n/a
          Date and Size: 10/1/2009 19:04:54, 1307648 bytes
            Other Files: 
        Driver Provider: C-Media Inc.
         HW Accel Level: Basic
              Cap Flags: 0x0
    Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX(tm) 2.0 Listen/Src: No, No
   I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

            Description: Realtek Digital Output (Realtek High Definition Audio)
 Default Sound Playback: No
 Default Voice Playback: No
            Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0885&SUBSYS_18491890&REV_1001
        Manufacturer ID: 1
             Product ID: 100
                   Type: WDM
            Driver Name: RTKVHD64.sys
         Driver Version: 6.00.0001.5953 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: n/a
          Date and Size: 10/6/2009 18:51:22, 2009376 bytes
            Other Files: 
        Driver Provider: Realtek Semiconductor Corp.
         HW Accel Level: Basic
              Cap Flags: 0x0
    Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX(tm) 2.0 Listen/Src: No, No
   I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

            Description: Digitaler Ausgang (4- USB Multi-Channel Audio Device)
 Default Sound Playback: No
 Default Voice Playback: No
            Hardware ID: USB\VID_0D8C&PID_0102&REV_0010&MI_00
        Manufacturer ID: 1
             Product ID: 100
                   Type: WDM
            Driver Name: CM10664.sys
         Driver Version: 7.12.0008.2140 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: n/a
          Date and Size: 10/1/2009 19:04:54, 1307648 bytes
            Other Files: 
        Driver Provider: C-Media Inc.
         HW Accel Level: Basic
              Cap Flags: 0x0
    Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX(tm) 2.0 Listen/Src: No, No
   I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

            Description: Lautsprecher (Realtek High Definition Audio)
 Default Sound Playback: No
 Default Voice Playback: Yes
            Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0885&SUBSYS_18491890&REV_1001
        Manufacturer ID: 1
             Product ID: 100
                   Type: WDM
            Driver Name: RTKVHD64.sys
         Driver Version: 6.00.0001.5953 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: n/a
          Date and Size: 10/6/2009 18:51:22, 2009376 bytes
            Other Files: 
        Driver Provider: Realtek Semiconductor Corp.
         HW Accel Level: Basic
              Cap Flags: 0x0
    Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX(tm) 2.0 Listen/Src: No, No
   I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

---------------------
Sound Capture Devices
---------------------
            Description: Mikrofon (4- USB Multi-Channel Audio Device)
  Default Sound Capture: Yes
  Default Voice Capture: Yes
            Driver Name: CM10664.sys
         Driver Version: 7.12.0008.2140 (English)
      Driver Attributes: Final Retail
          Date and Size: 10/1/2009 19:04:54, 1307648 bytes
              Cap Flags: 0x0
           Format Flags: 0x0

            Description: Stereo Mix (4- USB Multi-Channel Audio Device)
  Default Sound Capture: No
  Default Voice Capture: No
            Driver Name: CM10664.sys
         Driver Version: 7.12.0008.2140 (English)
      Driver Attributes: Final Retail
          Date and Size: 10/1/2009 19:04:54, 1307648 bytes
              Cap Flags: 0x0
           Format Flags: 0x0

            Description: SPDIF In (4- USB Multi-Channel Audio Device)
  Default Sound Capture: No
  Default Voice Capture: No
            Driver Name: CM10664.sys
         Driver Version: 7.12.0008.2140 (English)
      Driver Attributes: Final Retail
          Date and Size: 10/1/2009 19:04:54, 1307648 bytes
              Cap Flags: 0x0
           Format Flags: 0x0

            Description: Eingang (4- USB Multi-Channel Audio Device)
  Default Sound Capture: No
  Default Voice Capture: No
            Driver Name: CM10664.sys
         Driver Version: 7.12.0008.2140 (English)
      Driver Attributes: Final Retail
          Date and Size: 10/1/2009 19:04:54, 1307648 bytes
              Cap Flags: 0x0
           Format Flags: 0x0

-------------------
DirectInput Devices
-------------------
      Device Name: Maus
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a

      Device Name: Tastatur
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a

      Device Name: Gaming Keyboard
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC221
        FF Driver: n/a

      Device Name: Gaming Keyboard
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC221
        FF Driver: n/a

      Device Name: G11 Keyboard
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC225
        FF Driver: n/a

      Device Name: USB Sound Device        
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x0D8C, 0x0102
        FF Driver: n/a

Poll w/ Interrupt: No

-----------
USB Devices
-----------
+ USB-Root-Hub
| Vendor/Product ID: 0x1002, 0x4397
| Matching Device ID: usb\root_hub
| Service: usbhub
| 
+-+ Logitech USB G3 (MX518) Optical Mouse
| | Vendor/Product ID: 0x046D, 0xC051
| | Location: Port_#0001.Hub_#0001
| | Matching Device ID: usb\vid_046d&pid_c051
| | Lower Filters: LUsbFilt
| | Service: HidUsb
| | 
| +-+ Logitech HID-compliant G3/MX518 Optical Mouse
| | | Vendor/Product ID: 0x046D, 0xC051
| | | Matching Device ID: hid\vid_046d&pid_c051
| | | Upper Filters: LMouFilt
| | | Lower Filters: LHidFilt
| | | Service: mouhid

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------
+ HID-Tastatur
| Vendor/Product ID: 0x046D, 0xC221
| Matching Device ID: hid_device_system_keyboard
| Service: kbdhid
| 
+ HID-Tastatur
| Vendor/Product ID: 0x046D, 0xC225
| Matching Device ID: hid_device_system_keyboard
| Service: kbdhid
| 
+ Terminalserver-Tastaturtreiber
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
| 
+ Terminalserver-Maustreiber
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD

------------------------
Disk & DVD/CD-ROM Drives
------------------------
      Drive: C:
 Free Space: 48.6 GB
Total Space: 200.0 GB
File System: NTFS
      Model: WDC WD6400AAKS-65A7B2 ATA Device

      Drive: D:
 Free Space: 86.4 GB
Total Space: 200.0 GB
File System: NTFS
      Model: WDC WD6400AAKS-65A7B2 ATA Device

      Drive: E:
 Free Space: 78.4 GB
Total Space: 210.5 GB
File System: NTFS
      Model: WDC WD6400AAKS-65A7B2 ATA Device

      Drive: F:
      Model: PIONEER BD-ROM  BDC-202 ATA Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7600.16385 (German), , 0 bytes

      Drive: L:
      Model: AU5261P OSQ010I SCSI CdRom Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7600.16385 (German), , 0 bytes

      Drive: K:
      Model: AU5261P OSQ010I SCSI CdRom Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7600.16385 (German), , 0 bytes

--------------
System Devices
--------------
     Name: PCI Standard-Host-CPU-Brücke
Device ID: PCI\VEN_1022&DEV_9600&SUBSYS_96001849&REV_00\3&267A616A&0&00
   Driver: n/a

     Name: ATI Radeon HD 4800 Series   
Device ID: PCI\VEN_1002&DEV_9460&SUBSYS_E115174B&REV_00\4&E8F8674&0&0010
   Driver: n/a

     Name: Standard PCI-zu-USB erweiterter Hostcontroller
Device ID: PCI\VEN_1002&DEV_4396&SUBSYS_43961849&REV_00\3&267A616A&0&9A
   Driver: n/a

     Name: PCI Standard-Host-CPU-Brücke
Device ID: PCI\VEN_1022&DEV_1204&SUBSYS_00000000&REV_00\3&267A616A&0&C4
   Driver: n/a

     Name: PCI Standard-ISA-Brücke
Device ID: PCI\VEN_1002&DEV_439D&SUBSYS_439D1849&REV_00\3&267A616A&0&A3
   Driver: n/a

     Name: Standard PCI-zu-USB erweiterter Hostcontroller
Device ID: PCI\VEN_1002&DEV_4396&SUBSYS_43961849&REV_00\3&267A616A&0&92
   Driver: n/a

     Name: PCI Standard-Host-CPU-Brücke
Device ID: PCI\VEN_1022&DEV_1203&SUBSYS_00000000&REV_00\3&267A616A&0&C3
   Driver: n/a

     Name: Standard-Zweikanal-PCI-IDE-Controller
Device ID: PCI\VEN_1002&DEV_439C&SUBSYS_439C1849&REV_00\3&267A616A&0&A1
   Driver: n/a

     Name: Standard AHCI 1.0 Serieller-ATA-Controller
Device ID: PCI\VEN_1002&DEV_4391&SUBSYS_43911849&REV_00\3&267A616A&0&88
   Driver: n/a

     Name: PCI Standard-Host-CPU-Brücke
Device ID: PCI\VEN_1022&DEV_1202&SUBSYS_00000000&REV_00\3&267A616A&0&C2
   Driver: n/a

     Name: Standard OpenHCD USB-Hostcontroller
Device ID: PCI\VEN_1002&DEV_4399&SUBSYS_43991849&REV_00\3&267A616A&0&A5
   Driver: n/a

     Name: OHCI-konformer VIA 1394-Hostcontroller
Device ID: PCI\VEN_1106&DEV_3044&SUBSYS_30441849&REV_C0\4&2966AB86&0&38A4
   Driver: n/a

     Name: PCI Standard-Host-CPU-Brücke
Device ID: PCI\VEN_1022&DEV_1201&SUBSYS_00000000&REV_00\3&267A616A&0&C1
   Driver: n/a

     Name: Standard OpenHCD USB-Hostcontroller
Device ID: PCI\VEN_1002&DEV_4398&SUBSYS_43981849&REV_00\3&267A616A&0&99
   Driver: n/a

     Name: ATI E/A-Kommunikationsprozessor-SMBus-Controller
Device ID: PCI\VEN_1002&DEV_4385&SUBSYS_43851849&REV_3C\3&267A616A&0&A0
   Driver: n/a

     Name: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_03\4&391222DB&0&0050
   Driver: n/a

     Name: PCI Standard-Host-CPU-Brücke
Device ID: PCI\VEN_1022&DEV_1200&SUBSYS_00000000&REV_00\3&267A616A&0&C0
   Driver: n/a

     Name: Standard OpenHCD USB-Hostcontroller
Device ID: PCI\VEN_1002&DEV_4398&SUBSYS_43981849&REV_00\3&267A616A&0&91
   Driver: n/a

     Name: ATI E/A-Kommunikationsprozessor-PCI-Buscontroller
Device ID: PCI\VEN_1002&DEV_4384&SUBSYS_00000000&REV_00\3&267A616A&0&A4
   Driver: n/a

     Name: PCI Standard-PCI-zu-PCI-Brücke
Device ID: PCI\VEN_1022&DEV_9609&SUBSYS_96001849&REV_00\3&267A616A&0&50
   Driver: n/a

     Name: High Definition Audio-Controller
Device ID: PCI\VEN_1002&DEV_AA30&SUBSYS_AA30174B&REV_00\4&E8F8674&0&0110
   Driver: n/a

     Name: Standard OpenHCD USB-Hostcontroller
Device ID: PCI\VEN_1002&DEV_4397&SUBSYS_43971849&REV_00\3&267A616A&0&98
   Driver: n/a

     Name: High Definition Audio-Controller
Device ID: PCI\VEN_1002&DEV_4383&SUBSYS_18901849&REV_00\3&267A616A&0&A2
   Driver: n/a

     Name: PCI Standard-PCI-zu-PCI-Brücke
Device ID: PCI\VEN_1022&DEV_9603&SUBSYS_96001849&REV_00\3&267A616A&0&10
   Driver: n/a

     Name: Standard OpenHCD USB-Hostcontroller
Device ID: PCI\VEN_1002&DEV_4397&SUBSYS_43971849&REV_00\3&267A616A&0&90
   Driver: n/a

