Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam

Toni_75 · 26.06.2011, 21:10

Hallo,
wende mich an euch um eine Neuformatierung ggf doch noch zu verhindern. Kurze Historie: Der Rechner meines Sohnes hat letztes WE den 'Bundespolizei-Screen' gezeigt; mittels diverser Aktionen (AVIRA-Recovery CD, Malwarebyte, mehrerer AVIRA-Scans, ...) tritt dieser Fehler mittlerweile nicht mehr auf. Bin aber sehr sicher, dass der Rechner unverändert eine (ggf mehrere) Macke(n) hat.
- Sicherheitscenter ist nicht aktivierbar
- Google-Adressen werden auf kommerzielle Seiten umgeleitet
- AVIRA kann von Freeeware nicht auf Premium upgedatet werden (Bezahlvorgang wir weder via Paypal noch Mastercard erkannt)
- Rechner bootet unglaublich langsam

Die Logfiles habe ich nach besten Wissen/Vermögen erstellt - bin kein Profi.
Hoffe ihr könnt helfen!

Ergänzung: auch die Windows-Updates funktionieren nicht mehr.
Klingt nach mannigfaltiger Kombination verschiedener in anderen Threads behandelter Einzelthemen :-)

..bin bis Fr unterwegs - ohne Zugriff auf den nicht mehr funktionierenden Rechner. Freue mich über / hoffe auf kompetente Unterstützung.

kira · 27.06.2011, 08:04

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

Ich habe zwei Vorschläge: :
Wenn du glaubst zu kennen die Zeitpunkt wo dein System noch einwandfrei funktioniert hat, die Systemwiederherstellung ist einen Versuch Wert!:

- Gibt es einen "relativ einfachen Weg",wenn eine frische Infektion vorliegt, oder mal bestimmte Probleme bekommt man auch gelöst, was man sogleich ausprobieren sollte. Dies bietet Dir die Möglichkeit, Systemänderungen am Computer ohne Auswirkung auf persönliche Dateien, wie z. B. E-Mails, Dokumente oder Fotos, rückgängig zu machen.

Zitat:

-> Systemwiederherstellung
► Bitte wähle das älteste verfügbare Datum für die Wiederherstellung von Windows aus, wo dein Rechner noch einwandfrei funktioniert hat!

Du musst dich als Administrator oder als Benutzer mit Administratorrechten anmelden.
Die Systemwiederherstellung lässt sich unter Windows Vista/XP/7 wie folgt aufrufen:
► Start → Alle Programme → Zubehör → Systemprogramme → Systemwiederherstellung

->Eine Schritt-für-Schritt-Anleitung zum Einsatz der Systemwiederherstellung unter Windows XP
->Systemwiederherstellung unter Windows Vista
->Unter Win 7
► Falls nötig, kannst Du es im abgesicherten Modus auch tun - (Link bitte unbedingt anklicken & lesen!)

Die Systemwiederherstellung ist nur ein "Notlösung", das Problem wird damit nie 100%ig beseitigt, da dem Zeitpunkt des Eindringen des Trojaners nicht mehr feststellen kann. Aber man kann damit die Funktionsfähigkeit eines Computersystems erhöhen.
(Kannst noch immer bis zum heutigen Zeitpunkt rückgängig machen, falls liefert nicht das gewünschte Ergebnis)

► berichte mir auch, ob die SWH funktioniert hat, bzw ob Du das System auf einen früheren Wiederherstellungspunkt zurückstellen können?

Sollte die Systemwiederherstellung nicht funktionieren (Malware kann es verhindern):
- Du kannst auch noch die folgenden Methoden ausprobieren, um das Problem zu beheben.:-> Verwenden der letzten als funktionierend bekannten Konfiguration

1.
Systemscan mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop.

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

2.
Bitte Versteckte - und Systemdateien sichtbar machen den Link hier anklicken:
System-Dateien und -Ordner unter XP und Vista sichtbar machen
Am Ende unserer Arbeit, kannst wieder rückgängig machen!

3.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - bei Win7 wähle Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.
** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten

4.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
kira

Toni_75 · 02.07.2011, 14:59

Hallo und herzlichen Dank für die freundliche Begrüßung; bin leider erst jetzt wieder am Rechner - hatte ich ja so angekündigt.

Am Rechnerzustand hat sich bis dato nichts geändert - wäre ja auch zu schön gewesen. Halt doch: das Avira-Update auf Premium habe ich hinbekommen.

Hier also die Logs:

1. OTL:
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 02.07.2011 15:44:41 - Run 3
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\Standard\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 63,14% Memory free
6,69 Gb Paging File | 5,55 Gb Available in Paging File | 82,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 119,91 Gb Free Space | 51,49% Space Free | Partition Type: NTFS
 
Computer Name: TOBIAS-PC | User Name: Standard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.07.02 14:18:25 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.07.02 14:18:25 | 000,340,136 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2011.07.02 14:18:25 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
PRC - [2011.06.26 11:16:26 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.06.26 11:16:13 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.06.26 11:16:08 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.04.14 18:40:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.01.05 04:58:02 | 000,397,312 | ---- | M] (AMD) -- C:\WINDOWS\System32\atieclxx.exe
PRC - [2011.01.05 04:57:32 | 000,176,128 | ---- | M] (AMD) -- C:\WINDOWS\System32\atiesrxx.exe
PRC - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.09.21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 15:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.09.22 18:29:54 | 001,528,320 | ---- | M] (Elgato Systems) -- C:\Programme\Common Files\TerraTec\Remote\TTTvRc.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.07.11 02:27:52 | 040,999,448 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
PRC - [2008.07.10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.07.06 17:31:02 | 000,331,776 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMProcess.exe
PRC - [2008.06.23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMWDSrv.exe
PRC - [2008.06.14 01:02:04 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMCONFIG.exe
PRC - [2008.05.30 01:22:38 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\StartAutorun.exe
PRC - [2008.04.15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.04.15 18:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.02.12 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.12.11 13:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe
PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnp325.exe
PRC - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe
PRC - [2007.02.12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (Recovery Service for Windows)
SRV - [2011.07.02 14:18:25 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.07.02 14:18:25 | 000,340,136 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011.07.02 14:18:25 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.26 11:16:26 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.06.10 18:55:48 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.01.15 16:06:42 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.01.05 04:57:32 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010\Dfsdks.exe -- (DfSdkS)
SRV - [2008.07.29 18:20:14 | 000,067,072 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Stopped] -- C:\WINDOWS\System32\ATKFUSService.exe -- (ATKFUSService)
SRV - [2008.06.23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Programme\Keyboard & Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2008.04.15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.02.12 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe -- (AESTFilters)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\WINDOWS\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.11 13:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.02 14:18:26 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.02 14:18:26 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011.01.05 05:36:10 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011.01.05 05:36:10 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.01.05 04:19:18 | 000,235,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.01.02 01:04:00 | 000,722,416 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.11.17 14:04:12 | 000,097,296 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2010.06.10 14:32:14 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo)
DRV - [2009.07.17 18:02:02 | 000,335,872 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\rt61.sys -- (RT61)
DRV - [2009.07.17 02:41:49 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2009.05.14 09:48:04 | 000,762,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\UDXTTM6010.sys -- (UDXTTM6010)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.08.06 17:26:08 | 000,124,928 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.07.29 18:20:16 | 000,030,976 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ATKDispLowFilter.sys -- (atkdisplf)
DRV - [2008.07.29 18:20:16 | 000,015,232 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2008.07.10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008.04.27 18:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008.04.27 12:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2008.04.15 20:19:54 | 000,378,368 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.04.01 13:14:10 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.03.27 13:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.03.27 13:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.03.22 11:31:58 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\KMWDFILTER.sys -- (KMWDFilter)
DRV - [2008.02.29 17:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.24 15:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\enecir.sys -- (enecir)
DRV - [2007.07.11 10:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.05.30 19:14:58 | 000,016,640 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007.05.07 17:58:44 | 010,343,168 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325)
DRV - [2007.01.29 17:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AsusVRC.sys -- (ASUSVRC)
DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\afc.sys -- (Afc)
DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004.09.12 09:45:28 | 000,008,320 | ---- | M] (Ruling Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dyncal.sys -- (DynCal)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll (ICQ)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/skins7/"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
 
FF - user.js..browser.search.openintab: false
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.29 19:20:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.18 10:16:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.07.02 14:17:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.06.18 10:16:01 | 000,000,000 | ---D | M]
 
[2011.05.29 18:30:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions
[2010.09.01 10:06:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.06.13 23:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions
[2011.04.27 10:13:02 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.31 22:24:30 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.12.31 22:15:52 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.08.30 11:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\personas@christopher.beard
[2011.06.13 23:05:44 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\plugin@yontoo.com
[2011.07.02 14:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\psvooo35.default\extensions
[2011.06.14 18:32:19 | 000,000,000 | ---D | M] (Maximum AdBlock) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\psvooo35.default\extensions\ozymandias@securityheroes.com
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\944s7en5.default\searchplugins\icqplugin.xml
[2011.06.13 23:12:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.04.29 15:36:05 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.10 22:24:04 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.06.26 18:58:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.14 19:50:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.08 21:25:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.17 21:44:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.06.13 23:06:07 | 000,000,000 | ---D | M] (Babylon) -- C:\Programme\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.06.13 23:05:52 | 000,002,226 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.28 10:41:02 | 000,005,529 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.06.26 18:39:42 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (GdfrDUEn Class) - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Programme\Get Styles\enlbrdr.dll (TODO: <Company name>)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo Layers\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KMCONFIG]  File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [snp325] C:\WINDOWS\vsnp325.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe ()
O4 - HKCU..\Run: [{1289D823-E624-5CEE-AB7E-EC96825F68C4}] C:\Users\Standard\AppData\Roaming\Arxue\waenw.exe ()
O4 - HKCU..\Run: [4Y3Y0C3A9F7W1ZYDRRQYR] C:\Recycle.Bin\B6232F3ACEA.exe ()
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Remote Control Editor] C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe (Elgato Systems)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Programme\Get Styles\ct.htm ()
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Programme\Get Styles\ct.htm ()
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.euro.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/html {574940E0-1B7A-4881-8FA3-1E809714B156} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\windows searchqu toolbar\datamngr\datamngr.dll) - c:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\WINDOWS\System32\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\WINDOWS\System32\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell - "" = AutoRun
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell\AutoRun\command - "" = I:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell\dinstall\command - "" = I:\Directx\dxsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.07.02 15:32:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.07.02 15:32:02 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.07.02 15:11:52 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Uduzaw
[2011.07.02 15:11:52 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Arxue
[2011.06.26 18:58:31 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
[2011.06.26 18:39:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.06.25 23:27:07 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.06.25 20:58:50 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\Tools
[2011.06.25 19:07:16 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Malwarebytes
[2011.06.25 19:06:09 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.06.25 19:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.06.25 19:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.06.25 19:06:04 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.06.25 19:06:04 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.06.17 19:49:54 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011.06.17 14:43:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.06.17 14:27:36 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\go
[2011.06.17 14:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[2011.06.14 18:32:20 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\SecurityHeroes
[2011.06.14 12:32:17 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2011.06.14 12:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.06.14 12:31:58 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi
[2011.06.14 12:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011.06.13 23:25:07 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.06.13 23:05:37 | 000,000,000 | ---D | C] -- C:\Programme\Yontoo Layers
[2011.06.13 23:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2011.06.13 23:04:44 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\MediaGet2
[2011.06.13 18:41:09 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Activision
[2011.06.11 16:40:52 | 000,000,000 | ---D | C] -- C:\Programme\THQ
[2011.06.11 16:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.06.11 16:38:02 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\SKIDROW
[2011.06.11 16:37:26 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.06.11 16:37:22 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.06.11 10:18:46 | 000,000,000 | ---D | C] -- C:\Programme\DAMN NFO Viewer
[2011.06.11 10:13:01 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\My Games
[2011.06.10 18:53:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam
[2011.06.10 18:53:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.06.10 18:53:31 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2009.04.15 13:48:43 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnp325.dll
[2009.04.15 13:48:43 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnp325.dll
[2009.04.15 13:48:43 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp325.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.07.02 15:39:20 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.02 15:39:14 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.02 15:39:14 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.02 15:38:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.02 15:38:52 | 3488,997,376 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.02 15:37:03 | 000,000,702 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110702_153657.reg
[2011.07.02 15:36:31 | 000,092,782 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110702_153623.reg
[2011.07.02 15:32:03 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.07.02 15:19:01 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.02 14:39:48 | 000,002,097 | ---- | M] () -- C:\Users\Standard\Desktop\hjtscanlist.zip
[2011.07.02 14:18:26 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.07.02 14:18:26 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.06.26 22:07:50 | 000,040,384 | ---- | M] () -- C:\Users\Standard\Desktop\Desktop.zip
[2011.06.26 20:37:06 | 000,302,592 | ---- | M] () -- C:\Users\Standard\Desktop\nvbbobxg.exe
[2011.06.26 19:03:18 | 000,000,020 | ---- | M] () -- C:\Users\Standard\defogger_reenable
[2011.06.26 19:00:55 | 000,050,477 | ---- | M] () -- C:\Users\Standard\Desktop\Defogger.exe
[2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
[2011.06.26 18:55:24 | 000,736,020 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.26 18:55:24 | 000,696,750 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.26 18:55:24 | 000,168,278 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.26 18:55:24 | 000,142,466 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.26 18:39:42 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011.06.26 13:39:00 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2011.06.26 13:31:52 | 000,004,990 | ---- | M] () -- C:\ProgramData\mtbjfghn.xbe
[2011.06.26 13:20:54 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.06.26 11:14:23 | 000,003,450 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110626_111419.reg
[2011.06.25 23:29:04 | 000,000,000 | ---- | M] () -- C:\Windows\System32\.1
[2011.06.25 23:18:05 | 002,250,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.06.18 16:27:04 | 000,010,580 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110618_162654.reg
[2011.06.18 10:19:13 | 000,101,980 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110618_101904.reg
[2011.06.17 20:11:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.06.17 20:11:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.06.16 11:03:38 | 000,270,776 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.06.16 11:01:19 | 000,111,928 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011.06.13 10:54:37 | 000,022,328 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\PnkBstrK.sys
[2011.06.12 08:35:07 | 000,002,032 | ---- | M] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat
[2011.06.11 16:38:59 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
 
========== Files Created - No Company Name ==========
 
[2011.07.02 15:36:58 | 000,000,702 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110702_153657.reg
[2011.07.02 15:36:27 | 000,092,782 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110702_153623.reg
[2011.07.02 15:32:03 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.07.02 14:41:19 | 000,030,259 | ---- | C] () -- C:\Users\Standard\Desktop\hjtscanlist.bat
[2011.07.02 14:40:16 | 000,002,097 | ---- | C] () -- C:\Users\Standard\Desktop\hjtscanlist.zip
[2011.06.26 22:07:50 | 000,040,384 | ---- | C] () -- C:\Users\Standard\Desktop\Desktop.zip
[2011.06.26 20:38:51 | 000,302,592 | ---- | C] () -- C:\Users\Standard\Desktop\nvbbobxg.exe
[2011.06.26 19:02:56 | 000,000,020 | ---- | C] () -- C:\Users\Standard\defogger_reenable
[2011.06.26 19:01:26 | 000,050,477 | ---- | C] () -- C:\Users\Standard\Desktop\Defogger.exe
[2011.06.26 13:39:00 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2011.06.26 13:31:52 | 000,004,990 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2011.06.26 11:14:21 | 000,003,450 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110626_111419.reg
[2011.06.25 23:29:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\.1
[2011.06.25 20:55:07 | 3488,997,376 | -HS- | C] () -- C:\hiberfil.sys
[2011.06.18 16:27:00 | 000,010,580 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110618_162654.reg
[2011.06.18 10:19:09 | 000,101,980 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110618_101904.reg
[2011.06.18 10:16:01 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2011.06.17 20:11:42 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011.06.17 20:11:42 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011.06.17 14:28:58 | 000,001,589 | ---- | C] () -- C:\Users\Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk
[2011.06.11 16:38:59 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.04.22 10:53:20 | 000,104,272 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.02.22 17:21:53 | 000,022,328 | ---- | C] () -- C:\Users\Standard\AppData\Roaming\PnkBstrK.sys
[2011.01.05 04:17:40 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010.12.15 21:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.12.08 19:35:34 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.12.02 19:47:31 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.10.28 00:13:58 | 000,226,857 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.07.02 17:49:56 | 000,762,232 | ---- | C] () -- C:\Windows\System32\drivers\UDXTTM6010.sys
[2010.02.27 17:35:01 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.02.11 09:58:56 | 000,004,096 | ---- | C] () -- C:\Windows\System32\detoured.dll
[2010.02.07 12:42:46 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2010.02.07 12:42:20 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ssp4ml3.dll
[2009.12.12 19:12:18 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.09.26 16:23:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\AlfaBIG32.dll
[2009.09.24 15:26:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 15:26:17 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.31 14:03:42 | 000,262,144 | ---- | C] () -- C:\Windows\System32\EMRegSys.dll
[2009.05.24 11:58:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009.05.24 11:50:24 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009.04.27 19:29:44 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.04.27 19:29:44 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2009.04.17 12:11:26 | 000,020,480 | ---- | C] () -- C:\Users\Standard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.15 13:48:44 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe
[2009.04.15 13:48:44 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe
[2009.04.15 13:48:44 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2009.04.15 13:48:44 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini
[2009.04.15 13:38:56 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2009.04.14 21:28:16 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.04.14 20:31:54 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.02.20 12:21:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.28 10:08:03 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2009.01.28 09:51:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.01.27 17:39:37 | 000,002,032 | ---- | C] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat
[2008.09.29 00:09:32 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.07.02 18:10:15 | 000,736,020 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.07.02 18:10:15 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.07.02 18:10:15 | 000,168,278 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.07.02 18:10:15 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.07.02 09:51:54 | 000,008,308 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2008.03.05 05:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2007.09.20 12:33:52 | 003,190,784 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2007.09.20 12:33:52 | 000,741,376 | ---- | C] () -- C:\Windows\System32\audxlib.dll
[2007.09.20 12:33:52 | 000,662,016 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007.09.20 12:33:52 | 000,511,488 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2007.09.20 12:33:52 | 000,405,504 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2007.09.20 12:33:52 | 000,245,760 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2007.09.20 12:33:52 | 000,221,184 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2007.09.20 12:33:52 | 000,200,704 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2007.09.20 12:33:52 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2007.09.20 12:33:52 | 000,143,360 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2007.09.20 12:33:52 | 000,122,880 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2007.09.20 12:33:52 | 000,118,784 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2007.09.20 12:33:52 | 000,114,688 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2007.09.20 12:33:52 | 000,097,280 | ---- | C] () -- C:\Windows\System32\ff_realaac.dll
[2007.09.20 12:33:52 | 000,079,872 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2007.09.20 12:33:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2007.09.20 12:33:52 | 000,038,400 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2007.09.20 12:33:52 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2007.09.20 12:33:52 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 002,250,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,696,750 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,142,466 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.02.23 18:37:18 | 000,047,104 | ---- | C] () -- C:\Windows\System32\dsfFLACEncoder.dll
[2006.02.23 17:37:06 | 000,047,616 | ---- | C] () -- C:\Windows\System32\dsfVorbisDecoder.dll
[2006.02.23 17:36:22 | 000,102,400 | ---- | C] () -- C:\Windows\System32\dsfOggDemux2.dll
[2006.02.23 17:35:56 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsfOGMDecoder.dll
[2006.02.23 17:35:44 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsfNativeFLACSource.dll
[2006.02.23 17:35:40 | 000,049,664 | ---- | C] () -- C:\Windows\System32\dsfFLACDecoder.dll
[2006.02.23 17:34:58 | 000,083,456 | ---- | C] () -- C:\Windows\System32\libFLAC++.dll
[2006.02.23 17:34:56 | 000,106,496 | ---- | C] () -- C:\Windows\System32\libFishSound.dll
[2006.02.23 17:34:38 | 000,029,696 | ---- | C] () -- C:\Windows\System32\libOOOggSeek.dll
[2006.02.23 17:34:26 | 001,108,480 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2006.02.23 17:34:16 | 000,049,152 | ---- | C] () -- C:\Windows\System32\libOOogg.dll
[2006.02.23 17:33:54 | 000,140,288 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2005.04.08 04:16:43 | 000,014,716 | -H-- | C] () -- C:\Users\Standard\AppData\Roaming\Standardlog.dat
[2004.10.11 11:19:00 | 000,092,672 | ---- | C] () -- C:\Windows\System32\ASUSASV2.DLL
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.07.02 15:11:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Arxue
[2010.12.31 22:30:50 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Cuttermaran
[2010.12.31 22:15:19 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\DVDVideoSoft
[2010.12.31 22:15:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.12.11 18:12:35 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Engelmann Media
[2010.11.14 22:48:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\flightgear.org
[2011.01.21 17:08:12 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\GetRightToGo
[2011.06.17 14:27:36 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\go
[2011.02.26 14:12:07 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\HLSW
[2011.07.02 15:41:09 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\ICQ
[2011.06.25 20:53:35 | 000,000,000 | RHSD | M] -- C:\Users\Standard\AppData\Roaming\install
[2010.10.20 06:46:54 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\InstantAction
[2009.07.23 16:37:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\IrfanView
[2010.11.08 22:16:39 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\JavaEditor
[2010.12.07 16:22:23 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Leadertech
[2009.06.06 17:57:37 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Miranda
[2011.02.07 21:25:11 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Opera
[2011.07.02 15:13:33 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Samsung
[2011.06.14 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\SecurityHeroes
[2009.12.15 19:10:24 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\SpeedProject
[2010.07.02 17:52:31 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\TerraTec
[2010.09.01 10:06:07 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Thunderbird
[2011.07.02 15:12:25 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Uduzaw
[2010.02.12 18:04:21 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Webweaver
[2011.02.07 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WhiteSmoke
[2009.04.17 13:09:51 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WildTangent
[2009.04.06 12:04:41 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WinBatch
[2011.07.02 15:37:43 | 000,032,554 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

[/code]

Freue mich über jede Erfolgsaussicht, jeden Tipp!