------------------
DirectShow Filters
------------------

DirectShow Filters:
Emuzed AMR-NB Decoder-DMO,0x00600000,1,1,EmzAMRNBDec.dll,2.17.0000.0000
WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,6.01.7600.16385
WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,6.01.7600.16385
WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,6.01.7600.16385
MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,6.01.7600.16385
Emuzed AMR-WB Decoder-DMO,0x00600000,1,1,EzdAMRWBDec.dll,2.17.0000.0000
Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,6.01.7600.16385
WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,6.01.7600.16385
WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,6.01.7600.16385
Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,6.01.7600.16385
Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,6.01.7600.16385
PP PCM Wrapper,0x00200000,1,1,ppPCMEnc.ax,1.01.0000.0321
PDR MPEG-1 Splitter,0x00805000,1,2,PDM1Splter.ax,2.03.0000.1118
CyberLink MPEG Video Encoder,0x00200000,1,1,P2GVidEnc.ax,6.00.0001.2226
Emuzed AMR/3GPP/MP4/MP3 Multiplexer-Filter,0x00200000,1,0,EzdMP4MuxFilter.dll,2.17.0000.0000
PDR TS Information,0x00200000,1,0,pdtsinfo.ax,1.00.0000.1926
Emuzed MP3 Source/Decoder Filter,0x00400000,0,1,EmzMP3SourceFilter.dll,2.17.0000.0000
CyberLink Editing Service 3.0 (Source),0x00200000,0,2,CLEdtKrn.dll,3.00.0000.2911
CyberLink MP3/WAV Wrapper,0x00200000,1,1,P2GMP3Wrap.ax,3.07.0000.1314
PP Video Regulator,0x00200000,1,1,ppResample.ax,2.05.0000.1818
DV Muxer,0x00400000,0,0,qdv.dll,6.06.7600.16385
PP YUY2 Deinterlace,0x00200000,1,1,ppDItlYuY2.ax,2.05.0000.2703
CyberLink DDR,0x00200000,1,0,PDRender.ax,2.00.0002.0026
PDR Video Stabilizer,0x00200000,1,1,CLVideoStabilizer.ax,1.00.0000.2313
CyberLink AudioCD Filter,0x00200000,0,1,P2GAudioCD.ax,5.00.0000.1321
Color Space Converter,0x00400001,1,1,quartz.dll,6.06.7600.16490
WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.7600.16385
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,12.00.7600.16385
CyberLink YUY2 Sub-Sampling,0x00200000,1,1,PDSubYUY2.ax,2.05.0000.2923
AVI Splitter,0x00600000,1,1,quartz.dll,6.06.7600.16490
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.06.7600.16490
CyberLink DV Buffer,0x00200000,2,0,PDDVBuffer.ax,2.00.0000.1129
SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,6.06.7600.16385
PP IDM,0x00200000,1,1,ppIDMF.ax,1.00.0000.3909
CyberLink Editing Service 3.0 (Source),0x00200000,0,2,P2GEdtKrn.dll,3.00.0000.2911
Cyberlink Scene Detect Filter,0x00200000,1,1,PDScnDt.ax,1.00.0000.0813
CyberLink AudioCD Filter (PDVD7),0x00600000,0,1,CLAudioCD.ax,5.00.0000.4417
CyberLink AVI Audio Time Regulator,0x00200000,1,1,PDAVI_AudTR.ax,1.00.0000.0724
Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,6.01.7140.0000
PP Video Effect,0x00200000,1,1,ppVidFx.ax,1.00.0000.3207
Cyberlink TS Information,0x00200000,1,0,ppTSInfo.ax,1.00.0000.1705
Emuzed AMR/QCP/3GPP/MP4/3G2 Source Filter,0x00400000,0,1,EmzMp4Source.dll,2.17.0000.0000
PDR Video Regulator,0x00200000,1,1,CLRGL.ax,2.00.0000.5002
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.7600.16590
CyberLink Audio Decoder,0x00201000,1,1,Claud.ax,6.01.0008.5803
PP Video Decoder,0x00200000,2,3,ppGenericVSD.ax,6.00.0001.3722
CyberLink Audio Resampler,0x00200000,1,1,PDAuRsmpl.ax,2.00.0000.0519
StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.7600.16385
PP Audio Resampler,0x00200000,1,1,ppAuRsmpl.ax,2.00.0000.0519
CyberLink DV Reader Filter,0x00200000,0,1,PDDVMrd.ax,2.01.0000.2211
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.06.7600.16490
CyberLink Audio Effect (PDVD7),0x00200000,1,1,CLAudFx.ax,6.00.0000.5723
PP Dump Dispatch Filter,0x00200000,1,0,PPDumpDispatch.ax,1.02.0001.2412
PDR Audio Effect,0x00200000,1,1,PDaudfx.ax,6.00.0000.1223
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.06.7600.16490
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
Nokia MPEG4ASP Decoder Filter,0x00800005,1,1,NokiaDecMP4ASP_H263.dll,1.00.0004.0000
P2G Video Decoder,0x00200000,2,3,P2GVSD.ax,6.00.0000.2310
PDR SnapShotTIP Filter,0x00200000,1,1,PDSShot.ax,
Cyberlink Byte Counter Filter,0x00200000,1,1,PDByteCounter.ax,1.00.0000.1224
PDR Editing Service 3.0 (Source),0x00200000,0,2,cledtkrn.dll,3.00.0000.2420
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7600.16385
CyberLink Audio Digital Transcoder,0x00200000,1,1,CLADT.ax,2.00.0000.1915
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.7600.16590
PP File Reader (Async.),0x00200000,0,1,ppReader.ax,2.00.0000.0812
PP Snapshot Filter,0x00200000,1,0,ppSnapshot.ax,1.00.0000.0001
PDR TL MPEG Splitter,0x00200000,1,2,PDTLMSplter.ax,3.02.0000.2219
Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,6.06.7600.16385
SBE2FileScan,0x00200000,0,0,sbe.dll,6.06.7600.16385
PP Dump Filter,0x00200000,1,0,ppDump.ax,3.00.0000.7122
Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7600.16385
CyberLink SAC Video Decoder(PDVD7 HomeNetwork),0x00200000,2,3,CLVSD.ax,6.00.0000.2122
CyberLink SnapShot Filter,0x00200000,1,0,PDSnapShot.ax,1.00.0003.0026
PP DV Buffer,0x00200000,2,0,ppDVBuffer.ax,2.00.0000.1610
CyberLink DV Buffer,0x00200000,0,1,ppDVDump.ax,2.00.0001.0002
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.06.7600.16490
CyberLink Video Regulator,0x00200000,1,1,P2GRGL.ax,2.00.0000.4305
P2G Audio Decoder,0x00200000,1,1,P2GAud.ax,6.01.0000.3601
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.06.7600.16490
PDR Video Effect,0x00200000,1,1,CLVidFx.ax,1.00.0000.3207
Nokia H264Dec HP/MP Filter,0x00800005,1,1,NokiaH264HPMPDecTFilter.dll,1.00.0004.0000
PP DDR,0x00200000,1,0,ppRender.ax,2.00.0002.0026
DV Splitter,0x00600000,1,2,qdv.dll,6.06.7600.16385
CyberLink YUY2 DeInterlace,0x00200000,1,1,PDDitlYUY2.ax,2.01.0000.1715
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.06.7600.16490
CyberLink Video Effect,0x00200000,1,1,P2GVidFx.ax,1.00.0000.3207
PP TL MPEG Splitter,0x00200000,1,2,ppTLMSplter.ax,3.02.0000.2219
PDR DVSD Modifier,0x00200000,1,1,dvsdModifier.ax,1.00.0000.0930
CyberLink Demux (PDVD7),0x00602000,1,0,CLDemuxer.ax,1.05.0000.6909
PDR MPEG-2 Splitter,0x00805000,1,2,PDM2Splter.ax,2.03.0000.1118
CyberLink MPEG Splitter(Scramble),0x00200000,1,2,CLSplter.ax,3.01.0000.1424
PP M2V Writer,0x00200000,1,0,PPM2VWriter.ax,1.03.0000.2523
CyberLink Audio Commercial Cut Analyzer,0x00200000,1,1,CLAudCM.ax,1.00.0000.1725
CyberLink AVCHD Navigator,0x00600000,0,3,CLAVCHDNav.ax,2.00.0000.2206
CyberLink AudAna Filter,0x00200000,1,0,PDAudAna.dll,2.00.0000.1520
CyberLink Scene Detect Filter 2,0x00200000,1,1,PDScnDt2.dll,1.01.0000.1815
PP DV TCR,0x00200000,1,1,ppDVTCR.ax,2.01.0000.1521
CyberLink BDROM Navigator,0x00600000,0,3,CLBDROMNav.ax,2.00.0083.2218
Nero ES Video Reader,0x00600000,0,1,NDParser.ax,4.02.0004.0008
Cyberlink Sub-Picture Filter,0x00200000,1,1,CLSubPic.ax,3.00.0000.0728
PDR Demultiplexer,0x00200000,1,0,PDDemuxer.ax,1.00.0000.5108
CyberLink Line21 Decoder (PDVD7.x),0x00200000,0,2,CLLine21.ax,4.00.0000.9027
PP DV Reader Filter,0x00200000,0,1,ppDVMRd.ax,2.01.0000.2130
CyberLink Audio Noise Reduction,0x00200000,1,1,P2GAuNRWrapper.ax,2.00.0000.1805
Emuzed AAC/AAC+ Decoder TFilter,0x00800000,1,1,EmzAACDecFilter.dll,2.17.0000.0000
PP Audio Encoder,0x00200000,2,0,ppAudEnc.ax,2.01.0000.1926
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,6.01.7600.16385
Cyberlink Sub-Picture Filter,0x00200000,1,1,PDSubPic.ax,3.00.0000.0728
CyberLink Load Image Filter,0x00200000,0,1,CLImage.ax,3.00.0000.2307
Nero Audio CD Filter,0x00200000,0,1,NeAudCD.ax,4.02.0004.0008
CyberLink MPEG-2 Splitter,0x00200000,1,2,P2Gm2spliter.ax,2.04.0000.2301
CyberLink VAudAna Filter,0x00200000,1,0,PDVAudAna.dll,1.01.0000.0826
CyberLink Audio VolumeBooster,0x00200000,1,1,P2GVB.ax,1.00.0000.1008
PP MPEG Muxer,0x00200000,2,1,ppMpgMux.ax,5.00.0000.3608
PDR MPEG Video Encoder,0x00200000,1,1,PDVidEnc.ax,6.01.0001.2601
CyberLink DV Filter,0x00200000,1,1,PDDVTCR.ax,2.01.0000.1524
ACM Wrapper,0x00600000,1,1,quartz.dll,6.06.7600.16490
CyberLink Frame Parser,0x00200000,2,0,CLFParser.ax,1.00.0000.3327
Video Renderer,0x00800001,1,0,quartz.dll,6.06.7600.16490
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.7600.16385
Cyberlink Dump Dispatch Filter,0x00200000,1,0,P2GDumpDispatch.ax,1.02.0001.2412
Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.06.7600.16385
Video Port Manager,0x00600000,2,1,quartz.dll,6.06.7600.16490
CyberLink Push-Mode CLStream (PDVD7),0x00200000,0,1,CLStream(PushMode).ax,1.00.0000.1524
CyberLink Audio Decoder (PDVD7 UPnP),0x00200000,1,1,CLAud.ax,6.01.0000.3613
Video Renderer,0x00400000,1,0,quartz.dll,6.06.7600.16490
Emuzed MP4SP/H263 Video Decoder-Filter,0x00800000,1,1,EmzDecMP4_H263.dll,2.17.0000.0000
CyberLink Audio Resampler,0x00200000,1,1,P2GAuRsmpl.ax,2.00.0000.1318
CyberLink Audio Spectrum Analyzer (PDVD7),0x00200000,1,1,CLAudSpa.ax,1.00.0000.0924
VPS Decoder,0x00200000,0,0,WSTPager.ax,6.06.7600.16385
PDR Audio Decoder,0x00200000,1,1,PDAud.ax,6.01.0000.3417
WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.7600.16385
CyberLink MPEG-1 Splitter,0x00200000,1,2,P2Gm1spliter.ax,2.04.0000.2301
CyberLink Stamp Effect,0x00200000,1,1,ppStampEffect.ax,1.00.0000.2108
PDR MPEG Muxer,0x00200000,2,1,PDMpgMux.ax,5.00.0000.3901
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.01.7600.16385
CyberLink Demultiplexer,0x00200000,1,0,ppDemuxer.ax,1.00.0000.5505
PDR M2V Writer,0x00200000,1,0,PDM2VWriter.ax,1.03.0000.2017
File writer,0x00200000,1,0,qcap.dll,6.06.7600.16385
PP YUY2 Sub-Sampling,0x00200000,1,1,ppSubYUY2.ax,2.05.0000.2628
Nokia XVID/DIVX Decoder Filter,0x00800001,1,1,NokiaXvidDecoder.dll,1.00.0003.0000
iTV Data Sink,0x00600000,1,0,itvdata.dll,6.06.7600.16385
iTV Data Capture filter,0x00600000,1,1,itvdata.dll,6.06.7600.16385
CyberLink Video/SP Decoder (PDVD7),0x00602000,2,3,CLVsd.ax,8.02.0000.0926
Cyberlink File Reader (Async.),0x00200000,0,1,P2GReader.ax,3.00.0000.3016
CyberLink M2V Writer,0x00200000,1,0,P2GM2VWriter.ax,1.03.0000.2017
CyberLink BDRE Navigator,0x00600000,0,3,CLBDRENav.ax,2.00.0000.4618
PP Audio Effect,0x00200000,1,1,CLAudFx.ax,6.01.0000.0115
PP WAV Dest,0x00200000,0,0,PPWavDest.ax,1.00.0000.0002
PDR File Reader (Async),0x00200000,0,1,PDReader.ax,2.00.0000.0812
Cyberlink Dump Filter,0x00200000,1,0,P2GDump.ax,3.00.0000.7122
CyberLink Transform Tee,0x00200000,1,1,PDTee.ax,3.00.0000.3130
CyberLink Video Stabilizer,0x00200000,1,1,P2GVideoStabilizer.ax,1.00.0000.1521
PDR Dump Filter,0x00200000,1,0,PDDump.ax,4.00.0000.6217
CyberLink DV Dump Filter,0x00200000,1,0,PDDVDump.ax,2.01.0034.0028
PDR TimeStretch Filter(CES),0x00200000,1,1,clauts.ax,1.00.0000.4024
PP Audio Decoder,0x00200000,1,1,CLAud.ax,6.01.0000.4306
CyberLink Audio Wizard,0x00201010,1,1,CLAudWizard.ax,1.00.0000.1730
CyberLink PCM Wrapper,0x00200000,1,1,P2GPCMEnc.ax,1.01.0000.0321
DVD Navigator,0x00200000,0,3,qdvd.dll,6.06.7600.16385
CyberLink DVD Navigator (PDVD7),0x00200000,0,3,CLNavX.ax,7.00.0000.4613
PDR Dump Dispatch Filter,0x00200000,1,0,PDDumpDispatch.ax,1.02.0001.2412
CyberLink TimeStretch Filter (PDVD7),0x00200000,1,1,clauts.ax,1.00.0000.5423
PP MPEG Splitter,0x00200000,1,2,ppSplter.ax,3.01.0000.1928
Cyberlink Scene Detect Filter,0x00200000,1,1,ppScnDt.ax,1.00.0000.0813
Overlay Mixer2,0x00200000,1,1,qdvd.dll,6.06.7600.16385
Cyberlink SubTitle Importor,0x00200000,1,1,CLSubTitle.ax,1.00.0000.4716
PP Audio Noise Reduction (CES),0x00200000,1,1,CLAuNRWrapper.ax,2.00.0000.1805
AVI Draw,0x00600064,9,1,quartz.dll,6.06.7600.16490
CyberLink Real File writer,0x00200000,2,0,PDRMFileWriter.ax,1.00.0000.3307
PP Gate Filter,0x00200000,1,1,ppGate.ax,1.00.0000.0001
RDP DShow Redirection Filter,0xffffffff,1,0,DShowRdpFilter.dll,
Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7600.16385
WST Pager,0x00200000,1,1,WSTPager.ax,6.06.7600.16385
PDR Audio Encoder,0x00200000,2,0,PDAudEnc.ax,2.01.0000.1317
CyberLink VidAna Filter,0x00200000,1,1,PDVidAna.dll,1.02.0000.1802
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.7600.16590
DV Video Decoder,0x00800000,1,1,qdv.dll,6.06.7600.16385
PP DV Dump Filter,0x00200000,1,0,ppDVDump.ax,2.00.0001.0002
Cyberlink Gate Filter,0x00200000,1,1,PDGate.ax,1.00.0000.0001
Emuzed H264 Video Decoder-Filter,0x00800000,1,1,EzdH264DecTFilter.dll,2.17.0000.0000
CyberLink MPEG-4 Splitter (PDVD7),0x00600000,1,2,clm4splt.ax,1.00.0000.4409
CyberLink HD/BD Mixer (PDVD7.x),0x00200000,1,2,CLHBMixer.ax,1.00.0000.3319
Cyberlink DV Scene Detect Filter,0x00200000,1,1,PDDVScnDt.ax,1.00.0000.0426
PDR WAV Dest,0x00200000,0,0,PDWavDest.ax,1.00.0000.6518
CyberLink AudioCD Filter,0x00600000,0,1,PDAudioCD.ax,5.00.0000.4417
IDM Filter,0x00200000,1,1,PDIDMF.ax,1.00.0000.2207
CyberLink VC-1 Decoder (PDVD7.x),0x00600400,1,3,CLVc1Dec.ax,2.02.0000.5916
SampleGrabber,0x00200000,1,1,qedit.dll,6.06.7600.16385
Null Renderer,0x00200000,1,0,qedit.dll,6.06.7600.16385
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.7600.16385
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,6.01.7600.16385
Nero Audio CD Navigator,0x00200000,0,1,NeAudCD.ax,4.02.0004.0008
StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.7600.16385
PowerProducer Double Tee,0x00200000,1,2,ppDoubleTee.ax,1.00.0000.1224
CyberLink TimeStretch Filter (CES),0x00200000,1,1,P2Gauts.ax,1.00.0000.4024
Smart Tee,0x00200000,1,2,qcap.dll,6.06.7600.16385
Overlay Mixer,0x00200000,0,0,qdvd.dll,6.06.7600.16385
CyberLink TL MPEG Splitter,0x00200000,1,2,P2GTLMSplter.ax,3.02.0000.2219
AVI Decompressor,0x00600000,1,1,quartz.dll,6.06.7600.16490
CyberLink MPEG Muxer,0x00200000,2,1,P2GMpgMux.ax,5.00.0000.2221
PP Video Regulator,0x00200000,1,1,CLRGL.ax,2.00.0000.4305
PP SnapShotTIP Filter,0x00200000,1,1,ppSShot.ax,1.00.0000.1905
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.06.7600.16490
Wave Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
MIDI Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
Multi-file Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
File stream renderer,0x00400000,1,1,quartz.dll,6.06.7600.16490
CyberLink Audio Decode (PDVD7.x),0x00200000,1,1,claud_HBD.ax,8.01.0036.9603
PDR MPEG1/2 Video Decoder,0x00200000,2,3,PDVSD.ax,6.00.0000.2130
PP Video Stabilizer,0x00200000,1,1,CLVideoStabilizer.ax,1.00.0000.1521
Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,6.01.7140.0000
Nero Digital Parser,0x00600000,0,3,NDParser.ax,4.02.0004.0008
StreamBufferSink2,0x00200000,0,0,sbe.dll,6.06.7600.16385
AVI Mux,0x00200000,1,0,qcap.dll,6.06.7600.16385
CyberLink Double Pin Tee,0x00200000,1,2,PDDoubleTee.ax,1.00.0000.1224
CyberLink QuickTime Source Filter,0x00200000,0,2,clqtsrc.ax,1.10.0000.1920
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.06.7600.16490
File Source (Async.),0x00400000,0,1,quartz.dll,6.06.7600.16490
File Source (URL),0x00400000,0,1,quartz.dll,6.06.7600.16490
CyberLink Video/SP BD-HD Decoder (PDVD7.x),0x00600000,2,3,CLVSD_HBD.ax,8.02.0000.5923
P2G Video Regulator,0x00200000,1,1,P2GResample.ax,2.05.0000.1818
PP Byte Counter,0x00200000,1,1,ppByteCounter.ax,1.00.0000.1224
CyberLink AVI Audio Time Regulator,0x00200000,1,1,AVI_AudTR.ax,1.00.0000.1515
P2G Audio Encoder,0x00200000,2,0,P2GAudEnc.ax,2.00.0000.4815
PP MPEG Video Encoder,0x00200000,1,1,ppVidEnc.ax,6.00.0001.2714
CyberLink Demux (PDVD7 UPnP),0x00200000,1,0,CLDemuxer.ax,1.00.0000.3421
CyberLink H.264/AVC Decoder (PDVD7.x),0x00600400,1,2,CL264dec.ax,2.02.0000.0916
Cyberlink Video Regulator,0x00200000,1,1,PDResample.ax,2.05.0000.1818
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.06.7600.16385
PP TimeStretch Filter (CES),0x00200000,1,1,clauts.ax,1.00.0000.4024
Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.01.7600.16385
CyberLink Stamp Effect,0x00200000,1,1,PDStampEffect.ax,1.00.0000.2108
CyberLink QuickTime writer,0x00200000,2,0,PDQTFileWriter.ax,1.00.0000.3419
CyberLink Streamming Filter (PDVD7),0x00200000,0,1,CLStream.ax,1.01.0000.1524
PDR Audio Noise Reduction,0x00200000,1,1,CLAuNRWrapper.ax,2.00.0000.1805
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.7600.16385
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.06.7600.16490
CyberLink MPEG Decoder,0x00200000,2,3,P2GMVD.ax,5.00.0000.0929

WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink-Konvertierung,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

Video Compressors:
Emuzed H263 Video Encoder-DMO,0x00200000,1,1,EmzH263Enc.dll,2.17.0000.0000
WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,6.01.7600.16385
WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,6.01.7600.16385
Emuzed H.264 Encoder-DMO,0x00200000,1,1,EzdH264Enc.dll,2.17.0000.0000
Emuzed MPEG-4 SP Encoder-DMO,0x00200000,1,1,EmzMP4VideoEnc.DLL,2.17.0000.0000
MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,6.01.7600.16385
DV Video Encoder,0x00200000,0,0,qdv.dll,6.06.7600.16385
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.06.7600.16490
Cinepak Codec von Radius,0x00200000,1,1,qcap.dll,6.06.7600.16385
Intel IYUV Codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
Intel IYUV Codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
Microsoft RLE,0x00200000,1,1,qcap.dll,6.06.7600.16385
Microsoft Video 1,0x00200000,1,1,qcap.dll,6.06.7600.16385

Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,6.01.7600.16385
Emuzed GSM AMR-NB Encoder-DMO,0x00200000,1,1,EmzAMRNBEnc.DLL,2.17.0000.0000
Emuzed GSM AMR-WB Encoder DMO,0x00200000,1,1,EmzAMRWBEnc.DLL,2.17.0000.0000
WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,6.01.7600.16385
Emuzed MP3 Encoder-DMO,0x00200000,1,1,EmzMP3EncDMO.DLL,2.17.0000.0000
Emuzed AAC Encoder-DMO,0x00200000,1,1,EmzAACEnc.dll,2.17.0000.0000
IMA ADPCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
PCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
GSM 6.10,0x00200000,1,1,quartz.dll,6.06.7600.16490
CCITT A-Law,0x00200000,1,1,quartz.dll,6.06.7600.16490
CCITT u-Law,0x00200000,1,1,quartz.dll,6.06.7600.16490
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.06.7600.16490

Audio Capture Sources:
Mikrofon (4- USB Multi-Channel ,0x00200000,0,0,qcap.dll,6.06.7600.16385
Eingang (4- USB Multi-Channel A,0x00200000,0,0,qcap.dll,6.06.7600.16385
SPDIF In (4- USB Multi-Channel ,0x00200000,0,0,qcap.dll,6.06.7600.16385
Stereo Mix (4- USB Multi-Channe,0x00200000,0,0,qcap.dll,6.06.7600.16385

PBDA CP Filters:
PBDA DTFilter,0x00600000,1,1,CPFilters.dll,6.06.7600.16590
PBDA ETFilter,0x00200000,0,0,CPFilters.dll,6.06.7600.16590
PBDA PTFilter,0x00200000,0,0,CPFilters.dll,6.06.7600.16590

Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.06.7600.16490
Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,6.06.7600.16490

WDM Streaming Capture Devices:
Realtek HD Audio CD input,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Realtek HD Audio Front Mic input,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Realtek HD Audio Line input,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Realtek HD Audio Mic input,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Realtek HD Audio Stereo input,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
USB Multi-Channel Audio Device,0x00200000,3,3,ksproxy.ax,6.01.7600.16385

WDM Streaming Rendering Devices:
Realtek HD Audio output,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Realtek HDA SPDIF Out,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
USB Multi-Channel Audio Device,0x00200000,3,3,ksproxy.ax,6.01.7600.16385

BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.7600.16590

Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7600.16385

BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.7600.16385
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.7600.16385

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,1,EncDec.dll,6.06.7600.16385
Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.7600.16385
PTFilter,0x00200000,0,0,EncDec.dll,6.06.7600.16385
XDS Codec,0x00200000,0,0,EncDec.dll,6.06.7600.16385

WDM Streaming Communication Transforms:
Tee/Sink-to-Sink-Konvertierung,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

Audio Renderers:
Lautsprecher (4- USB Multi-Chan,0x00200000,1,0,quartz.dll,6.06.7600.16490
CyberLink Audio Renderer (PDVD7.x),0x00200000,1,0,cladr.ax,6.00.0000.5222
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.06.7600.16490
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.06.7600.16490
Digitaler Ausgang (4- USB Multi,0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Digitaler Ausgang (4- USB Multi-Channel Audio Device),0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Lautsprecher (4- USB Multi-Channel Audio Device),0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Lautsprecher (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Realtek Digital Output (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7600.16490
Lautsprecher (Realtek High Defi,0x00200000,1,0,quartz.dll,6.06.7600.16490
Realtek Digital Output (Realtek,0x00200000,1,0,quartz.dll,6.06.7600.16490

---------------
EVR Power Information
---------------
Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality) 
  Quality Flags: 2576
    Enabled:
    Force throttling
    Allow half deinterlace
    Allow scaling
    Decode Power Usage: 100
  Balanced Flags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 50
  PowerFlags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 0

Wollte noch die msinfo32 anhängen, aber die Datei ist zu groß mit 2,37 MB.