LG Toni

Toni_75 · 02.07.2011, 15:05

2. CC-Install.txt

Code:

ATTFilter

Activation Assistant for the 2007 Microsoft Office suites	Microsoft Corporation	26.01.2009	14,0MB	
Adobe AIR	Adobe Systems Incorporated	17.06.2011		2.7.0.19480
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	25.06.2011		10.3.181.26
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	24.06.2011		10.3.181.26
Adobe Media Player	Adobe Systems Incorporated	14.01.2011	2,95MB	1.1
Adobe Photoshop CS4	Adobe Systems Incorporated	14.01.2011		11.0
Adobe Reader 8.3.0 - Deutsch	Adobe Systems Incorporated	17.06.2011	102,1MB	8.3.0
Adobe Shockwave Player 11.5	Adobe Systems, Inc.	16.02.2011	8,17MB	11.5.9.620
Agere Systems HDA Modem	Agere Systems	19.02.2009		
AIDA64 Extreme Edition v1.50	FinalWire Ltd.	11.02.2011	21,0MB	1.50
AIM		26.01.2009		
AirPlus G DWL-G510	D-Link	14.02.2011	5,84MB	1.0.24
Apple Application Support	Apple Inc.	10.06.2011	51,0MB	1.5.2
Apple Mobile Device Support	Apple Inc.	10.06.2011	22,1MB	3.4.1.2
Apple Software Update	Apple Inc.	21.03.2011	2,26MB	2.1.2.120
Ashampoo WinOptimizer 2010	Ashampoo GmbH & Co. KG	10.12.2009	30,8MB	6.5.0
ASUS Gamer OSD	ASUSTeK COMPUTER INC.	07.12.2010	9,04MB	3.05.0729
ASUS VideoSecurity Online	ASUSTeK Computer Inc.	13.04.2009	35,7MB	3.5.1.3
Atheros Driver Installation Program	Atheros	27.01.2009	11,0MB	5.0
ATI Catalyst Install Manager	ATI Technologies, Inc.	13.06.2011	16,6MB	3.0.808.0
ATI Stream SDK v2 Developer	ATI Technologies Inc.	13.02.2011	20,2MB	2.3.0.0
Avira AntiVir Premium	Avira GmbH	01.07.2011	62,2MB	10.2.0.719
BiosAgentPlus Plugin for Netscape by eSupport.com		13.02.2011		
Bonjour	Apple Inc.	20.04.2011	1,12MB	2.0.5.0
Broadcom 802.11 Wireless LAN Adapter	Broadcom Corporation	25.06.2011		5.10.38.26
Call of Duty(R) - World at War(TM)	Activision	12.06.2011	8.248MB	1.7
Camtasia Studio 7	TechSmith Corporation	30.01.2011	219MB	7.0.1
CCleaner	Piriform	01.07.2011	3,82MB	3.08
Cheat Engine 5.6.1	Dark Byte	01.12.2010	10,1MB	
Cisco EAP-FAST Module	Cisco Systems, Inc.	27.01.2009	1,04MB	2.1.6
Cisco LEAP Module	Cisco Systems, Inc.	27.01.2009	1,04MB	1.0.12
Cisco PEAP Module	Cisco Systems, Inc.	27.01.2009	0,85MB	1.0.13
Compatibility Pack für 2007 Office System	Microsoft Corporation	11.05.2011	64,0MB	12.0.6425.1000
devolo dLAN-Konfigurationsassistent	devolo AG	29.12.2010		20.0.0.0
devolo Informer	devolo AG	29.12.2010		28.0.0.0
EasyBits GO	EasyBits Media	16.06.2011	13,3MB	
Finale NotePad 2008	MakeMusic	10.01.2011	58,9MB	13.0.0.0
FormatFactory 2.60	Free Time	31.01.2011	112,9MB	2.60
Free Audio CD Burner version 1.4.7	DVDVideoSoft Limited.	18.04.2011	3,26MB	
Free Studio version 5.0.3	DVDVideoSoft Limited.	30.12.2010	139,0MB	
Free Video Dub version 1.4	DVD Video Soft Limited.	16.04.2009	2,28MB	
Free YouTube Download 2.2	DVDVideoSoft Limited.	16.04.2009	2,34MB	
Free YouTube to MP3 Converter version 3.9.35.324	DVDVideoSoft Limited.	18.04.2011	2,21MB	
FreePDF XP (Remove only)		26.04.2009	3,01MB	
freeTunes*2.0	Engelmann Media GmbH	10.12.2009	41,6MB	2.19.1120
Get Styles		06.09.2010	0,37MB	
Google Earth	Google	25.05.2011	84,7MB	6.0.3.2197
GPL Ghostscript 8.64		26.04.2009	22,5MB	
hama PC-Webcam AC-140	Sonix	14.04.2009	107,4MB	0.1.0.000
Hama Webcam Suite	ArcSoft	14.04.2009	107,4MB	
HLSW v1.3.3.7b	Timo Stripf	22.02.2011	42,9MB	
HP Customer Experience Enhancements	Hewlett-Packard	01.07.2008	0,98MB	5.7.0.2630
HP Easy Setup - Frontend	Hewlett-Packard	01.07.2008	2,17MB	5.7.0.2630
HP Games	WildTangent	16.04.2009	376MB	1.0.0.71
HP Help and Support	Hewlett-Packard	01.07.2008	14,3MB	2.0.7.0
HP MULTIPLE MODEM INSTALLER for VISTA	Hewlett Packard Company	19.02.2009	13,8MB	1.0.1.30
HP Product Detection	Hewlett-Packard Company	14.02.2011	1,90MB	10.7.9.0
HP Quick Launch Buttons 6.40 H2	Hewlett-Packard	19.02.2009	17,2MB	6.40 H2
HP QuickPlay 3.7		26.01.2009	7,27MB	
HP QuickTouch 1.00 D2	Hewlett-Packard	01.07.2008	1,77MB	1.0.9
HP Total Care Advisor	Hewlett-Packard	01.07.2008	38,8MB	2.1.3359.2635
HP Update	Hewlett-Packard	01.07.2008	3,72MB	4.000.010.008
HP Wireless Assistant	Hewlett-Packard	01.07.2008	3,84MB	3.00 I2
ICQ Toolbar	ICQ	18.04.2011		3.0.0
ICQ7.5	ICQ	26.04.2011	54,0MB	7.5
IDT Audio	IDT	26.01.2009	25,7MB	1.0.5893.0
Intel® Matrix Storage Manager	Intel Corporation	26.01.2009	37,3MB	
IrfanView (remove only)		22.07.2009	1,61MB	
iTunes	Apple Inc.	10.06.2011	144,0MB	10.3.1.55
Java(TM) 6 Update 23	Sun Microsystems, Inc.	25.06.2010	94,5MB	6.0.230
Java(TM) 6 Update 5	Sun Microsystems, Inc.	01.07.2008	171,1MB	1.6.0.50
JMicron JMB38X Flash Media Controller	JMicron Technology Corp.	26.01.2009	2,26MB	1.00.10.04
Jollenbeck	Sysgration Ltd.	25.09.2009	14.525MB	1.00.0000
Keyboard & Mouse Driver	Driver Builder	22.04.2011	3,44MB	5.1
LightScribe System Software  1.12.33.2	LightScribe	26.01.2009	20,9MB	1.12.33.2
LogMeIn Hamachi	LogMeIn, Inc.	13.06.2011	3,27MB	2.0.3.115
Magic Desktop		26.02.2010		
Malwarebytes' Anti-Malware Version 1.51.0.1200	Malwarebytes Corporation	24.06.2011	7,29MB	1.51.0.1200
MegaTrainer XL V1.4.5.3-Beta		27.01.2011	3,48MB	
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	05.04.2009	37,0MB	
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	19.02.2009	37,4MB	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	24.06.2010	120,3MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	24.06.2010	24,5MB	4.0.30319
Microsoft .NET Framework 4 Extended	Microsoft Corporation	29.01.2011	46,0MB	4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	29.01.2011	11,7MB	4.0.30319
Microsoft .NET Framework 4 Multi-Targeting Pack	Microsoft Corporation	28.01.2011	83,5MB	4.0.30319
Microsoft Help Viewer 1.0	Microsoft Corporation	29.01.2011	6,09MB	1.0.30319
Microsoft Help Viewer 1.0 Language Pack - DEU	Microsoft Corporation	29.01.2011	6,09MB	1.0.30319
Microsoft Office PowerPoint Viewer 2007 (German)	Microsoft Corporation	11.05.2011	89,0MB	12.0.6425.1000
Microsoft Office Standard Edition 2003	Microsoft Corporation	11.05.2011	348MB	11.0.8173.0
Microsoft Silverlight	Microsoft Corporation	21.04.2011	68,5MB	4.0.60310.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	25.01.2011	1,74MB	3.1.0000
Microsoft SQL Server 2008	Microsoft Corporation	16.04.2009	363MB	
Microsoft SQL Server 2008 Native Client	Microsoft Corporation	16.04.2009	3,16MB	10.0.1600.22
Microsoft SQL Server 2008 R2 Management Objects	Microsoft Corporation	28.01.2011	17,1MB	10.50.1447.4
Microsoft SQL Server 2008 Setup Support Files (English)	Microsoft Corporation	16.04.2009	29,6MB	10.0.1600.22
Microsoft SQL Server 2008-Browser	Microsoft Corporation	16.04.2009	8,01MB	10.0.1600.22
Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)	Microsoft Corporation	16.04.2009	9,10MB	3.5.5692.0
Microsoft SQL Server Compact 3.5 SP2 DEU	Microsoft Corporation	28.01.2011	3,69MB	3.5.8080.0
Microsoft SQL Server System CLR Types	Microsoft Corporation	28.01.2011	2,55MB	10.50.1447.4
Microsoft SQL Server VSS Writer	Microsoft Corporation	16.04.2009	1,81MB	10.0.1600.22
Microsoft Visual Basic 2010 Express - DEU	Microsoft Corporation	29.01.2011	228MB	10.0.30319
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	05.12.2010	2,52MB	8.0.59193
Microsoft Visual C++ 2005 Redistributable - KB2467175	Microsoft Corporation	13.04.2011	0,29MB	8.0.51011
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	13.04.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	Microsoft Corporation	12.06.2011	1,41MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	16.04.2009	0,57MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	13.04.2009	0,58MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	08.11.2010	0,57MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974	Microsoft Corporation	28.01.2011	0,58MB	9.0.30729.4974
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319	Microsoft Corporation	13.04.2011	11,0MB	10.0.30319
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools	Microsoft Corporation	28.01.2011	35,4MB	10.0.30319
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu	Microsoft Corporation	16.04.2009	5,74MB	3.5.30729
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32	Microsoft Corporation	16.04.2009	2,61MB	6.1.5295.17011
Microsoft Works	Microsoft Corporation	26.01.2011	378MB	9.7.0621
MobileMe Control Panel	Apple Inc.	07.05.2011	12,0MB	3.1.6.0
Move Media Player	Move Networks	30.03.2010		
Mozilla Firefox 4.0.1 (x86 de)	Mozilla	28.05.2011	33,0MB	4.0.1
Mozilla Thunderbird (3.1.11)	Mozilla	01.07.2011	34,7MB	3.1.11 (de)
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	19.02.2009	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	24.11.2009	1,34MB	4.20.9876.0
Need for Speed(TM) Hot Pursuit	Electronic Arts	07.02.2011	3.827MB	1.0.0.0
NetworkActiv AUTAPF 1.1	NetworkActiv	04.04.2011	0,52MB	
Notepad++		26.02.2010	8,91MB	5.6.7
Paint.NET v3.5.8	dotPDN LLC	17.04.2011	10,4MB	3.58.0
Power2Go	CyberLink Corp.	26.01.2009	163,9MB	5.6.3919
ProtectSmart Hard Drive Protection	Hewlett-Packard	26.01.2009	2,25MB	3.10 A7
QuickPlay SlingPlayer 0.4.6	SlingMedia	26.01.2009	194,1MB	0.4.6
QuickTime	Apple Inc.	24.01.2011	73,7MB	7.69.80.9
Realtek 8169 8168 8101E 8102E Ethernet Driver	Realtek	27.01.2009	1,50MB	1.00.0000
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	15.02.2011	12,2MB	6.0.1.6215
RedMon - Redirection Port Monitor		26.04.2009		
s4uVoctra		24.06.2009	63,8MB	
Safari	Apple Inc.	20.04.2011	41,3MB	5.33.21.1
Skype Toolbars	Skype Technologies S.A.	09.03.2010	5,25MB	1.0.4051
Skype™ 5.3	Skype Technologies S.A.	08.06.2011	22,6MB	5.3.116
SPEED-LINK STEERING WHEEL DRIVER v4.1	Ihr Firmenname	25.09.2009	12,2MB	4.10.0000
Steam	Valve Corporation	09.06.2011	42,3MB	1.0.0.0
TerraTec Home Cinema		01.07.2010	95,8MB	6.11.5
Uninstall 1.0.0.1		18.04.2011	15,4MB	
Viewpoint Media Player		26.01.2009	7,30MB	
Virtual DJ Home - Atomix Productions		02.03.2011	19,0MB	
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU	Microsoft Corporation	28.01.2011	11,2MB	4.0.8080.0
Wartung Samsung ML-191x 252x Series	Samsung Electronics CO.,LTD	06.02.2010	99,6MB	
WashAndGo	Abelssoft GmbH	18.01.2011	55,4MB	11.00
Windows Live Essentials	Microsoft Corporation	26.01.2011		15.4.3508.1109
Windows Media Player Firefox Plugin	Microsoft Corp	18.05.2009	0,29MB	1.0.0.8
Windows Searchqu Toolbar	Bandoo Media Inc	06.02.2011	5,49MB	2.0.0.94786
WinRAR		14.01.2011	3,79MB	
XviD MPEG-4 Video Codec	XviD Development Team	13.04.2009		
Yontoo Layers 1.10.01		12.06.2011	0,19MB	1.10.01

Toni_75 · 02.07.2011, 15:23

3. hjtscan.txt

Komisch: Diese Datei bekomme ich weder als Log noch als Attachment versendet - jedesmal meldet firefox einen Verbindungsfehler.

An der Größe kanns ja nicht liegen - die beiden anderen Dateien waren ja umfangreicher ????

kira · 02.07.2011, 20:04

Zitat:

Zitat von kira

► berichte mir auch, ob die SWH funktioniert hat, bzw ob Du das System auf einen früheren Wiederherstellungspunkt zurückstellen können?

Sollte die Systemwiederherstellung nicht funktionieren (Malware kann es verhindern):
- Du kannst auch noch die folgenden Methoden ausprobieren, um das Problem zu beheben.:-> Verwenden der letzten als funktionierend bekannten Konfiguration

- beide Varianten ausprobiert?:
Systemwiederherstellung
oder/und
der letzten als funktionierend bekannten Konfiguration

- die von dir geposteten Log-Dateien danach erstellt?

- OTL - Extras.txt fehlt noch

Toni_75 · 02.07.2011, 20:14

Hallo Kira,

SWH hatte ich bis dato nicht ausprobiert - es gibt auf dem Rechner m.W. keine gesetzten Wiederherstellungpunkte - habe eben gestartet, scheint aber nicht zu funktionieren - nach Start keine erkennbare Aktivität ausser die Sanduhr!

Fahre den Rechner runter und versuchs mal über 'letzte funktionierende ...'.

Gruß, Toni

kira · 02.07.2011, 20:26

Ok, melde dich dann erneut!

Toni_75 · 02.07.2011, 20:29

bin eben mit 'letzter funktionierender Konfiguration' gestartet - zudem hatte ich Firefox auf 5.0 upgedated.
Ergebnis: Sicherheitscenter unverändert nicht aktivierbar, die Google-Umleitungen sind verschwunden.

Ich lasse OTL nochmal laufen und poste die Logfiles in wenigen Minuten

Toni_75 · 02.07.2011, 20:39

Hier kommen die aktuellen Logfiles:

1. OTL

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 02.07.2011 21:30:11 - Run 4
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\Standard\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 55,23% Memory free
6,73 Gb Paging File | 5,23 Gb Available in Paging File | 77,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 118,96 Gb Free Space | 51,08% Space Free | Partition Type: NTFS
 
Computer Name: TOBIAS-PC | User Name: Standard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.07.02 14:18:25 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.07.02 14:18:25 | 000,340,136 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2011.07.02 14:18:25 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.29 10:46:19 | 000,124,216 | ---- | M] (ICQ, LLC.) -- C:\Programme\ICQ7.5\ICQ.exe
PRC - [2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
PRC - [2011.06.26 11:16:26 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.06.26 11:16:13 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.06.26 11:16:08 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.06.16 06:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.04.19 08:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psi_tray.exe
PRC - [2011.01.05 04:58:02 | 000,397,312 | ---- | M] (AMD) -- C:\WINDOWS\System32\atieclxx.exe
PRC - [2011.01.05 04:57:32 | 000,176,128 | ---- | M] (AMD) -- C:\WINDOWS\System32\atiesrxx.exe
PRC - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.10.27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.09.21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 15:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.09.22 18:29:54 | 001,528,320 | ---- | M] (Elgato Systems) -- C:\Programme\Common Files\TerraTec\Remote\TTTvRc.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.07.11 02:27:52 | 040,999,448 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
PRC - [2008.07.10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.07.06 17:31:02 | 000,331,776 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMProcess.exe
PRC - [2008.06.23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMWDSrv.exe
PRC - [2008.06.14 01:02:04 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMCONFIG.exe
PRC - [2008.05.30 01:22:38 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\StartAutorun.exe
PRC - [2008.04.15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.04.15 18:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.02.12 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.12.11 13:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe
PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnp325.exe
PRC - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe
PRC - [2007.02.12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (Recovery Service for Windows)
SRV - [2011.07.02 14:18:25 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.07.02 14:18:25 | 000,340,136 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011.07.02 14:18:25 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.26 11:16:26 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.06.10 18:55:48 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.01.15 16:06:42 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.01.05 04:57:32 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010\Dfsdks.exe -- (DfSdkS)
SRV - [2009.08.24 13:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008.07.29 18:20:14 | 000,067,072 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Stopped] -- C:\WINDOWS\System32\ATKFUSService.exe -- (ATKFUSService)
SRV - [2008.06.23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Programme\Keyboard & Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2008.04.15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.02.12 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe -- (AESTFilters)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\WINDOWS\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.11 13:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.02 14:18:26 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.02 14:18:26 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011.01.05 05:36:10 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011.01.05 05:36:10 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.01.05 04:19:18 | 000,235,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.01.02 01:04:00 | 000,722,416 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.11.17 14:04:12 | 000,097,296 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2010.06.10 14:32:14 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo)
DRV - [2009.07.17 18:02:02 | 000,335,872 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\rt61.sys -- (RT61)
DRV - [2009.07.17 02:41:49 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2009.05.14 09:48:04 | 000,762,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\UDXTTM6010.sys -- (UDXTTM6010)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.08.06 17:26:08 | 000,124,928 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.07.29 18:20:16 | 000,030,976 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ATKDispLowFilter.sys -- (atkdisplf)
DRV - [2008.07.29 18:20:16 | 000,015,232 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2008.07.10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008.04.27 18:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008.04.27 12:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2008.04.15 20:19:54 | 000,378,368 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.04.01 13:14:10 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.03.27 13:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.03.27 13:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.03.22 11:31:58 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\KMWDFILTER.sys -- (KMWDFilter)
DRV - [2008.02.29 17:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.24 15:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\enecir.sys -- (enecir)
DRV - [2007.07.11 10:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.05.30 19:14:58 | 000,016,640 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007.05.07 17:58:44 | 010,343,168 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325)
DRV - [2007.01.29 17:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AsusVRC.sys -- (ASUSVRC)
DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\afc.sys -- (Afc)
DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004.09.12 09:45:28 | 000,008,320 | ---- | M] (Ruling Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dyncal.sys -- (DynCal)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll (ICQ)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/skins7/"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
 
FF - user.js..browser.search.openintab: false
 
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.02 21:15:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.18 10:16:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.07.02 14:17:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.06.18 10:16:01 | 000,000,000 | ---D | M]
 
[2011.05.29 18:30:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions
[2010.09.01 10:06:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.06.13 23:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions
[2011.04.27 10:13:02 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.31 22:24:30 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.12.31 22:15:52 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.08.30 11:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\personas@christopher.beard
[2011.06.13 23:05:44 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\plugin@yontoo.com
[2011.07.02 14:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\psvooo35.default\extensions
[2011.06.14 18:32:19 | 000,000,000 | ---D | M] (Maximum AdBlock) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\psvooo35.default\extensions\ozymandias@securityheroes.com
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\944s7en5.default\searchplugins\icqplugin.xml
[2011.07.02 21:15:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.04.29 15:36:05 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.10 22:24:04 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.06.26 18:58:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.14 19:50:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.08 21:25:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.06.13 23:06:07 | 000,000,000 | ---D | M] (Babylon) -- C:\Programme\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2011.06.16 06:32:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,538 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011.06.13 23:05:52 | 000,002,226 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,000,947 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010.01.01 10:00:00 | 000,001,180 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.10.28 10:41:02 | 000,005,529 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
[2010.01.01 10:00:00 | 000,001,135 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
 