Vielen Dank,

Catarina

Larusso · 06.08.2010, 19:34

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Downloade Dir bitte Malwarebytes

Installiere das Programm in den vorgegebenen Pfad.
Denke daran, bei Vista das Programm als Admin zu starten, ansonsten per Doppelklick starten.
Lasse es online updaten (Reiter Aktualisierungen), sofern sich das Programm bereits auf dem Rechner befand.
Aktiviere "Quick-Scan durchführen" => Scannen.
Wenn der Scan beendet ist, klicke auf "Ergebnisse anzeigen".
Versichere Dich, dass alle Funde markiert sind und drücke "Entferne Auswahl".
Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Schritt 2

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die Textbox.

Code:

ATTFilter

netsvcs
drivers32 /all
msconfig
%SYSTEMDRIVE%\*.*
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Bitte poste in Deiner nächsten Antwort
MBAM Log
OTL.txt
Extras.txt

Catarina · 06.08.2010, 20:29

Danke für die Hilfe schon mal!

Also, hier ist zunächst die Logfile vom Durchlauf mit Malwarebytes, kein Fund:

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4399

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

06.08.2010 21:27:19
mbam-log-2010-08-06 (21-27-19).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 161812
Laufzeit: 3 Minute(n), 58 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Die andern folgen nach dem OTL-Scan!

Catarina · 06.08.2010, 20:38

Die OTL.txt:

Code:

ATTFilter

OTL logfile created on: 06.08.2010 21:33:08 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Katze\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 69,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,31 Gb Total Space | 47,66 Gb Free Space | 24,40% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 84,40 Gb Free Space | 43,21% Space Free | Partition Type: NTFS
Drive E: | 205,54 Gb Total Space | 76,51 Gb Free Space | 37,23% Space Free | Partition Type: NTFS
Drive F: | 7,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: RECHNER
Current User Name: Katze
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
========== Processes (SafeList) ==========
 
PRC - [2010.08.06 21:31:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Katze\Desktop\OTL.exe
PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009.10.10 22:47:34 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2009.10.10 22:42:22 | 001,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009.08.22 20:25:00 | 002,781,184 | ---- | M] () -- C:\Program Files (x86)\RivaTuner\RivaTuner.exe
PRC - [2009.08.22 20:25:00 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\RivaTuner\Tools\RTSS\RTSS.exe
PRC - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.07.20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 13:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009.01.16 19:12:28 | 000,221,184 | ---- | M] () -- C:\Windows\system\cm106eye.exe
PRC - [2008.08.02 10:57:14 | 001,757,184 | ---- | M] () -- C:\PROGRA~2\ESRI\License\arcgis9x\ARCGIS.exe
PRC - [2008.08.02 10:57:14 | 001,431,440 | ---- | M] (Acresso Software Inc.) -- C:\PROGRA~2\ESRI\License\arcgis9x\lmgrd.exe
PRC - [2006.10.26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.08.06 21:31:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Katze\Desktop\OTL.exe
MOD - [2009.08.22 20:25:00 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\RivaTuner\Tools\RTSS\RTSSHooks.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009.11.25 05:17:16 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.10.05 23:08:47 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009.07.14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009.07.14 03:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:64bit: - [2009.07.14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009.07.14 03:41:08 | 000,451,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\inetsrv\iisw3adm.dll -- (WAS)
SRV:64bit: - [2009.07.14 03:41:08 | 000,451,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\iisw3adm.dll -- (W3SVC)
SRV:64bit: - [2009.07.14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 03:40:01 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009.12.15 22:07:16 | 000,025,832 | ---- | M] (BioWare) [Auto | Running] -- d:\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.10.10 22:47:34 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009.10.05 23:09:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.07.20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009.07.14 03:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009.07.14 03:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009.07.14 03:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.10.25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008.08.02 10:57:14 | 001,431,440 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\PROGRA~2\ESRI\License\arcgis9x\lmgrd.exe -- (ArcGIS License Manager)
SRV - [2006.10.26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2010.02.26 14:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010.02.26 14:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.02.26 14:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010.02.26 14:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010.02.26 14:21:22 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010.02.26 14:21:20 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2009.12.07 21:45:46 | 000,074,880 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009.11.25 05:52:14 | 006,174,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.10.10 22:47:46 | 000,445,640 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2009.10.01 19:04:54 | 001,307,648 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CM10664.sys -- (USBMULCD)
DRV:64bit: - [2009.10.01 14:41:44 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009.10.01 14:41:43 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.09.27 20:00:02 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.07.30 19:58:42 | 000,236,544 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.24 08:49:00 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009.07.14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009.07.14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009.07.14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009.07.14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009.06.17 18:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009.06.17 18:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009.06.17 18:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.08 16:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2009.05.05 00:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.03.27 02:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132)
DRV:64bit: - [2008.10.14 11:40:16 | 000,024,560 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLBStor.sys -- (CLBStor)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.01.19 06:36:12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irsir.sys -- (irsir)
DRV:64bit: - [2007.08.08 18:54:12 | 000,035,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATITool64.sys -- (ATITool)
DRV:64bit: - [2006.04.20 08:22:00 | 000,141,888 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\Sentinel64.sys -- (Sentinel)
DRV - [2009.12.29 17:40:59 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\RivaTuner\RivaTuner64.sys -- (RivaTuner64)
DRV - [2008.10.07 14:54:16 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2008.08.08 14:52:48 | 000,017,408 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
DRV - [2008.08.08 14:52:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
DRV - [2007.02.07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2005.01.07 17:34:54 | 000,486,766 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\CLBUDF.tbl -- (CLBUDF)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2
FF - prefs.js..extensions.enabledItems: philip.hasky@stud.fh-dortmund.de:1.3
FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2010.01.21
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.07.07 12:41:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.07.07 12:41:57 | 000,000,000 | ---D | M]
 
[2010.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\mozilla\Extensions
[2010.08.05 22:24:55 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\mozilla\Firefox\Profiles\wd07rzkk.default\extensions
[2010.07.07 13:05:45 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\Katze\AppData\Roaming\mozilla\Firefox\Profiles\wd07rzkk.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010.07.01 23:20:42 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Katze\AppData\Roaming\mozilla\Firefox\Profiles\wd07rzkk.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.07.07 14:26:02 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Katze\AppData\Roaming\mozilla\Firefox\Profiles\wd07rzkk.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2010.07.15 22:12:26 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\mozilla\Firefox\Profiles\wd07rzkk.default\extensions\philip.hasky@stud.fh-dortmund.de
[2010.07.19 13:13:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.07.19 13:13:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}
[2010.06.22 23:31:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.06.22 23:31:25 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.01 23:20:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.01 23:20:00 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.01 23:20:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.01 23:20:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.01 23:20:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.10.05 23:16:20 | 000,000,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1				activate.adobe.com
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O4:64bit: - HKLM..\Run: [Cm106Sound] C:\Windows\Syswow64\cm106.DLL (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe File not found
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RivaTuner] C:\Program Files (x86)\RivaTuner\RivaTunerWrapper.exe ()
O4:64bit: - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files (x86)\RivaTuner\RivaTunerWrapper.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [RTSS] C:\Program Files (x86)\RivaTuner\Tools\RTSS\RTSSWrapper.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [ASRockOCTuner]  File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Citavi Picker... - C:\Program Files (x86)\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html ()
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: &Citavi Picker... - C:\Program Files (x86)\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIB0A5~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.4.11.1 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare) - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.14 05:17:18 | 000,000,058 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1d209622-b6ab-11de-ad61-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1d209622-b6ab-11de-ad61-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare)
O33 - MountPoints2\{ad04201f-ab90-11de-bcad-001966c76e35}\Shell - "" = AutoRun
O33 - MountPoints2\{ad04201f-ab90-11de-bcad-001966c76e35}\Shell\AutoRun\command - "" = L:\Autorun.exe -- File not found
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\Install.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
Drivers32:64bit: aux - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi3 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi4 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi5 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer3 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer4 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer5 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.uyvy - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvyu - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave3 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave4 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave5 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi5 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer5 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.clmp3enc - C:\PROGRA~2\CYBERL~1\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave5 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk - C:\PROGRA~2\Adobe\ACROBA~1.0\Distillr\acrotray.exe - File not found
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: BDRegion - hkey= - key= - C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe (cyberlink)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: EA Core - hkey= - key= - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
MsConfig:64bit - StartUpReg: InstantBurn - hkey= - key= - C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe (CyberLink Corporation.)
MsConfig:64bit - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig:64bit - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig:64bit - StartUpReg: Power2GoExpress - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (Cyberlink)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010.08.06 21:31:27 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Katze\Desktop\OTL.exe
[2010.08.06 21:22:40 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Roaming\Malwarebytes
[2010.08.06 21:21:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.08.06 21:21:29 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.08.06 21:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.08.06 21:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.28 21:00:51 | 000,000,000 | ---D | C] -- C:\Users\Katze\.spss
[2010.07.28 20:56:04 | 000,000,000 | ---D | C] -- C:\Users\Katze\Documents\SafeNet Sentinel
[2010.07.28 20:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
[2010.07.28 20:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SPSS
[2010.07.28 20:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SPSS
[2010.07.28 20:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SPSSInc
[2010.07.26 21:55:16 | 000,000,000 | ---D | C] -- C:\Users\Katze\.idlerc
[2010.07.19 13:17:45 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Roaming\Academic Software Zurich
[2010.07.19 13:14:31 | 000,000,000 | ---D | C] -- C:\Users\Katze\Documents\Citavi
[2010.07.19 13:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citavi
[2010.07.15 19:40:01 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Local\Google
[2010.07.15 19:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.07.15 19:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.07.13 17:28:20 | 000,000,000 | ---D | C] -- C:\Users\Katze\Desktop\21 jump
[2010.07.12 16:31:29 | 000,000,000 | ---D | C] -- C:\Users\Katze\Desktop\sonstiges
[2010.07.12 16:29:53 | 000,000,000 | ---D | C] -- C:\Users\Katze\Desktop\uni
[2010.07.12 16:29:46 | 000,000,000 | ---D | C] -- C:\Users\Katze\Desktop\thw
[2010.07.07 13:42:36 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Roaming\Nokia Ovi Suite
[2010.07.07 13:09:09 | 000,000,000 | ---D | C] -- C:\Users\Katze\Documents\Ovi
[2010.07.07 13:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2010.07.07 12:52:01 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Roaming\Nokia
[2010.07.07 12:51:43 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Local\NokiaAccount
[2010.07.07 12:51:39 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Local\Nokia
[2010.07.07 12:50:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010.07.07 12:43:06 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Roaming\PC Suite
[2010.07.07 12:42:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2010.07.07 12:41:52 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2010.07.07 12:41:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2010.07.07 12:41:28 | 000,069,120 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsx64.dll
[2010.07.07 12:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2010.07.07 12:40:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2010.07.06 23:35:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PEERNET
[2010.07.06 23:35:41 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Roaming\PEERNET
[2010.07.06 15:25:46 | 000,000,000 | ---D | C] -- C:\Users\Katze\Desktop\achtung_streng_geheim
[2010.07.06 14:44:30 | 000,000,000 | ---D | C] -- C:\Users\Katze\Documents\pdf24
[2010.07.01 23:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010.07.01 23:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010.07.01 23:20:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NOS
[2010.06.22 23:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.06.16 17:29:31 | 000,000,000 | ---D | C] -- C:\Programme\totalcmd
[2010.06.16 17:29:31 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Roaming\GHISLER
[2010.06.16 17:20:18 | 000,000,000 | ---D | C] -- C:\Programme\Mythicsoft
[2010.06.04 01:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\BioWare
[2010.06.04 00:08:18 | 000,000,000 | ---D | C] -- C:\Windows\1C4551A64743409391E41477CD655043.TMP
[2010.05.25 23:41:31 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Roaming\Google
[2010.05.18 19:28:43 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Roaming\Mozilla
[2010.05.18 19:28:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files - Modified Within 90 Days ==========
 