O1 HOSTS File: ([2011.06.26 18:39:42 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (GdfrDUEn Class) - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Programme\Get Styles\enlbrdr.dll (TODO: <Company name>)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo Layers\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KMCONFIG]  File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [snp325] C:\WINDOWS\vsnp325.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe ()
O4 - HKCU..\Run: [{1289D823-E624-5CEE-AB7E-EC96825F68C4}] C:\Users\Standard\AppData\Roaming\Arxue\waenw.exe ()
O4 - HKCU..\Run: [4Y3Y0C3A9F7W1ZYDRRQYR] C:\Recycle.Bin\B6232F3ACEA.exe ()
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Remote Control Editor] C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe (Elgato Systems)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Programme\Get Styles\ct.htm ()
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Programme\Get Styles\ct.htm ()
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.euro.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/html {574940E0-1B7A-4881-8FA3-1E809714B156} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\windows searchqu toolbar\datamngr\datamngr.dll) - c:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\WINDOWS\System32\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\WINDOWS\System32\ezUPBHook.dll (EasyBits Software Corp.)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell - "" = AutoRun
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell\AutoRun\command - "" = I:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell\dinstall\command - "" = I:\Directx\dxsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.07.02 20:07:42 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\HpUpdate
[2011.07.02 20:07:25 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2011.07.02 19:59:43 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Secunia PSI
[2011.07.02 19:59:34 | 000,000,000 | ---D | C] -- C:\Programme\Secunia
[2011.07.02 15:32:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.07.02 15:32:02 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.07.02 15:11:52 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Uduzaw
[2011.07.02 15:11:52 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Arxue
[2011.06.26 18:58:31 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
[2011.06.26 18:39:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.06.25 23:27:07 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.06.25 20:58:50 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\Tools
[2011.06.25 19:07:16 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Malwarebytes
[2011.06.25 19:06:09 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.06.25 19:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.06.25 19:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.06.25 19:06:04 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.06.25 19:06:04 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.06.17 19:49:54 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011.06.17 14:43:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.06.17 14:27:36 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\go
[2011.06.17 14:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[2011.06.14 18:32:20 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\SecurityHeroes
[2011.06.14 12:32:17 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2011.06.14 12:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.06.14 12:31:58 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi
[2011.06.14 12:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011.06.13 23:25:07 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.06.13 23:05:37 | 000,000,000 | ---D | C] -- C:\Programme\Yontoo Layers
[2011.06.13 23:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2011.06.13 23:04:44 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\MediaGet2
[2011.06.13 18:41:09 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Activision
[2011.06.11 16:40:52 | 000,000,000 | ---D | C] -- C:\Programme\THQ
[2011.06.11 16:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.06.11 16:38:02 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\SKIDROW
[2011.06.11 16:37:26 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.06.11 16:37:22 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.06.11 10:18:46 | 000,000,000 | ---D | C] -- C:\Programme\DAMN NFO Viewer
[2011.06.11 10:13:01 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\My Games
[2011.06.10 18:53:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam
[2011.06.10 18:53:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.06.10 18:53:31 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2009.04.15 13:48:43 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnp325.dll
[2009.04.15 13:48:43 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnp325.dll
[2009.04.15 13:48:43 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp325.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.07.02 21:19:08 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.02 21:18:06 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.02 21:17:56 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.02 21:17:56 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.02 21:17:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.02 21:16:57 | 3488,997,376 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.02 19:59:36 | 000,000,899 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011.07.02 15:37:03 | 000,000,702 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110702_153657.reg
[2011.07.02 15:36:31 | 000,092,782 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110702_153623.reg
[2011.07.02 15:32:03 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.07.02 14:39:48 | 000,002,097 | ---- | M] () -- C:\Users\Standard\Desktop\hjtscanlist.zip
[2011.07.02 14:18:26 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.07.02 14:18:26 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.06.26 20:37:06 | 000,302,592 | ---- | M] () -- C:\Users\Standard\Desktop\nvbbobxg.exe
[2011.06.26 19:03:18 | 000,000,020 | ---- | M] () -- C:\Users\Standard\defogger_reenable
[2011.06.26 19:00:55 | 000,050,477 | ---- | M] () -- C:\Users\Standard\Desktop\Defogger.exe
[2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
[2011.06.26 18:55:24 | 000,736,020 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.26 18:55:24 | 000,696,750 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.26 18:55:24 | 000,168,278 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.26 18:55:24 | 000,142,466 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.26 18:39:42 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011.06.26 13:39:00 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2011.06.26 13:31:52 | 000,004,990 | ---- | M] () -- C:\ProgramData\mtbjfghn.xbe
[2011.06.26 13:20:54 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.06.26 11:14:23 | 000,003,450 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110626_111419.reg
[2011.06.25 23:29:04 | 000,000,000 | ---- | M] () -- C:\Windows\System32\.1
[2011.06.25 23:18:05 | 002,250,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.06.18 16:27:04 | 000,010,580 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110618_162654.reg
[2011.06.18 10:19:13 | 000,101,980 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110618_101904.reg
[2011.06.17 20:11:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.06.17 20:11:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.06.16 11:03:38 | 000,270,776 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.06.16 11:01:19 | 000,111,928 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011.06.13 10:54:37 | 000,022,328 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\PnkBstrK.sys
[2011.06.12 08:35:07 | 000,002,032 | ---- | M] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat
[2011.06.11 16:38:59 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
 
========== Files Created - No Company Name ==========
 
[2011.07.02 19:59:36 | 000,000,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011.07.02 19:59:36 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2011.07.02 15:36:58 | 000,000,702 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110702_153657.reg
[2011.07.02 15:36:27 | 000,092,782 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110702_153623.reg
[2011.07.02 15:32:03 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.07.02 14:41:19 | 000,030,259 | ---- | C] () -- C:\Users\Standard\Desktop\hjtscanlist.bat
[2011.07.02 14:40:16 | 000,002,097 | ---- | C] () -- C:\Users\Standard\Desktop\hjtscanlist.zip
[2011.06.26 20:38:51 | 000,302,592 | ---- | C] () -- C:\Users\Standard\Desktop\nvbbobxg.exe
[2011.06.26 19:02:56 | 000,000,020 | ---- | C] () -- C:\Users\Standard\defogger_reenable
[2011.06.26 19:01:26 | 000,050,477 | ---- | C] () -- C:\Users\Standard\Desktop\Defogger.exe
[2011.06.26 13:39:00 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2011.06.26 13:31:52 | 000,004,990 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2011.06.26 11:14:21 | 000,003,450 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110626_111419.reg
[2011.06.25 23:29:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\.1
[2011.06.25 20:55:07 | 3488,997,376 | -HS- | C] () -- C:\hiberfil.sys
[2011.06.18 16:27:00 | 000,010,580 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110618_162654.reg
[2011.06.18 10:19:09 | 000,101,980 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110618_101904.reg
[2011.06.18 10:16:01 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2011.06.17 20:11:42 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011.06.17 20:11:42 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011.06.17 14:28:58 | 000,001,589 | ---- | C] () -- C:\Users\Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk
[2011.06.11 16:38:59 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.04.22 10:53:20 | 000,104,272 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.02.22 17:21:53 | 000,022,328 | ---- | C] () -- C:\Users\Standard\AppData\Roaming\PnkBstrK.sys
[2011.01.05 04:17:40 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010.12.15 21:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.12.08 19:35:34 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.12.02 19:47:31 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.10.28 00:13:58 | 000,226,857 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.07.02 17:49:56 | 000,762,232 | ---- | C] () -- C:\Windows\System32\drivers\UDXTTM6010.sys
[2010.02.27 17:35:01 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.02.11 09:58:56 | 000,004,096 | ---- | C] () -- C:\Windows\System32\detoured.dll
[2010.02.07 12:42:46 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2010.02.07 12:42:20 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ssp4ml3.dll
[2009.12.12 19:12:18 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.09.26 16:23:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\AlfaBIG32.dll
[2009.09.24 15:26:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 15:26:17 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.31 14:03:42 | 000,262,144 | ---- | C] () -- C:\Windows\System32\EMRegSys.dll
[2009.05.24 11:58:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009.05.24 11:50:24 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009.04.27 19:29:44 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.04.27 19:29:44 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2009.04.17 12:11:26 | 000,020,480 | ---- | C] () -- C:\Users\Standard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.15 13:48:44 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe
[2009.04.15 13:48:44 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe
[2009.04.15 13:48:44 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2009.04.15 13:48:44 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini
[2009.04.15 13:38:56 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2009.04.14 21:28:16 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.04.14 20:31:54 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.02.20 12:21:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.28 10:08:03 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2009.01.28 09:51:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.01.27 17:39:37 | 000,002,032 | ---- | C] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat
[2008.09.29 00:09:32 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.07.02 18:10:15 | 000,736,020 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.07.02 18:10:15 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.07.02 18:10:15 | 000,168,278 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.07.02 18:10:15 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.07.02 09:51:54 | 000,008,308 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2008.03.05 05:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2007.09.20 12:33:52 | 003,190,784 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2007.09.20 12:33:52 | 000,741,376 | ---- | C] () -- C:\Windows\System32\audxlib.dll
[2007.09.20 12:33:52 | 000,662,016 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007.09.20 12:33:52 | 000,511,488 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2007.09.20 12:33:52 | 000,405,504 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2007.09.20 12:33:52 | 000,245,760 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2007.09.20 12:33:52 | 000,221,184 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2007.09.20 12:33:52 | 000,200,704 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2007.09.20 12:33:52 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2007.09.20 12:33:52 | 000,143,360 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2007.09.20 12:33:52 | 000,122,880 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2007.09.20 12:33:52 | 000,118,784 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2007.09.20 12:33:52 | 000,114,688 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2007.09.20 12:33:52 | 000,097,280 | ---- | C] () -- C:\Windows\System32\ff_realaac.dll
[2007.09.20 12:33:52 | 000,079,872 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2007.09.20 12:33:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2007.09.20 12:33:52 | 000,038,400 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2007.09.20 12:33:52 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2007.09.20 12:33:52 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 002,250,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,696,750 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,142,466 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.02.23 18:37:18 | 000,047,104 | ---- | C] () -- C:\Windows\System32\dsfFLACEncoder.dll
[2006.02.23 17:37:06 | 000,047,616 | ---- | C] () -- C:\Windows\System32\dsfVorbisDecoder.dll
[2006.02.23 17:36:22 | 000,102,400 | ---- | C] () -- C:\Windows\System32\dsfOggDemux2.dll
[2006.02.23 17:35:56 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsfOGMDecoder.dll
[2006.02.23 17:35:44 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsfNativeFLACSource.dll
[2006.02.23 17:35:40 | 000,049,664 | ---- | C] () -- C:\Windows\System32\dsfFLACDecoder.dll
[2006.02.23 17:34:58 | 000,083,456 | ---- | C] () -- C:\Windows\System32\libFLAC++.dll
[2006.02.23 17:34:56 | 000,106,496 | ---- | C] () -- C:\Windows\System32\libFishSound.dll
[2006.02.23 17:34:38 | 000,029,696 | ---- | C] () -- C:\Windows\System32\libOOOggSeek.dll
[2006.02.23 17:34:26 | 001,108,480 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2006.02.23 17:34:16 | 000,049,152 | ---- | C] () -- C:\Windows\System32\libOOogg.dll
[2006.02.23 17:33:54 | 000,140,288 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2005.04.08 04:16:43 | 000,014,716 | -H-- | C] () -- C:\Users\Standard\AppData\Roaming\Standardlog.dat
[2004.10.11 11:19:00 | 000,092,672 | ---- | C] () -- C:\Windows\System32\ASUSASV2.DLL
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.07.02 15:11:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Arxue
[2010.12.31 22:30:50 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Cuttermaran
[2010.12.31 22:15:19 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\DVDVideoSoft
[2010.12.31 22:15:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.12.11 18:12:35 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Engelmann Media
[2010.11.14 22:48:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\flightgear.org
[2011.01.21 17:08:12 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\GetRightToGo
[2011.06.17 14:27:36 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\go
[2011.02.26 14:12:07 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\HLSW
[2011.07.02 21:20:43 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\ICQ
[2011.06.25 20:53:35 | 000,000,000 | RHSD | M] -- C:\Users\Standard\AppData\Roaming\install
[2010.10.20 06:46:54 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\InstantAction
[2009.07.23 16:37:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\IrfanView
[2010.11.08 22:16:39 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\JavaEditor
[2010.12.07 16:22:23 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Leadertech
[2009.06.06 17:57:37 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Miranda
[2011.02.07 21:25:11 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Opera
[2011.07.02 15:13:33 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Samsung
[2011.06.14 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\SecurityHeroes
[2009.12.15 19:10:24 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\SpeedProject
[2010.07.02 17:52:31 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\TerraTec
[2010.09.01 10:06:07 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Thunderbird
[2011.07.02 15:12:25 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Uduzaw
[2010.02.12 18:04:21 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Webweaver
[2011.02.07 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WhiteSmoke
[2009.04.17 13:09:51 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WildTangent
[2009.04.06 12:04:41 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WinBatch
[2011.07.02 20:30:17 | 000,032,554 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

2. Extras

OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 02.07.2011 21:30:11 - Run 4
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\Standard\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 55,23% Memory free
6,73 Gb Paging File | 5,23 Gb Available in Paging File | 77,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 118,96 Gb Free Space | 51,08% Space Free | Partition Type: NTFS
 
Computer Name: TOBIAS-PC | User Name: Standard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{065DD2F7-9920-439F-BD04-0E3073B25533}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{0B4A45E2-5CFD-4367-A421-244382F6B85F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0C02E0C5-C730-45F9-8905-761654C45C4C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{19FE9E3E-85FF-4569-BDD9-2DDD3E02D8B9}" = rport=139 | protocol=6 | dir=out | app=system | 
"{1C27ED59-8710-4B0D-81D3-7BC5A81855C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{2390DA5F-FFA4-4E25-8164-F16A9C9E2864}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{244264B0-7A1F-4F91-AFFE-084BE4DCC019}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{32ABC149-73D7-4A82-8A77-4C990C7FBC1E}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4C795BFC-BF53-49FE-B563-0C194924175A}" = lport=137 | protocol=17 | dir=in | app=system | 
"{4D7AC7AB-C92E-4D3C-9C8F-FCC13AC552EA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{50EE43AD-15DA-46D3-9D61-E8AC076E637D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{554EC450-094C-43C9-ABBC-FAA54658E75A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5CB26342-473C-436A-818A-D8DC91F8C91D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{5F207028-1998-4794-BA7C-E1A9D1C3B6DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{631D8B3A-529D-416D-97D7-8B813DF2E8ED}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{64E52F38-D611-43E3-A9A1-1B251E8D6A64}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{6E207099-C83C-458D-AED4-B2916C048D28}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{73526175-250A-4798-BAB6-6D82636F8BBE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{89EFE265-E1A6-4E88-9421-A3A669E63357}" = rport=445 | protocol=6 | dir=out | app=system | 
"{9DFA0E9D-39C3-4D22-B3E6-32EE73ED76A5}" = lport=10301 | protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe | 
"{A97E9E66-E36A-4A83-ACFB-2796A1A533F2}" = rport=137 | protocol=17 | dir=out | app=system | 
"{ADA6E7CA-0EBA-453C-BE48-BEB2714AD344}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B21D5DA9-4407-4FFD-B791-72FB4E250912}" = lport=28960 | protocol=6 | dir=in | name=cod4 | 
"{B3137CA7-6526-44DF-ADBA-BD51F36991D7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{B42E7AEE-6A2B-4343-9461-0AB0DC54BFDD}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{B71098B0-C5F3-4858-986A-0EBC051D6732}" = rport=138 | protocol=17 | dir=out | app=system | 
"{BE6126A6-6ADB-4259-AD06-908C8BC5D1DA}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{C71B8A78-D6B2-419A-89DB-50CE72190F8E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{C967780B-3F94-4760-B0B7-F63F6DDBA795}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CA7DCB4F-B4AE-433A-8754-0E19DB0FEE8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{DB1D00AB-4B99-47D6-80EF-A28E3F19A1DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DD559780-8A6B-4BC0-BC71-B2B04EABF550}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{E28EF668-EBF9-49D5-88ED-AE89CAAB5EA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{F37075E6-DF8E-4CE3-8407-29548006EB07}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F390B772-40D8-4A76-A5FD-AB50DE6A1E24}" = lport=10300 | protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe | 
"{F87DB93A-8A65-40BC-B857-B65B4BA22872}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0014C0BA-205B-4149-9B05-CB56F8A58915}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{0065883F-1A8C-4049-BB2C-655E4C7925EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{05903F01-EA69-4353-9C67-9C94EEA1612C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0BB9F8C3-4F11-424E-BFB3-15F548B0125A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 | 
"{101C2C69-BA7E-4E1B-B48E-F61A753E6F2D}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | 
"{124E7BD5-10E7-4656-8052-A4F3AB8835C0}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe | 
"{15485653-9FE8-493B-970C-CA1D515C528B}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"{18795C90-77AF-4158-8F40-40F42D078CC6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1C53FC2B-B566-4552-951D-A53628B51D17}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{25EE3E7C-763D-4185-B9EB-CEA780989E0B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{28473026-2D1B-4B77-BA84-A0E5A2704323}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{30BB68EA-0214-404F-BCE5-41BE3FF888AE}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{30E64870-44A9-4CB1-9B14-022684A60092}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | 
"{32A61BFF-3438-4AE3-AE81-BC950957B6D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3791B316-7D65-4CA0-B0A8-FAF740333710}" = protocol=6 | dir=out | app=system | 
"{3FCBC69B-B200-4D06-86F4-2585B4E2B40A}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe | 
"{3FF7E4F4-1BD6-4F05-812B-CAD61DFE9F36}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"{4157F447-19CF-40DB-8335-98EF1A108E7C}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{4A65E5CC-988B-407B-B52D-86B9AA240978}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{552CFEF1-E7AC-4F88-B2BE-3D3923DB85E3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{5C08BDCB-4901-4D28-BEBC-74BF2D081CFB}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{5E119DE7-1CBA-4835-A38B-C73660D18C12}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{5E1DD7FB-1178-4F48-8CF7-FF7033109253}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5F777A5C-DAF8-4DC3-A382-69CE3D9608E7}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | 
"{7389CCD4-CDF6-44CA-9CCE-BB46741CBEE1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{760A8222-C06E-4840-936B-E9772ABC432C}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{78EC60A4-320B-496B-90ED-4AC3BF99A198}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{79B8B291-80E7-4FEF-B068-B64791611776}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{816512E6-EB29-4A08-A763-F3F8B821ACF3}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe | 
"{914D7F33-6967-429F-81A6-3BCAE17F8E82}" = protocol=58 | dir=in | app=system | 
"{94268DF4-9A05-4B8C-9827-1B9DCBE40164}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{9ED55FC4-B4B7-4E8A-9CBA-EE8426BAA40C}" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe | 
"{A55090BD-3654-4CA8-B53A-2B245B5696BB}" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe | 
"{AA0080CB-4788-4EFD-90A3-671B3D63338C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{AA088164-E56B-41C3-83E2-2FF443077B8E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AB27CB8B-A6B2-4973-9FCD-8C2C84CE3EE0}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{AF00C150-65A5-4FF6-8E54-9AC6EDD6D7ED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B0D26DA5-42DC-43F7-86D9-4EBE7028F6C4}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe | 
"{B2489612-AB6D-4B8B-B6E8-D3AA5838CD1B}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | 
"{BD3DE542-BFC0-4706-8BF9-F01D4DFC19B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C217537B-B728-4A63-AF21-D8BBEDD0A6D6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{CD9B160B-8168-4AD0-B412-5CE56F9B14C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{D186763E-6348-4F41-9995-266F79B5B465}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"{D7B0126E-A388-42F1-9E3F-0AF030D5AAE0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{E63AA1F5-9F20-400F-882D-B4EFCAC06DD9}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{F5D562D9-BB0A-453C-8235-2EE11FA2CA05}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"{F70A60BC-FB90-488C-9A0A-9593A5C86E02}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{FD224169-2DDE-4920-98BA-87D4FCE00EE1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"TCP Query User{1252B7A3-20B5-4984-9EEC-FC575FE3D48C}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{14CFB5A8-3160-455C-BBA4-8C5559078E69}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{2762A398-F718-46BF-B017-5D812D1F8D2C}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"TCP Query User{390503DC-5D29-4BD4-BD9E-F9B7E17D7E4B}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"TCP Query User{6144204B-BEE8-4BA1-988C-6C07E207584A}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{6458BF47-D5DB-4246-ACAA-E26C67DF6FDF}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"TCP Query User{74F68D95-45CC-49D9-8A64-3AC2082985A7}C:\program files\asus\gamerosd\sbs.exe" = protocol=6 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe | 
"TCP Query User{786FF187-6C2F-4FC2-8C95-7930B451FD58}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{7F8CDB64-BF21-4BA3-91A2-CF9D633215D2}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe | 
"TCP Query User{872D96FE-0E56-470A-A1D8-F482D6048F2A}C:\program files\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"TCP Query User{A8EB65FC-DAA5-442B-AA29-18E0A7F97345}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"TCP Query User{AA420A76-7CCE-44D4-8259-EB9908F3712E}C:\program files\devolo\informer\devinf.exe" = protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe | 
"TCP Query User{C9B165C1-843F-41F3-B36D-97BA636FA56E}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{F138B2A5-F65F-4513-A1FF-FCCF7B3CDDBD}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{F377A149-BE65-4496-89CF-FEA21E562E38}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{F99B2A89-36B4-474C-BB93-C5DE3080D993}C:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe | 
"TCP Query User{F9C3A6F8-F4B2-4141-A706-616A6BD14FA7}C:\program files\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files\hlsw\hlsw.exe | 
"UDP Query User{06EE2C64-6C67-49C8-B376-BB12EE07710B}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe | 
"UDP Query User{29CA7137-E326-49C6-9D69-F7747D5AD4E1}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{2A8D35C6-001F-4884-AE7D-CC32CB63E06D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{361CA2A3-8DA2-49A4-9F06-B025BE31C50F}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"UDP Query User{39C842B5-4590-40BE-9A91-032612CBDF25}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"UDP Query User{3BC66CCF-CEB8-4FFF-BED7-64DDE74307F3}C:\program files\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"UDP Query User{564ADE94-4393-477D-82AE-87271E387483}C:\program files\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files\hlsw\hlsw.exe | 
"UDP Query User{65503A8D-A917-4717-B542-6D5D242B1CBE}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"UDP Query User{65D4A092-3E9E-43A5-AF88-BA714B8FE44E}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{885BD7D7-8898-4199-9B60-93E0D4542C68}C:\program files\devolo\informer\devinf.exe" = protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe | 
"UDP Query User{8F5E2C06-987E-41AF-8105-BD5A9EA7614C}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"UDP Query User{BA548024-5A37-4861-BB9C-324BEB654C7C}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{BEA529BB-B7C7-4F6A-A3F3-9D02FADED7EC}C:\program files\asus\gamerosd\sbs.exe" = protocol=17 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe | 
"UDP Query User{CDBB24A0-0C27-403D-9323-1580F5ACC006}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{D836FB33-9916-444D-95E2-F09E7097F5CD}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{E3A6A25B-22A3-4814-B0D8-AD7E07A5BDB8}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{E437B427-9A45-48F2-8160-3A63E287A3C0}C:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{06A940CD-4924-485E-8500-476C9E08A820}" = Samsung PC Studio 3
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AAFCFAF-5544-EEAF-189B-C85B138112D1}" = ATI Catalyst Install Manager
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F0D5576-C383-4E5E-9906-0B47BECBB8B6}" = Hama Webcam Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{283CF61A-FAB6-4690-0001-05B15D792AC7}" = freeTunes*2.0
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{30A68EDA-53FA-43B5-8007-D18ED1F61659}" = Jollenbeck
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{32BC62C5-32B9-F838-ADD4-CFEF544C6888}" = ccc-core-static
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software  1.12.33.2
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{771ABEA0-23AF-8F8E-63FE-168779F294B6}" = CCC Help English
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86B247F9-1D5E-CCC6-3280-71486D9A4E70}" = ATI Stream SDK v2 Developer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{8B128562-681D-4FFA-BEBF-A825985B2CB9}" = AirPlus G DWL-G510
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{9F238A60-C445-4B81-8EDE-07DC924E98F8}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A1399B3E-93A8-E865-EC9B-6B452E3094E5}" = Catalyst Control Center InstallProxy
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.0 - Deutsch
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"{BA6C526C-F50F-4F7D-920D-D55075E25C55}" = SPEED-LINK STEERING WHEEL DRIVER v4.1
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE4D9AE7-48F8-3A24-5C68-E064153618D3}" = Catalyst Control Center InstallProxy
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client
"{C92C89BB-1D11-C8D5-1584-D5259818479A}" = ccc-utility
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}" = ProtectSmart Hard Drive Protection
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DB837331-6864-4B66-7248-4CB823DB4222}" = Catalyst Control Center InstallProxy
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F47C09DB-746B-2ABA-819B-8FC759034E74}" = Catalyst Control Center Graphics Previews Common
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = hama PC-Webcam AC-140
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.50
"AIM_6" = AIM
"Ashampoo WinOptimizer 2010_is1" = Ashampoo WinOptimizer 2010
"Avira AntiVir Desktop" = Avira AntiVir Premium
"BiosAgentPlus" = BiosAgentPlus Plugin for Netscape by eSupport.com
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"EasyBits Magic Desktop" = Magic Desktop
"Finale NotePad 2008" = Finale NotePad 2008
"FormatFactory" = FormatFactory 2.60
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 5.0.3
"Free Video Dub_is1" = Free Video Dub version 1.4
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"FreePDF_XP" = FreePDF XP (Remove only)
"Get Styles" = Get Styles
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"HLSW_is1" = HLSW v1.3.3.7b
"ICQToolbar" = ICQ Toolbar
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"MegaTrainer XL_is1" = MegaTrainer XL V1.4.5.3-Beta
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU
"Mozilla Firefox 5.0 (x86 en-GB)" = Mozilla Firefox 5.0 (x86 en-GB)
"Mozilla Thunderbird (3.1.11)" = Mozilla Thunderbird (3.1.11)
"NetworkActiv AUTAPF 1.1" = NetworkActiv AUTAPF 1.1
"Notepad++" = Notepad++
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"s4uVoctra" = s4uVoctra
"Samsung ML-191x 252x Series" = Wartung Samsung ML-191x 252x Series
"Searchqu MediaBar" = Windows Searchqu Toolbar
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"Uninstall_is1" = Uninstall 1.0.0.1
"ViewpointMediaPlayer" = Viewpoint Media Player
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"WashAndGo_is1" = WashAndGo
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"xvid" = XviD MPEG-4 Video Codec
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Move Media Player" = Move Media Player
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 02.07.2011 14:13:40 | Computer Name = Tobias-PC | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 02.07.2011 14:14:02 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:28:46 | Computer Name = Tobias-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel
 0x47918b89, fehlerhaftes Modul urlmon.dll, Version 8.0.6001.19048, Zeitstempel 
0x4d6355e2, Ausnahmecode 0xc0000005, Fehleroffset 0x0003e35a,  Prozess-ID 0x464, Anwendungsstartzeit
 01cc38dbbb9dc259.
 