[2010.08.06 21:33:20 | 003,670,016 | -HS- | M] () -- C:\Users\Katze\NTUSER.DAT
[2010.08.06 21:31:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Katze\Desktop\OTL.exe
[2010.08.06 21:21:33 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.06 21:21:24 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.06 21:21:24 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.06 21:14:14 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.06 21:14:11 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.06 21:13:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.06 21:13:19 | 3219,890,176 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.06 18:46:47 | 021,881,946 | -H-- | M] () -- C:\Users\Katze\AppData\Local\IconCache.db
[2010.08.06 18:45:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.04 22:10:55 | 000,138,440 | ---- | M] () -- C:\Users\Katze\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.29 11:19:48 | 003,075,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.07.28 21:07:54 | 000,000,114 | ---- | M] () -- C:\Windows\SysWow64\prsgrc.tgz
[2010.07.28 21:07:54 | 000,000,100 | ---- | M] () -- C:\Windows\SysWow64\prsgrc.dll
[2010.07.28 20:55:10 | 000,001,024 | ---- | M] () -- C:\Windows\SysWow64\grcauth2.dll
[2010.07.28 20:55:09 | 000,001,024 | ---- | M] () -- C:\Windows\SysWow64\grcauth1.dll
[2010.07.28 20:51:45 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.tgz
[2010.07.28 20:51:45 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.dll
[2010.07.28 20:51:45 | 000,000,219 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.tgz
[2010.07.28 20:51:45 | 000,000,205 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.dll
[2010.07.28 20:51:45 | 000,000,016 | -H-- | M] () -- C:\Windows\SysWow64\servdat.slm
[2010.07.21 01:06:53 | 001,769,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.07.21 01:06:53 | 000,759,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.07.21 01:06:53 | 000,703,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.07.21 01:06:53 | 000,170,002 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.07.21 01:06:53 | 000,138,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.07.09 09:57:25 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.08 15:57:04 | 000,000,287 | ---- | M] () -- C:\Users\Katze\AppData\Local\VersionChecker_14.xml
[2010.07.07 13:41:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.07.07 12:50:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2010.07.07 12:42:57 | 000,002,063 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.07.06 10:43:38 | 001,188,924 | ---- | M] () -- C:\Users\Katze\Documents\3dparkmitte.jpg
[2010.06.14 17:48:39 | 000,001,109 | ---- | M] () -- C:\Users\Katze\Desktop\daorigins.lnk
[2010.06.10 21:11:13 | 000,000,039 | ---- | M] () -- C:\Windows\vbaddin.ini
[2010.06.04 02:05:50 | 000,000,711 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age Origins Character Creator.lnk
[2010.06.04 01:46:04 | 000,000,581 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age Origins.lnk
[2010.05.25 23:40:51 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Google SketchUp 7.lnk
[2010.05.18 19:28:39 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.06 21:21:33 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.28 20:55:11 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\prsgrc.tgz
[2010.07.28 20:55:10 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth2.dll
[2010.07.28 20:55:08 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth1.dll
[2010.07.28 20:55:07 | 000,000,100 | ---- | C] () -- C:\Windows\SysWow64\prsgrc.dll
[2010.07.28 20:51:45 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.tgz
[2010.07.28 20:51:45 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2010.07.28 20:51:45 | 000,000,219 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.tgz
[2010.07.28 20:51:45 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2010.07.28 20:51:45 | 000,000,016 | -H-- | C] () -- C:\Windows\SysWow64\servdat.slm
[2010.07.15 19:40:07 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.15 19:40:05 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.07 13:41:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.07.07 12:50:58 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.07 12:50:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2010.07.07 12:42:57 | 000,002,063 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.07.06 10:43:37 | 001,188,924 | ---- | C] () -- C:\Users\Katze\Documents\3dparkmitte.jpg
[2010.06.16 17:29:31 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2010.06.16 17:29:31 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2010.06.16 17:29:31 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2010.06.16 17:29:31 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2010.06.16 17:29:31 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2010.06.16 17:29:31 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2010.06.16 17:29:31 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2010.06.14 17:46:41 | 000,001,109 | ---- | C] () -- C:\Users\Katze\Desktop\daorigins.lnk
[2010.06.04 02:05:50 | 000,000,711 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age Origins Character Creator.lnk
[2010.06.04 01:46:04 | 000,000,581 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age Origins.lnk
[2010.05.25 23:40:51 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Google SketchUp 7.lnk
[2010.05.18 19:28:39 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009.12.30 15:27:55 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix106.dll
[2009.12.30 15:27:45 | 000,000,915 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2009.12.30 15:15:20 | 000,000,467 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2009.12.30 15:08:03 | 000,000,518 | ---- | C] () -- C:\Windows\cm106.ini
[2009.12.30 15:07:43 | 000,002,391 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
[2009.12.07 15:55:19 | 000,000,070 | ---- | C] () -- C:\Windows\WinInit.Ini
[2009.12.07 15:52:37 | 000,000,731 | ---- | C] () -- C:\Windows\pwc62d.INI
[2009.12.07 14:15:00 | 000,000,081 | ---- | C] () -- C:\Windows\winDecrypt.INI
[2009.11.24 22:39:53 | 000,000,095 | ---- | C] () -- C:\Windows\crackpdf.INI
[2009.10.22 00:35:00 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009.10.22 00:35:00 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.09.30 01:07:08 | 001,794,784 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.09.25 14:10:56 | 000,000,534 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.09.24 23:20:49 | 000,004,801 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[1997.06.25 16:24:16 | 000,040,448 | ---- | C] () -- C:\Windows\SysWow64\RegObj.dll
 
========== LOP Check ==========
 
[2010.07.19 13:29:26 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Academic Software Zurich
[2009.10.07 01:16:55 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\anpo.republika.pl
[2010.05.01 00:10:19 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Audacity
[2009.11.25 00:29:31 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\DAEMON Tools
[2010.05.03 11:53:43 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\DC++
[2010.01.27 20:09:22 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\ESRI
[2009.10.07 01:12:08 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\fltk.org
[2010.05.10 22:04:22 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Free Download Manager
[2009.10.08 18:32:14 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\GARMIN
[2009.12.21 00:50:04 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\GeoSetter
[2010.06.16 17:29:58 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\GHISLER
[2010.07.09 01:06:31 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\ICQ
[2009.09.24 23:14:20 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Leadertech
[2009.10.12 17:05:40 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Nemetschek
[2010.07.07 13:42:35 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Nokia
[2010.07.07 13:42:36 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Nokia Ovi Suite
[2009.10.02 02:30:00 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\PACE Anti-Piracy
[2010.07.07 13:05:58 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\PC Suite
[2010.07.06 23:35:43 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\PEERNET
[2009.10.27 13:15:02 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\WordToPDF
[2010.07.12 12:01:20 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*.* >
[2009.07.14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009.09.24 13:37:10 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.08.06 21:13:19 | 3219,890,176 | -HS- | M] () -- C:\hiberfil.sys
[2009.09.25 14:28:06 | 000,000,177 | -H-- | M] () -- C:\ITB.log
[2010.08.06 21:13:39 | 4293,189,632 | -HS- | M] () -- C:\pagefile.sys
[2009.11.12 23:30:08 | 000,000,159 | ---- | M] () -- C:\WORK.LOG
 
< %systemroot%\system32\*.wt >
 
< %systemroot%\system32\*.ruy >
 
< %systemroot%\Fonts\*.com >
[2009.07.14 07:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009.07.14 07:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009.07.14 07:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.07.14 07:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2009.06.10 22:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.scr >
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2009.07.14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
[2009.08.22 20:25:00 | 000,062,861 | ---- | M] () -- C:\Program Files (x86)\RivaTuner.cfg
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %systemroot%\Tasks\*.job /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\user32.dll /md5 >
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
 
< %systemroot%\system32\ws2_32.dll /md5 >
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
 
< %systemroot%\system32\ws2help.dll /md5 >
[2009.07.14 03:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\SysWOW64\ws2help.dll
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:5F64C164
@Alternate Data Stream - 1248 bytes -> C:\Users\Katze\AppData\Local\Temp:HQEtE1jiUwaVdYmh5q
< End of report >

Catarina · 06.08.2010, 20:39

Extras.txt:

Code:

ATTFilter

OTL Extras logfile created on: 06.08.2010 21:33:08 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Katze\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 69,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,31 Gb Total Space | 47,66 Gb Free Space | 24,40% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 84,40 Gb Free Space | 43,21% Space Free | Partition Type: NTFS
Drive E: | 205,54 Gb Total Space | 76,51 Gb Free Space | 37,23% Space Free | Partition Type: NTFS
Drive F: | 7,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: RECHNER
Current User Name: Katze
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{59427B1F-852F-4AF1-8215-E5B12F966D89}" = Logitech G11 Keyboard Software 1.03
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97407E09-4EA8-49F0-A513-2C1776A6DEC0}" = Sentinel System Driver(64-bit) 7.2.2
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CCC50A42-892B-AF23-6188-6E8D2FDF34E3}" = ATI Catalyst Install Manager
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (03/08/2007 2.2.1.0)
"C-Media CM106 Like Sound Driver" = USB Multi-Channel Audio Device
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"GSview 4.9" = GSview 4.9
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0236FF14-34AF-4D37-BA6C-17567B7A8685}_is1" = MapTk (MapToolKit)
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07A8ED9E-B98E-437F-B750-241B412BE924}" = Garmin USB Drivers
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12E75B98-8463-4C1F-8DDA-F6CF31566A55}" = Google SketchUp Pro 6
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1873789F-59D5-4002-8A2F-60A827B78F98}_is1" = GmapTool 0.4.6
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink BD Solution
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5
"{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}" = SPSS Statistics 17.0
"{48F95CE7-69D9-4967-81F7-D763CABFBD53}" = Debugging Tools for Windows (x86)
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5033400B-0977-45AB-94CE-CC135A8E1BBB}" = ArcGIS Desktop
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = CyberLink PowerDVD
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75AE638F-750A-11DF-96D5-005056806466}" = Google Earth Plug-in
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79F71DBA-38D0-D6C4-DF6C-335C37091031}" = Nero 7 Demo
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller  Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_VISPRO_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_VISPRO_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_VISPRO_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2007
"{90120000-0054-0407-0000-0000000FF1CE}_VISPRO_{60CC0F2D-BFA0-4851-903D-809D876DD87B}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_VISPRO_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A13D16C5-38A9-4D96-9647-59FCCAB12A85}" = Visual Basic for Applications (R) Core - English
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C12D609B-EB71-411B-82C3-9BE6D40435D7}" = Google SketchUp LayOut 6
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D8B5B7C3-47B1-40FA-8251-59C74A543880}" = Dragon Age: Origins Character Creator
"{D9DA2DF6-8CB6-4E3C-A29E-FAECFBA3E9A7}" = Garmin POI Loader
"{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2903F16-9A5A-4292-9D97-8328088086B6}" = forteManager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{EB459C2F-41CA-4222-B9CA-F8EBA40B8DAB}" = Google SketchUp 6 Exporters
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB97C283-1F3C-42D4-AE01-ADC1DC12F774}" = Visual Basic for Applications (R) Core
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe InDesign 2.0" = Adobe InDesign 2.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AGSAdventureDev312SP1_is1" = Adventure Game Studio 3.1.2 SP1
"Aide PDF to DXF Converter_is1" = Aide PDF to DXF Converter 9.6
"ArcGIS Desktop" = ArcGIS Desktop
"ArcGIS License Manager" = ArcGIS License Manager
"ASRock OC Tuner_is1" = ASRock OC Tuner v2.2.96
"ATITool" = ATITool Overclocking Utility
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Cachewolf POI Export" = Cachewolf POI Export
"cGPSmapper Free_is1" = cGPSmapper Free 0098e
"Citavi" = Citavi 2.5
"DC++" = DC++ 0.761
"EADM" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Download Manager_is1" = Free Download Manager 3.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"G3QP231012008_is1" = Questpaket 3 Deinstallation
"Generic USB 106 Sound" = SL-8795 Headset
"GeoSetter_is1" = GeoSetter 3.1.20
"GoldWave v5.55" = GoldWave v5.55
"GPicSync_is1" = GPicSync 1.28
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"GPS-Track-Analyse.NET" = GPS-Track-Analyse.NET
"HijackThis" = HijackThis 2.0.2
"JiveX DICOM Viewer Light 4.3.1" = JiveX DICOM Viewer Light 4.3.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"myphotobook" = myphotobook 3.65
"Nokia Ovi Suite" = Nokia Ovi Suite
"numpy-py2.5" = Python 2.5 numpy-1.0.3
"Python 2.5 numpy-1.0.3" = Python 2.5 numpy-1.0.3
"Python 2.5.1" = Python 2.5.1
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SpeedFan" = SpeedFan (remove only)
"THWTheorie" = THW Theorie
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"Vectorworks ArchLand 2009 SP3 R1" = Vectorworks ArchLand 2009 SP3 R1
"VISPRO" = Microsoft Office Visio Professional 2007
"VLC media player" = VLC media player 0.9.9
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WordToPDF_is1" = WordToPDF 2.5
"ZoneAlarm Pro" = ZoneAlarm Pro
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 23.07.2010 08:09:53 | Computer Name = Rechner | Source = OviSuite | ID = 1
Description = 
 
Error - 23.07.2010 08:09:53 | Computer Name = Rechner | Source = OviSuite | ID = 1
Description = 
 
Error - 23.07.2010 08:09:53 | Computer Name = Rechner | Source = OviSuite | ID = 1
Description = 
 
Error - 28.07.2010 15:03:00 | Computer Name = Rechner | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: spssengine.exe, Version: 17.0.0.234,
 Zeitstempel: 0x48b0c165  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559,
 Zeitstempel: 0x4ba9b29c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00038c19  ID des fehlerhaften
 Prozesses: 0xe34  Startzeit der fehlerhaften Anwendung: 0x01cb2e875bff7145  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\SPSSInc\Statistics17\spssengine.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: bd19bac3-9a7a-11df-97ff-001966c76e35
 
Error - 30.07.2010 10:02:47 | Computer Name = Rechner | Source = Google Update | ID = 20
Description = 
 
Error - 30.07.2010 11:02:47 | Computer Name = Rechner | Source = Google Update | ID = 20
Description = 
 
Error - 01.08.2010 14:15:12 | Computer Name = Rechner | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\geosetter\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files (x86)\geosetter\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 02.08.2010 11:28:33 | Computer Name = Rechner | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\geosetter\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files (x86)\geosetter\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 05.08.2010 20:42:21 | Computer Name = Rechner | Source = Application Hang | ID = 1002
Description = Programm ASROC.exe, Version 2.2.96.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: b00    Startzeit: 
01cb34d398a46d68    Endzeit: 2    Anwendungspfad: C:\Program Files (x86)\ASRock Utility\OCTuner\ASROC.exe

Berichts-ID:
 68ec6e83-a0f3-11df-9a31-001966c76e35  
 
Error - 05.08.2010 22:56:58 | Computer Name = Rechner | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\geosetter\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files (x86)\geosetter\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
[ Media Center Events ]
Error - 27.09.2009 14:05:02 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 20:05:02 - Fehler beim Herstellen der Internetverbindung.  20:05:02 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 28.09.2009 09:52:30 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 15:52:30 - Fehler beim Herstellen der Internetverbindung.  15:52:30 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 29.09.2009 11:05:26 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 17:05:26 - Fehler beim Herstellen der Internetverbindung.  17:05:26 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.09.2009 09:37:31 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 15:37:31 - Fehler beim Herstellen der Internetverbindung.  15:37:31 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.10.2009 17:06:24 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 22:06:21 - Fehler beim Herstellen der Internetverbindung.  22:06:21 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.10.2009 18:08:49 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 23:08:48 - Fehler beim Herstellen der Internetverbindung.  23:08:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.10.2009 20:04:00 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 01:03:59 - Fehler beim Herstellen der Internetverbindung.  01:03:59 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.10.2009 21:18:44 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 02:18:43 - Fehler beim Herstellen der Internetverbindung.  02:18:43 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 31.10.2009 08:46:48 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 13:46:48 - Fehler beim Herstellen der Internetverbindung.  13:46:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 31.10.2009 08:49:02 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 13:48:59 - Fehler beim Herstellen der Internetverbindung.  13:48:59 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ OSession Events ]
Error - 12.03.2010 20:47:06 | Computer Name = Rechner | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.07.2010 08:45:09 | Computer Name = Rechner | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.07.2010 08:46:22 | Computer Name = Rechner | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 02.02.2010 03:30:48 | Computer Name = Rechner | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 TrueVector Internet Monitor erreicht.
 
Error - 02.02.2010 03:30:48 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TrueVector Internet Monitor" wurde aufgrund folgenden 
Fehlers nicht gestartet:   %%1053
 
Error - 02.02.2010 03:30:51 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sentinel" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 02.02.2010 12:10:58 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sentinel" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 02.02.2010 16:53:51 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sentinel" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 02.02.2010 17:07:09 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sentinel" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 03.02.2010 05:36:14 | Computer Name = Rechner | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 TrueVector Internet Monitor erreicht.
 
Error - 03.02.2010 05:36:14 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TrueVector Internet Monitor" wurde aufgrund folgenden 
Fehlers nicht gestartet:   %%1053
 
 
< End of report >

Larusso · 06.08.2010, 21:10

Zitat:

"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)

Was hat dir die denn gekostet ? über 1000 flocken oder doch nur nen download ?

Catarina · 06.08.2010, 21:13

Bin Student und brauch das fürs Studium. Hab viele Programme als Studiversion, da kosten sie keine Tausende Euros, sondern ein paar Hunderte oder sind umsonst.

Larusso · 06.08.2010, 22:37

Naja Studi Versionen sollten dann ja eigentlich vollkommen legal sein.
Warum blockt man dann die aktivierung ?
O1 - Hosts: 127.0.0.1 activate.adobe.com

ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.

Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten.
Dein Anti-Virus-Programm während des Scans deaktivieren.

Button (<< klick) drücken.
- Firefox-User:
  Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
- IE-User:
  müssen das Installieren eines ActiveX Elements erlauben.
Setze den einen Hacken bei Yes, i accept the Terms of Use.
Drücke den Button.
Warte bis die Komponenten herunter geladen wurden.
Setze einen Haken bei "Remove found threads" und "Scan archives".
drücken.
Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.

Wenn der Scan beendet wurde

Klicke Finish.
Browser schließen.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen.
Logfile hier posten.

Schritt 2

Downloade Dir bitte SecurityCheck

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS- Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument ( checkup.txt ) öffnen.

Poste den Inhalt bitte hier.

Larusso · 10.08.2010, 10:34

Fehlende Rückmeldung

Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten.

PN an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere eröffnet bitte einen eigenen Thread.

Catarina · 12.08.2010, 12:00

Tut mir leid, war leider die letzten Tage nicht zuhause. Habe die nächsten Schritte durchgeführt.

Eset Log:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=add8f833c143344fb7ebee4ce197e454
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-08 09:29:27
# local_time=2010-08-08 11:29:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775165 100 100 165601 56818183 0 0
# compatibility_mode=5893 16776573 100 94 281642 33708547 0 0
# compatibility_mode=8192 67108863 100 0 1281 1281 0 0
# compatibility_mode=9217 16777214 75 70 25792656 26096522 0 0
# scanned=2660
# found=0
# cleaned=0
# scan_time=91
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=add8f833c143344fb7ebee4ce197e454
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-08 11:26:59
# local_time=2010-08-09 01:26:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16775165 100 100 165845 56818427 0 0
# compatibility_mode=5893 16776573 100 94 281886 33708791 0 0
# compatibility_mode=8192 67108863 100 0 1525 1525 0 0
# compatibility_mode=9217 16777214 75 70 25792900 26096766 0 0
# scanned=353135
# found=2
# cleaned=2
# scan_time=6898
E:\interessen\liedtexte\lennynickel\BEL.EXE	Win32/JepRuss.A joke (deleted - quarantined)	00000000000000000000000000000000	C
E:\interessen\spiele\TOMBRAIDER\tr3\120802\003036.zip	probably a variant of Win32/Bifrose trojan (deleted - quarantined)	00000000000000000000000000000000	C

Diese beiden Dateien sind uralt.
Das eine müsste ein Scherzprogramm sein (bel.exe), das ich mal vor Jahren von ner Freundin zugeschickt bekam.
Das andere war glaub ich ein Trainer für Tomb Raider 3, was ein Relikt aus Urzeiten ist und ich seit Jahren nicht benutzt habe.