Error - 02.07.2011 15:19:05 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 31.03.2011 10:52:14 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 01.04.2011 11:39:16 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 01.04.2011 15:39:28 | Computer Name = Tobias-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.04.2011 11:19:05 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 02.04.2011 11:19:07 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 02.04.2011 11:27:57 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 02.04.2011 11:27:57 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

--- --- ---

Toni_75 · 02.07.2011, 20:41

Hier kommen die aktuellen Logfiles:

1. OTL

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 02.07.2011 21:30:11 - Run 4
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\Standard\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 55,23% Memory free
6,73 Gb Paging File | 5,23 Gb Available in Paging File | 77,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 118,96 Gb Free Space | 51,08% Space Free | Partition Type: NTFS
 
Computer Name: TOBIAS-PC | User Name: Standard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.07.02 14:18:25 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.07.02 14:18:25 | 000,340,136 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2011.07.02 14:18:25 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.29 10:46:19 | 000,124,216 | ---- | M] (ICQ, LLC.) -- C:\Programme\ICQ7.5\ICQ.exe
PRC - [2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
PRC - [2011.06.26 11:16:26 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.06.26 11:16:13 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.06.26 11:16:08 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.06.16 06:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.04.19 08:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psi_tray.exe
PRC - [2011.01.05 04:58:02 | 000,397,312 | ---- | M] (AMD) -- C:\WINDOWS\System32\atieclxx.exe
PRC - [2011.01.05 04:57:32 | 000,176,128 | ---- | M] (AMD) -- C:\WINDOWS\System32\atiesrxx.exe
PRC - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.10.27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.09.21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 15:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.09.22 18:29:54 | 001,528,320 | ---- | M] (Elgato Systems) -- C:\Programme\Common Files\TerraTec\Remote\TTTvRc.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.07.11 02:27:52 | 040,999,448 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
PRC - [2008.07.10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.07.06 17:31:02 | 000,331,776 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMProcess.exe
PRC - [2008.06.23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMWDSrv.exe
PRC - [2008.06.14 01:02:04 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\KMCONFIG.exe
PRC - [2008.05.30 01:22:38 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Programme\Keyboard & Mouse Driver\StartAutorun.exe
PRC - [2008.04.15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.04.15 18:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.02.12 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.12.11 13:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe
PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnp325.exe
PRC - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe
PRC - [2007.02.12 14:50:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (Recovery Service for Windows)
SRV - [2011.07.02 14:18:25 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.07.02 14:18:25 | 000,340,136 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011.07.02 14:18:25 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.26 11:16:26 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.06.10 18:55:48 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.01.15 16:06:42 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.01.05 04:57:32 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.09.28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010\Dfsdks.exe -- (DfSdkS)
SRV - [2009.08.24 13:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008.07.29 18:20:14 | 000,067,072 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Stopped] -- C:\WINDOWS\System32\ATKFUSService.exe -- (ATKFUSService)
SRV - [2008.06.23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Programme\Keyboard & Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2008.04.15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.02.12 22:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe -- (AESTFilters)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\WINDOWS\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.11 13:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.02 14:18:26 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.02 14:18:26 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011.01.05 05:36:10 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011.01.05 05:36:10 | 006,789,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.01.05 04:19:18 | 000,235,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.01.02 01:04:00 | 000,722,416 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.11.17 14:04:12 | 000,097,296 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2010.06.10 14:32:14 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo)
DRV - [2009.07.17 18:02:02 | 000,335,872 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\rt61.sys -- (RT61)
DRV - [2009.07.17 02:41:49 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2009.05.14 09:48:04 | 000,762,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\UDXTTM6010.sys -- (UDXTTM6010)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.08.06 17:26:08 | 000,124,928 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.07.29 18:20:16 | 000,030,976 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ATKDispLowFilter.sys -- (atkdisplf)
DRV - [2008.07.29 18:20:16 | 000,015,232 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2008.07.10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008.04.27 18:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008.04.27 12:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2008.04.15 20:19:54 | 000,378,368 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.04.01 13:14:10 | 000,081,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.03.27 13:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.03.27 13:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.03.22 11:31:58 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\KMWDFILTER.sys -- (KMWDFilter)
DRV - [2008.02.29 17:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.24 15:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\enecir.sys -- (enecir)
DRV - [2007.07.11 10:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.05.30 19:14:58 | 000,016,640 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007.05.07 17:58:44 | 010,343,168 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325)
DRV - [2007.01.29 17:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\AsusVRC.sys -- (ASUSVRC)
DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\afc.sys -- (Afc)
DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004.09.12 09:45:28 | 000,008,320 | ---- | M] (Ruling Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dyncal.sys -- (DynCal)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll (ICQ)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/skins7/"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
 
FF - user.js..browser.search.openintab: false
 
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.02 21:15:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.18 10:16:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.07.02 14:17:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.06.18 10:16:01 | 000,000,000 | ---D | M]
 
[2011.05.29 18:30:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions
[2010.09.01 10:06:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.06.13 23:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions
[2011.04.27 10:13:02 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.31 22:24:30 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.12.31 22:15:52 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.08.30 11:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\personas@christopher.beard
[2011.06.13 23:05:44 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\plugin@yontoo.com
[2011.07.02 14:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\psvooo35.default\extensions
[2011.06.14 18:32:19 | 000,000,000 | ---D | M] (Maximum AdBlock) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\psvooo35.default\extensions\ozymandias@securityheroes.com
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\944s7en5.default\searchplugins\icqplugin.xml
[2011.07.02 21:15:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.04.29 15:36:05 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.10 22:24:04 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.06.26 18:58:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.14 19:50:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.08 21:25:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.06.13 23:06:07 | 000,000,000 | ---D | M] (Babylon) -- C:\Programme\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2011.06.16 06:32:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,538 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011.06.13 23:05:52 | 000,002,226 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,000,947 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010.01.01 10:00:00 | 000,001,180 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010.10.28 10:41:02 | 000,005,529 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
[2010.01.01 10:00:00 | 000,001,135 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
 