Checkup txt:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.5  
 Windows 7  (UAC is enabled) 
 Internet Explorer 8  
`````````````````````````````` 
Antivirus/Firewall Check: 
 Avira AntiVir Personal - Free Antivirus 
 ESET Online Scanner v3   
 ZoneAlarm Pro     
 WMI entry may not exist for antivirus; attempting automatic update. 
 Avira successfully updated! 
``````````````````````````````` 
Anti-malware/Other Utilities Check: 
 Malwarebytes' Anti-Malware    
 HijackThis 2.0.2    
 CCleaner     
 Java(TM) 6 Update 21  
 Adobe Flash Player 10.1.53.64  
Adobe Reader 9.3.3 - Deutsch 
```````````````````````````````` 
Process Check:  
objlist.exe by Laurent 
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
````````````````````````````````
DNS Vulnerability Check:
 GREAT! (Not vulnerable to DNS cache poisoning) 

``````````End of Log````````````

Da du Zweifel an der Legalität meines Adobes hast, habe ich es erst mal deinstalliert. Da ich eh auf CS5 updaten will, werde ich das dann beizeiten installieren. Kann dir gerne meine Lizenzdaten zeigen.

----------

Außerdem möchte ich meinen PC allgemein "sicherer" machen. Am besten wäre es wahrscheinlich, diese ganzen GB Datenmüll der letzten Jahre auf der Nicht-System-Partition radikal durchzusuchen, was ich noch brauche, und den Rest komplett zu entsorgen. Desweiteren habe ich gehört, dass es güt wäre, nicht mit dem Administrator-Benutzerkonto zu surfen. Dazu müsste ich ja ein neues Benutzerkonto einrichten. Aber dadurch, dass ich bisher so blöd war, mit dem Administrator-Konto zu surfen, wäre ein normales Benutzerkonto dann überhaupt sicher? Eigentlich habe ich momentan keine Lust, den Rechner zu formatieren.

Larusso · 13.08.2010, 12:09

Es eingeschränktes Benutzerkonto ist immer sicher.

Wie läuft der Rechner ?

Starte bitte OTL.exe.
Wähle unter
Extra Registrierung: Benutze Safe List und klicke auf den Scan Button.

Catarina · 13.08.2010, 15:09

OTL.txt:

Code:

ATTFilter

OTL logfile created on: 13.08.2010 15:32:33 - Run 2
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Katze\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,31 Gb Total Space | 113,73 Gb Free Space | 58,23% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 88,72 Gb Free Space | 45,43% Space Free | Partition Type: NTFS
Drive E: | 205,54 Gb Total Space | 79,89 Gb Free Space | 38,87% Space Free | Partition Type: NTFS
Drive F: | 7,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: RECHNER
Current User Name: Katze
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Katze\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Citavi\bin\Citavi Program.exe (Swiss Academic Software)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\RivaTuner\RivaTuner.exe ()
PRC - C:\Program Files (x86)\RivaTuner\Tools\RTSS\RTSS.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\system\cm106eye.exe ()
PRC - C:\PROGRA~2\ESRI\License\arcgis9x\ARCGIS.exe ()
PRC - C:\PROGRA~2\ESRI\License\arcgis9x\lmgrd.exe (Acresso Software Inc.)
PRC - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Katze\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files (x86)\RivaTuner\Tools\RTSS\RTSSHooks.dll ()
MOD - C:\Windows\SysWOW64\WindowsCodecs.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\srvcli.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\slc.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ntshrui.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\linkinfo.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\IconCodecService.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\EhStorShell.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\cscapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (WAS) -- C:\Windows\SysNative\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV:64bit: - (W3SVC) -- C:\Windows\SysNative\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppHostSvc) -- C:\Windows\SysNative\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (getPlusHelper) getPlus(R) -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (DAUpdaterSvc) -- d:\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (vsmon) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (ArcGIS License Manager) -- C:\PROGRA~2\ESRI\License\arcgis9x\lmgrd.exe (Acresso Software Inc.)
SRV - (MDM) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia)
DRV:64bit: - (nmwcdnsucx64) -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys (Nokia)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (USBMULCD) -- C:\Windows\SysNative\drivers\CM10664.sys (C-Media Electronics Inc)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (grmnusb) -- C:\Windows\SysNative\drivers\grmnusb.sys (GARMIN Corp.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (cpuz132) -- C:\Windows\SysNative\drivers\cpuz132_x64.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (CLBStor) -- C:\Windows\SysNative\drivers\CLBStor.sys (Cyberlink Co.,Ltd.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (irsir) -- C:\Windows\SysNative\drivers\irsir.sys (Microsoft Corporation)
DRV:64bit: - (ATITool) -- C:\Windows\SysNative\drivers\ATITool64.sys ()
DRV:64bit: - (Sentinel) -- C:\Windows\SysNative\drivers\Sentinel64.sys (SafeNet, Inc.)
DRV - (RivaTuner64) -- C:\Program Files (x86)\RivaTuner\RivaTuner64.sys ()
DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl (Cyberlink Corp.)
DRV - (LGII2CDevice) -- C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys ()
DRV - (LGDDCDevice) -- C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys ()
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
DRV - (CLBUDF) -- C:\Windows\CLBUDF.tbl ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2
FF - prefs.js..extensions.enabledItems: ***@stud.fh-dortmund.de:1.3
FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2010.01.21
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.07.07 12:41:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.25 21:48:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.07.07 12:41:57 | 000,000,000 | ---D | M]
 
[2010.05.18 19:28:59 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\mozilla\Extensions
[2010.08.12 15:42:26 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\mozilla\Firefox\Profiles\wd07rzkk.default\extensions
[2010.08.07 12:52:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katze\AppData\Roaming\mozilla\Firefox\Profiles\wd07rzkk.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010.07.07 13:05:45 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\Katze\AppData\Roaming\mozilla\Firefox\Profiles\wd07rzkk.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010.07.01 23:20:42 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Katze\AppData\Roaming\mozilla\Firefox\Profiles\wd07rzkk.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.07.07 14:26:02 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Katze\AppData\Roaming\mozilla\Firefox\Profiles\wd07rzkk.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2010.07.15 22:12:26 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\mozilla\Firefox\Profiles\wd07rzkk.default\extensions\***@stud.fh-dortmund.de
[2010.08.08 23:30:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.07.19 13:13:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}
[2010.06.22 23:31:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.08 23:26:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.01 23:20:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.01 23:20:00 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.01 23:20:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.01 23:20:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.01 23:20:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.10.05 23:16:20 | 000,000,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1				activate.adobe.com
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Cm106Sound] C:\Windows\Syswow64\cm106.DLL (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RivaTuner] C:\Program Files (x86)\RivaTuner\RivaTunerWrapper.exe ()
O4:64bit: - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files (x86)\RivaTuner\RivaTunerWrapper.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [RTSS] C:\Program Files (x86)\RivaTuner\Tools\RTSS\RTSSWrapper.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [ASRockOCTuner]  File not found
O4 - Startup: C:\Users\Katze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Citavi Picker... - C:\Program Files (x86)\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html ()
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: &Citavi Picker... - C:\Program Files (x86)\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.4.11.1 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare) - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.04.14 05:17:18 | 000,000,058 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1d209622-b6ab-11de-ad61-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1d209622-b6ab-11de-ad61-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare)
O33 - MountPoints2\{ad04201f-ab90-11de-bcad-001966c76e35}\Shell - "" = AutoRun
O33 - MountPoints2\{ad04201f-ab90-11de-bcad-001966c76e35}\Shell\AutoRun\command - "" = L:\Autorun.exe -- File not found
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\Install.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.12 16:02:26 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.08.12 16:02:26 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.08.12 16:02:25 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.08.12 16:02:19 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.08.12 16:02:19 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.08.12 16:02:19 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.08.12 16:02:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.08.12 16:02:19 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.08.12 16:02:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.08.12 16:02:12 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.08.12 16:02:12 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.08.12 16:02:11 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.08.12 13:32:45 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2010.08.12 13:32:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeXnicCenter
[2010.08.12 13:24:12 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Local\MiKTeX
[2010.08.12 13:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\MiKTeX
[2010.08.12 13:21:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiKTeX 2.7
[2010.08.12 12:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2010.08.12 12:40:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2010.08.12 12:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010.08.08 23:26:14 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.08.08 23:26:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.08.08 23:26:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.08.08 23:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2010.08.07 03:23:04 | 000,000,000 | ---D | C] -- C:\Users\Katze\Documents\OneNote-Notizbücher
[2010.08.07 01:32:00 | 000,000,000 | ---D | C] -- C:\Users\Katze\Desktop\logs_txt
[2010.08.07 01:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.08.07 01:08:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010.08.07 01:07:56 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.08.07 01:07:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.08.07 01:05:58 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.08.07 01:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2010.08.07 01:04:44 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.08.06 21:31:27 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Katze\Desktop\OTL.exe
[2010.08.06 21:22:40 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Roaming\Malwarebytes
[2010.08.06 21:21:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.08.06 21:21:29 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.08.06 21:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.08.06 21:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.28 21:00:51 | 000,000,000 | ---D | C] -- C:\Users\Katze\.spss
[2010.07.28 20:56:04 | 000,000,000 | ---D | C] -- C:\Users\Katze\Documents\SafeNet Sentinel
[2010.07.28 20:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
[2010.07.28 20:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SPSS
[2010.07.28 20:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SPSSInc
[2010.07.26 21:55:16 | 000,000,000 | ---D | C] -- C:\Users\Katze\.idlerc
[2010.07.19 13:17:45 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Roaming\Academic Software Zurich
[2010.07.19 13:14:31 | 000,000,000 | ---D | C] -- C:\Users\Katze\Documents\Citavi
[2010.07.19 13:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citavi
[2010.07.16 08:52:43 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010.07.16 08:52:43 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010.07.16 08:52:43 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010.07.16 08:52:43 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010.07.16 08:52:43 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010.07.16 08:52:43 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010.07.16 08:52:43 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010.07.16 08:52:43 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010.07.15 19:40:01 | 000,000,000 | ---D | C] -- C:\Users\Katze\AppData\Local\Google
[2010.07.15 19:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.07.15 19:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.13 15:32:50 | 003,932,160 | -HS- | M] () -- C:\Users\Katze\NTUSER.DAT
[2010.08.13 14:45:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.13 12:48:52 | 000,005,251 | ---- | M] () -- C:\Users\Katze\Desktop\liste1.rtf
[2010.08.13 11:28:44 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.13 11:28:44 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.13 11:20:40 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.13 11:20:35 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.13 11:20:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.13 11:19:58 | 3219,890,176 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.12 23:43:45 | 021,938,771 | -H-- | M] () -- C:\Users\Katze\AppData\Local\IconCache.db
[2010.08.12 22:58:25 | 005,031,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.12 13:42:07 | 000,137,424 | ---- | M] () -- C:\Users\Katze\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.12 13:32:45 | 000,001,032 | ---- | M] () -- C:\Users\Katze\Desktop\TeXnicCenter.lnk
[2010.08.12 13:32:04 | 000,000,043 | ---- | M] () -- C:\Users\Katze\gsview32.ini
[2010.08.12 13:01:05 | 000,869,051 | ---- | M] () -- C:\Users\Katze\Desktop\SecurityCheck.exe
[2010.08.07 20:26:02 | 001,769,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.07 20:26:02 | 000,759,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.08.07 20:26:02 | 000,703,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.07 20:26:02 | 000,170,002 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.08.07 20:26:02 | 000,138,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.08.07 04:17:43 | 001,314,816 | ---- | M] () -- C:\Users\Katze\Documents\Aufgaben.accdb
[2010.08.07 03:48:50 | 000,001,340 | ---- | M] () -- C:\Users\Katze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
[2010.08.07 01:25:13 | 000,001,007 | ---- | M] () -- C:\Users\Katze\Desktop\CCleaner.lnk
[2010.08.07 01:05:54 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010.08.06 23:53:28 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2010.08.06 21:31:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Katze\Desktop\OTL.exe
[2010.08.06 21:21:33 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.29 08:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.07.28 21:07:54 | 000,000,114 | ---- | M] () -- C:\Windows\SysWow64\prsgrc.tgz
[2010.07.28 21:07:54 | 000,000,100 | ---- | M] () -- C:\Windows\SysWow64\prsgrc.dll
[2010.07.28 20:55:10 | 000,001,024 | ---- | M] () -- C:\Windows\SysWow64\grcauth2.dll
[2010.07.28 20:55:09 | 000,001,024 | ---- | M] () -- C:\Windows\SysWow64\grcauth1.dll
[2010.07.28 20:51:45 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.tgz
[2010.07.28 20:51:45 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.dll
[2010.07.28 20:51:45 | 000,000,219 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.tgz
[2010.07.28 20:51:45 | 000,000,205 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.dll
[2010.07.28 20:51:45 | 000,000,016 | -H-- | M] () -- C:\Windows\SysWow64\servdat.slm
[2010.07.17 05:00:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.07.17 05:00:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.07.17 05:00:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.13 12:48:52 | 000,005,251 | ---- | C] () -- C:\Users\Katze\Desktop\liste1.rtf
[2010.08.12 13:32:45 | 000,001,032 | ---- | C] () -- C:\Users\Katze\Desktop\TeXnicCenter.lnk
[2010.08.12 13:02:10 | 000,869,051 | ---- | C] () -- C:\Users\Katze\Desktop\SecurityCheck.exe
[2010.08.07 04:17:32 | 001,314,816 | ---- | C] () -- C:\Users\Katze\Documents\Aufgaben.accdb
[2010.08.07 03:23:06 | 000,001,340 | ---- | C] () -- C:\Users\Katze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
[2010.08.07 01:25:13 | 000,001,007 | ---- | C] () -- C:\Users\Katze\Desktop\CCleaner.lnk
[2010.08.06 21:21:33 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.28 20:55:11 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\prsgrc.tgz
[2010.07.28 20:55:10 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth2.dll
[2010.07.28 20:55:08 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth1.dll
[2010.07.28 20:55:07 | 000,000,100 | ---- | C] () -- C:\Windows\SysWow64\prsgrc.dll
[2010.07.28 20:51:45 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.tgz
[2010.07.28 20:51:45 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2010.07.28 20:51:45 | 000,000,219 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.tgz
[2010.07.28 20:51:45 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2010.07.28 20:51:45 | 000,000,016 | -H-- | C] () -- C:\Windows\SysWow64\servdat.slm
[2010.07.15 19:40:07 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.15 19:40:05 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009.12.30 15:27:55 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix106.dll
[2009.12.30 15:27:45 | 000,000,915 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2009.12.30 15:15:20 | 000,000,467 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2009.12.30 15:08:03 | 000,000,518 | ---- | C] () -- C:\Windows\cm106.ini
[2009.12.30 15:07:43 | 000,002,391 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
[2009.12.07 15:55:19 | 000,000,070 | ---- | C] () -- C:\Windows\WinInit.Ini
[2009.12.07 15:52:37 | 000,000,731 | ---- | C] () -- C:\Windows\pwc62d.INI
[2009.12.07 14:15:00 | 000,000,081 | ---- | C] () -- C:\Windows\winDecrypt.INI
[2009.11.24 22:39:53 | 000,000,095 | ---- | C] () -- C:\Windows\crackpdf.INI
[2009.10.22 00:35:00 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009.10.22 00:35:00 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.09.30 01:07:08 | 001,794,784 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.09.25 14:10:56 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.09.24 23:20:49 | 000,004,801 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[1997.06.25 16:24:16 | 000,040,448 | ---- | C] () -- C:\Windows\SysWow64\RegObj.dll
 
========== LOP Check ==========
 
[2010.07.19 13:29:26 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Academic Software Zurich
[2009.10.07 01:16:55 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\anpo.republika.pl
[2010.05.01 00:10:19 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Audacity
[2009.11.25 00:29:31 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\DAEMON Tools
[2010.01.27 20:09:22 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\ESRI
[2009.10.07 01:12:08 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\fltk.org
[2010.05.10 22:04:22 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Free Download Manager
[2010.08.07 12:52:43 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\GARMIN
[2009.12.21 00:50:04 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\GeoSetter
[2010.06.16 17:29:58 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\GHISLER
[2010.07.09 01:06:31 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\ICQ
[2009.09.24 23:14:20 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Leadertech
[2009.10.12 17:05:40 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Nemetschek
[2010.07.07 13:42:35 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Nokia
[2010.07.07 13:42:36 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\Nokia Ovi Suite
[2009.10.02 02:30:00 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\PACE Anti-Piracy
[2010.07.07 13:05:58 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\PC Suite
[2010.07.06 23:35:43 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\PEERNET
[2009.10.27 13:15:02 | 000,000,000 | ---D | M] -- C:\Users\Katze\AppData\Roaming\WordToPDF
[2010.07.12 12:01:20 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:5F64C164
@Alternate Data Stream - 1248 bytes -> C:\Users\Katze\AppData\Local\Temp:HQEtE1jiUwaVdYmh5q
< End of report >

Catarina · 13.08.2010, 15:10

Extras.txt:

Code:

ATTFilter

OTL Extras logfile created on: 13.08.2010 15:32:33 - Run 2
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Katze\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,31 Gb Total Space | 113,73 Gb Free Space | 58,23% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 88,72 Gb Free Space | 45,43% Space Free | Partition Type: NTFS
Drive E: | 205,54 Gb Total Space | 79,89 Gb Free Space | 38,87% Space Free | Partition Type: NTFS
Drive F: | 7,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: RECHNER
Current User Name: Katze
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{59427B1F-852F-4AF1-8215-E5B12F966D89}" = Logitech G11 Keyboard Software 1.03
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97407E09-4EA8-49F0-A513-2C1776A6DEC0}" = Sentinel System Driver(64-bit) 7.2.2
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CCC50A42-892B-AF23-6188-6E8D2FDF34E3}" = ATI Catalyst Install Manager
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (03/08/2007 2.2.1.0)
"C-Media CM106 Like Sound Driver" = USB Multi-Channel Audio Device
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"GSview 4.9" = GSview 4.9
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0236FF14-34AF-4D37-BA6C-17567B7A8685}_is1" = MapTk (MapToolKit)
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07A8ED9E-B98E-437F-B750-241B412BE924}" = Garmin USB Drivers
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1873789F-59D5-4002-8A2F-60A827B78F98}_is1" = GmapTool 0.4.6
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink BD Solution
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5
"{48F95CE7-69D9-4967-81F7-D763CABFBD53}" = Debugging Tools for Windows (x86)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5033400B-0977-45AB-94CE-CC135A8E1BBB}" = ArcGIS Desktop
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = CyberLink PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75AE638F-750A-11DF-96D5-005056806466}" = Google Earth Plug-in
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79F71DBA-38D0-D6C4-DF6C-335C37091031}" = Nero 7 Demo
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller  Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A13D16C5-38A9-4D96-9647-59FCCAB12A85}" = Visual Basic for Applications (R) Core - English
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D8B5B7C3-47B1-40FA-8251-59C74A543880}" = Dragon Age: Origins Character Creator
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9DA2DF6-8CB6-4E3C-A29E-FAECFBA3E9A7}" = Garmin POI Loader
"{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2903F16-9A5A-4292-9D97-8328088086B6}" = forteManager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB97C283-1F3C-42D4-AE01-ADC1DC12F774}" = Visual Basic for Applications (R) Core
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AGSAdventureDev312SP1_is1" = Adventure Game Studio 3.1.2 SP1
"ArcGIS Desktop" = ArcGIS Desktop
"ArcGIS License Manager" = ArcGIS License Manager
"ASRock OC Tuner_is1" = ASRock OC Tuner v2.2.96
"ATITool" = ATITool Overclocking Utility
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Cachewolf POI Export" = Cachewolf POI Export
"CCleaner" = CCleaner
"cGPSmapper Free_is1" = cGPSmapper Free 0098e
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Citavi" = Citavi 2.5
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"EADM" = EA Download Manager
"ESET Online Scanner" = ESET Online Scanner v3
"Free Download Manager_is1" = Free Download Manager 3.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Generic USB 106 Sound" = SL-8795 Headset
"GeoSetter_is1" = GeoSetter 3.1.20
"GoldWave v5.55" = GoldWave v5.55
"GPicSync_is1" = GPicSync 1.28
"GPL Ghostscript 8.63" = GPL Ghostscript 8.63
"GPS-Track-Analyse.NET" = GPS-Track-Analyse.NET
"GSview 4.9" = GSview 4.9
"HijackThis" = HijackThis 2.0.2
"JiveX DICOM Viewer Light 4.3.1" = JiveX DICOM Viewer Light 4.3.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MiKTeX 2.7" = MiKTeX 2.7
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"myphotobook" = myphotobook 3.65
"Nokia Ovi Suite" = Nokia Ovi Suite
"numpy-py2.5" = Python 2.5 numpy-1.0.3
"Office14.SingleImage" = Microsoft Office Professional 2010
"Python 2.5 numpy-1.0.3" = Python 2.5 numpy-1.0.3
"Python 2.5.1" = Python 2.5.1
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"TeXnicCenter_is1" = TeXnicCenter Version 1.0 Stable RC1
"THWTheorie" = THW Theorie
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"Vectorworks ArchLand 2009 SP3 R1" = Vectorworks ArchLand 2009 SP3 R1
"VLC media player" = VLC media player 0.9.9
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WordToPDF_is1" = WordToPDF 2.5
"ZoneAlarm Pro" = ZoneAlarm Pro
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 23.07.2010 08:09:53 | Computer Name = Rechner | Source = OviSuite | ID = 1
Description = 
 
Error - 23.07.2010 08:09:53 | Computer Name = Rechner | Source = OviSuite | ID = 1
Description = 
 
Error - 23.07.2010 08:09:53 | Computer Name = Rechner | Source = OviSuite | ID = 1
Description = 
 
Error - 28.07.2010 15:03:00 | Computer Name = Rechner | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: spssengine.exe, Version: 17.0.0.234,
 Zeitstempel: 0x48b0c165  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559,
 Zeitstempel: 0x4ba9b29c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00038c19  ID des fehlerhaften
 Prozesses: 0xe34  Startzeit der fehlerhaften Anwendung: 0x01cb2e875bff7145  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\SPSSInc\Statistics17\spssengine.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: bd19bac3-9a7a-11df-97ff-001966c76e35
 
Error - 30.07.2010 10:02:47 | Computer Name = Rechner | Source = Google Update | ID = 20
Description = 
 
Error - 30.07.2010 11:02:47 | Computer Name = Rechner | Source = Google Update | ID = 20
Description = 
 
Error - 01.08.2010 14:15:12 | Computer Name = Rechner | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\geosetter\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files (x86)\geosetter\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 02.08.2010 11:28:33 | Computer Name = Rechner | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\geosetter\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files (x86)\geosetter\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 05.08.2010 20:42:21 | Computer Name = Rechner | Source = Application Hang | ID = 1002
Description = Programm ASROC.exe, Version 2.2.96.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: b00    Startzeit: 
01cb34d398a46d68    Endzeit: 2    Anwendungspfad: C:\Program Files (x86)\ASRock Utility\OCTuner\ASROC.exe

Berichts-ID:
 68ec6e83-a0f3-11df-9a31-001966c76e35  
 
Error - 05.08.2010 22:56:58 | Computer Name = Rechner | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\geosetter\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files (x86)\geosetter\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
[ Media Center Events ]
Error - 27.09.2009 14:05:02 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 20:05:02 - Fehler beim Herstellen der Internetverbindung.  20:05:02 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 28.09.2009 09:52:30 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 15:52:30 - Fehler beim Herstellen der Internetverbindung.  15:52:30 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 29.09.2009 11:05:26 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 17:05:26 - Fehler beim Herstellen der Internetverbindung.  17:05:26 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.09.2009 09:37:31 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 15:37:31 - Fehler beim Herstellen der Internetverbindung.  15:37:31 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.10.2009 17:06:24 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 22:06:21 - Fehler beim Herstellen der Internetverbindung.  22:06:21 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.10.2009 18:08:49 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 23:08:48 - Fehler beim Herstellen der Internetverbindung.  23:08:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.10.2009 20:04:00 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 01:03:59 - Fehler beim Herstellen der Internetverbindung.  01:03:59 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.10.2009 21:18:44 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 02:18:43 - Fehler beim Herstellen der Internetverbindung.  02:18:43 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 31.10.2009 08:46:48 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 13:46:48 - Fehler beim Herstellen der Internetverbindung.  13:46:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 31.10.2009 08:49:02 | Computer Name = Rechner | Source = MCUpdate | ID = 0
Description = 13:48:59 - Fehler beim Herstellen der Internetverbindung.  13:48:59 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 11.08.2010 09:20:58 | Computer Name = Rechner | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 TrueVector Internet Monitor erreicht.
 
Error - 11.08.2010 09:20:58 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TrueVector Internet Monitor" wurde aufgrund folgenden 
Fehlers nicht gestartet:   %%1053
 
Error - 11.08.2010 09:21:06 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sentinel" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 11.08.2010 10:47:03 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sentinel" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 11.08.2010 16:10:11 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sentinel" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 12.08.2010 06:16:31 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sentinel" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 12.08.2010 16:56:44 | Computer Name = Rechner | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 TrueVector Internet Monitor erreicht.
 
Error - 12.08.2010 16:56:44 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TrueVector Internet Monitor" wurde aufgrund folgenden 
Fehlers nicht gestartet:   %%1053
 
Error - 12.08.2010 16:56:50 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sentinel" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
Error - 13.08.2010 05:20:46 | Computer Name = Rechner | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sentinel" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%577
 
 
< End of report >

Catarina · 13.08.2010, 15:18

Der Rechner läuft normal. Eigentlich kein ungewöhnliches "Verhalten".

Larusso · 13.08.2010, 17:46

Logfile ist sauber

Hier noch die letzten paar Schritte zur Säuberung Deines Rechners.

Schritt 1

Systemwiederherstellungpunkte leeren

Windows + R Taste drücken --> cleanmgr ( eingeben ) --> OK
Wähle nun deine Systemplatte (normal C

.
Klicke auf Systemdateien bereinigen --> erneut die Systemplatte wählen --> Reiter Weitere Optionen
und klicke auf Systemwiederherstellung und Schattenkopien bereinigen.

Note: Dieser Teil ist jeweils an das Betriebssystem anzupassen

Schritt 2

Tool CleanUp

Starte bitte die OTL.exe.
Klicke nun auf den Bereinigung Button. Dies wird die meisten Tools und Logfiles entfernen.
Sollte denoch etwas bestehen bleiben, bitte manuell entfernen sowie den Papierkorb leeren.

Schritt 3

Automatische Updates

Sehen wir nach ob die Updates für Windows sich automatisch downloaden. Das ist der beste Weg um all die Sicherheits- Patches und Fixes zu erhalten.

Windows + R Taste drücken. Kopiere nun folgenden Text in die Kommandozeile

RunDll32.exe shell32.dll,Control_RunDLL wscui.cpl

und klicke auf OK.
Stelle sicher das die automatischen Updates aktiviert sind.

Schritt 4

Um Dich für die Zukunft vor weiteren Infizierungen zu schützen empfehle ich Dir noch ein paar Programme.

SpywareBlaster
Ein Tutorial zur Verwendung findest Du Hier
MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
Hinweis: MBAM ersetzt keine Anti- Viren- Software.
Temp File Cleaner
TFC ist ein wirklich starkes Tool zum entfernen von Temp Dateien vom IE und WIndows, leert den Papierkorb und noch viel mehr.
Ausserdem hilft es Deinen Computer zu beschleunigen.
Du kannst Dir TFC ( by OldTimer ) hier downloaden.
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
Halte Dein System aktuell
Ich kann gar nicht oft genug betonen, wie wichtig es ist, dass der PC auf dem aktuellsten Stand der Dinge ist.
Es werden oft genug Sicherheitslücken in Windows eigenen Anwendungen gefunden. Diese "Löcher" gehören entfernt, weil Angreifer diese womöglich nutzen um unauthorisiert auf Dein System zu zugreifen.
Jeden zweiten Dienstag im Monat ist Update Tag. Besuche bitte dazu die Microsoft Update Seite.
Halte Deine Software aktuell
Der einfachste Weg dafür ist der Secunia Online Software.

Schritt 5

Tipps für sicheres Surfen

Das sind meine Vorschläge.
Verwende einen alternativen Browser statt den IE.
Ich empfehle Mozilla Firefox.

Für Firefox gibt es verschiedenste AddOns um sicher durch das WWW zu kommen.

NoScript
Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
AdblockPlus
Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
Es spart ausserdem Downloadkapazität.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Trojaner- und Wurmbefall beseitigt oder noch vorhanden?

Plagegeister aller Art und deren Bekämpfung: Trojaner- und Wurmbefall beseitigt oder noch vorhanden?