O1 HOSTS File: ([2011.06.26 18:39:42 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (GdfrDUEn Class) - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Programme\Get Styles\enlbrdr.dll (TODO: <Company name>)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo Layers\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KMCONFIG]  File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [snp325] C:\WINDOWS\vsnp325.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe ()
O4 - HKCU..\Run: [{1289D823-E624-5CEE-AB7E-EC96825F68C4}] C:\Users\Standard\AppData\Roaming\Arxue\waenw.exe ()
O4 - HKCU..\Run: [4Y3Y0C3A9F7W1ZYDRRQYR] C:\Recycle.Bin\B6232F3ACEA.exe ()
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Remote Control Editor] C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe (Elgato Systems)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Programme\Get Styles\ct.htm ()
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Programme\Get Styles\ct.htm ()
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.euro.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/html {574940E0-1B7A-4881-8FA3-1E809714B156} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\windows searchqu toolbar\datamngr\datamngr.dll) - c:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\WINDOWS\System32\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\WINDOWS\System32\ezUPBHook.dll (EasyBits Software Corp.)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell - "" = AutoRun
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell\AutoRun\command - "" = I:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell\dinstall\command - "" = I:\Directx\dxsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.07.02 20:07:42 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\HpUpdate
[2011.07.02 20:07:25 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2011.07.02 19:59:43 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Secunia PSI
[2011.07.02 19:59:34 | 000,000,000 | ---D | C] -- C:\Programme\Secunia
[2011.07.02 15:32:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.07.02 15:32:02 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.07.02 15:11:52 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Uduzaw
[2011.07.02 15:11:52 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Arxue
[2011.06.26 18:58:31 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
[2011.06.26 18:39:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.06.25 23:27:07 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.06.25 20:58:50 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\Tools
[2011.06.25 19:07:16 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Malwarebytes
[2011.06.25 19:06:09 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.06.25 19:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.06.25 19:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.06.25 19:06:04 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.06.25 19:06:04 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.06.17 19:49:54 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011.06.17 14:43:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.06.17 14:27:36 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\go
[2011.06.17 14:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[2011.06.14 18:32:20 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\SecurityHeroes
[2011.06.14 12:32:17 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2011.06.14 12:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.06.14 12:31:58 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi
[2011.06.14 12:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011.06.13 23:25:07 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.06.13 23:05:37 | 000,000,000 | ---D | C] -- C:\Programme\Yontoo Layers
[2011.06.13 23:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2011.06.13 23:04:44 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\MediaGet2
[2011.06.13 18:41:09 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Activision
[2011.06.11 16:40:52 | 000,000,000 | ---D | C] -- C:\Programme\THQ
[2011.06.11 16:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.06.11 16:38:02 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\SKIDROW
[2011.06.11 16:37:26 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.06.11 16:37:22 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.06.11 10:18:46 | 000,000,000 | ---D | C] -- C:\Programme\DAMN NFO Viewer
[2011.06.11 10:13:01 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\My Games
[2011.06.10 18:53:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam
[2011.06.10 18:53:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.06.10 18:53:31 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2009.04.15 13:48:43 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnp325.dll
[2009.04.15 13:48:43 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnp325.dll
[2009.04.15 13:48:43 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp325.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.07.02 21:19:08 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.02 21:18:06 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.02 21:17:56 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.02 21:17:56 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.02 21:17:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.02 21:16:57 | 3488,997,376 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.02 19:59:36 | 000,000,899 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011.07.02 15:37:03 | 000,000,702 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110702_153657.reg
[2011.07.02 15:36:31 | 000,092,782 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110702_153623.reg
[2011.07.02 15:32:03 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.07.02 14:39:48 | 000,002,097 | ---- | M] () -- C:\Users\Standard\Desktop\hjtscanlist.zip
[2011.07.02 14:18:26 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.07.02 14:18:26 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.06.26 20:37:06 | 000,302,592 | ---- | M] () -- C:\Users\Standard\Desktop\nvbbobxg.exe
[2011.06.26 19:03:18 | 000,000,020 | ---- | M] () -- C:\Users\Standard\defogger_reenable
[2011.06.26 19:00:55 | 000,050,477 | ---- | M] () -- C:\Users\Standard\Desktop\Defogger.exe
[2011.06.26 18:57:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Desktop\OTL.exe
[2011.06.26 18:55:24 | 000,736,020 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.26 18:55:24 | 000,696,750 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.26 18:55:24 | 000,168,278 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.26 18:55:24 | 000,142,466 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.26 18:39:42 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011.06.26 13:39:00 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2011.06.26 13:31:52 | 000,004,990 | ---- | M] () -- C:\ProgramData\mtbjfghn.xbe
[2011.06.26 13:20:54 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.06.26 11:14:23 | 000,003,450 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110626_111419.reg
[2011.06.25 23:29:04 | 000,000,000 | ---- | M] () -- C:\Windows\System32\.1
[2011.06.25 23:18:05 | 002,250,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.06.18 16:27:04 | 000,010,580 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110618_162654.reg
[2011.06.18 10:19:13 | 000,101,980 | ---- | M] () -- C:\Users\Standard\Documents\cc_20110618_101904.reg
[2011.06.17 20:11:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.06.17 20:11:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.06.16 11:03:38 | 000,270,776 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.06.16 11:01:19 | 000,111,928 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011.06.13 10:54:37 | 000,022,328 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\PnkBstrK.sys
[2011.06.12 08:35:07 | 000,002,032 | ---- | M] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat
[2011.06.11 16:38:59 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
 
========== Files Created - No Company Name ==========
 
[2011.07.02 19:59:36 | 000,000,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011.07.02 19:59:36 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2011.07.02 15:36:58 | 000,000,702 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110702_153657.reg
[2011.07.02 15:36:27 | 000,092,782 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110702_153623.reg
[2011.07.02 15:32:03 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.07.02 14:41:19 | 000,030,259 | ---- | C] () -- C:\Users\Standard\Desktop\hjtscanlist.bat
[2011.07.02 14:40:16 | 000,002,097 | ---- | C] () -- C:\Users\Standard\Desktop\hjtscanlist.zip
[2011.06.26 20:38:51 | 000,302,592 | ---- | C] () -- C:\Users\Standard\Desktop\nvbbobxg.exe
[2011.06.26 19:02:56 | 000,000,020 | ---- | C] () -- C:\Users\Standard\defogger_reenable
[2011.06.26 19:01:26 | 000,050,477 | ---- | C] () -- C:\Users\Standard\Desktop\Defogger.exe
[2011.06.26 13:39:00 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2011.06.26 13:31:52 | 000,004,990 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2011.06.26 11:14:21 | 000,003,450 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110626_111419.reg
[2011.06.25 23:29:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\.1
[2011.06.25 20:55:07 | 3488,997,376 | -HS- | C] () -- C:\hiberfil.sys
[2011.06.18 16:27:00 | 000,010,580 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110618_162654.reg
[2011.06.18 10:19:09 | 000,101,980 | ---- | C] () -- C:\Users\Standard\Documents\cc_20110618_101904.reg
[2011.06.18 10:16:01 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2011.06.17 20:11:42 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011.06.17 20:11:42 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011.06.17 14:28:58 | 000,001,589 | ---- | C] () -- C:\Users\Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk
[2011.06.11 16:38:59 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.04.22 10:53:20 | 000,104,272 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.02.22 17:21:53 | 000,022,328 | ---- | C] () -- C:\Users\Standard\AppData\Roaming\PnkBstrK.sys
[2011.01.05 04:17:40 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010.12.15 21:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.12.08 19:35:34 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.12.02 19:47:31 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.10.28 00:13:58 | 000,226,857 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.07.02 17:49:56 | 000,762,232 | ---- | C] () -- C:\Windows\System32\drivers\UDXTTM6010.sys
[2010.02.27 17:35:01 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.02.11 09:58:56 | 000,004,096 | ---- | C] () -- C:\Windows\System32\detoured.dll
[2010.02.07 12:42:46 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2010.02.07 12:42:20 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ssp4ml3.dll
[2009.12.12 19:12:18 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.09.26 16:23:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\AlfaBIG32.dll
[2009.09.24 15:26:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 15:26:17 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.31 14:03:42 | 000,262,144 | ---- | C] () -- C:\Windows\System32\EMRegSys.dll
[2009.05.24 11:58:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009.05.24 11:50:24 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009.04.27 19:29:44 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.04.27 19:29:44 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2009.04.17 12:11:26 | 000,020,480 | ---- | C] () -- C:\Users\Standard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.15 13:48:44 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe
[2009.04.15 13:48:44 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe
[2009.04.15 13:48:44 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2009.04.15 13:48:44 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini
[2009.04.15 13:38:56 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2009.04.14 21:28:16 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.04.14 20:31:54 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.02.20 12:21:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.28 10:08:03 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2009.01.28 09:51:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.01.27 17:39:37 | 000,002,032 | ---- | C] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat
[2008.09.29 00:09:32 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.07.02 18:10:15 | 000,736,020 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.07.02 18:10:15 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.07.02 18:10:15 | 000,168,278 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.07.02 18:10:15 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.07.02 09:51:54 | 000,008,308 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2008.03.05 05:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2007.09.20 12:33:52 | 003,190,784 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2007.09.20 12:33:52 | 000,741,376 | ---- | C] () -- C:\Windows\System32\audxlib.dll
[2007.09.20 12:33:52 | 000,662,016 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007.09.20 12:33:52 | 000,511,488 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2007.09.20 12:33:52 | 000,405,504 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2007.09.20 12:33:52 | 000,245,760 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2007.09.20 12:33:52 | 000,221,184 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2007.09.20 12:33:52 | 000,200,704 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2007.09.20 12:33:52 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2007.09.20 12:33:52 | 000,143,360 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2007.09.20 12:33:52 | 000,122,880 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2007.09.20 12:33:52 | 000,118,784 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2007.09.20 12:33:52 | 000,114,688 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2007.09.20 12:33:52 | 000,097,280 | ---- | C] () -- C:\Windows\System32\ff_realaac.dll
[2007.09.20 12:33:52 | 000,079,872 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2007.09.20 12:33:52 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2007.09.20 12:33:52 | 000,038,400 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2007.09.20 12:33:52 | 000,026,624 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2007.09.20 12:33:52 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 002,250,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,696,750 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,142,466 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.02.23 18:37:18 | 000,047,104 | ---- | C] () -- C:\Windows\System32\dsfFLACEncoder.dll
[2006.02.23 17:37:06 | 000,047,616 | ---- | C] () -- C:\Windows\System32\dsfVorbisDecoder.dll
[2006.02.23 17:36:22 | 000,102,400 | ---- | C] () -- C:\Windows\System32\dsfOggDemux2.dll
[2006.02.23 17:35:56 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsfOGMDecoder.dll
[2006.02.23 17:35:44 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsfNativeFLACSource.dll
[2006.02.23 17:35:40 | 000,049,664 | ---- | C] () -- C:\Windows\System32\dsfFLACDecoder.dll
[2006.02.23 17:34:58 | 000,083,456 | ---- | C] () -- C:\Windows\System32\libFLAC++.dll
[2006.02.23 17:34:56 | 000,106,496 | ---- | C] () -- C:\Windows\System32\libFishSound.dll
[2006.02.23 17:34:38 | 000,029,696 | ---- | C] () -- C:\Windows\System32\libOOOggSeek.dll
[2006.02.23 17:34:26 | 001,108,480 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2006.02.23 17:34:16 | 000,049,152 | ---- | C] () -- C:\Windows\System32\libOOogg.dll
[2006.02.23 17:33:54 | 000,140,288 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2005.04.08 04:16:43 | 000,014,716 | -H-- | C] () -- C:\Users\Standard\AppData\Roaming\Standardlog.dat
[2004.10.11 11:19:00 | 000,092,672 | ---- | C] () -- C:\Windows\System32\ASUSASV2.DLL
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.07.02 15:11:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Arxue
[2010.12.31 22:30:50 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Cuttermaran
[2010.12.31 22:15:19 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\DVDVideoSoft
[2010.12.31 22:15:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.12.11 18:12:35 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Engelmann Media
[2010.11.14 22:48:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\flightgear.org
[2011.01.21 17:08:12 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\GetRightToGo
[2011.06.17 14:27:36 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\go
[2011.02.26 14:12:07 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\HLSW
[2011.07.02 21:20:43 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\ICQ
[2011.06.25 20:53:35 | 000,000,000 | RHSD | M] -- C:\Users\Standard\AppData\Roaming\install
[2010.10.20 06:46:54 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\InstantAction
[2009.07.23 16:37:52 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\IrfanView
[2010.11.08 22:16:39 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\JavaEditor
[2010.12.07 16:22:23 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Leadertech
[2009.06.06 17:57:37 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Miranda
[2011.02.07 21:25:11 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Opera
[2011.07.02 15:13:33 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Samsung
[2011.06.14 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\SecurityHeroes
[2009.12.15 19:10:24 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\SpeedProject
[2010.07.02 17:52:31 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\TerraTec
[2010.09.01 10:06:07 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Thunderbird
[2011.07.02 15:12:25 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Uduzaw
[2010.02.12 18:04:21 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\Webweaver
[2011.02.07 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WhiteSmoke
[2009.04.17 13:09:51 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WildTangent
[2009.04.06 12:04:41 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\WinBatch
[2011.07.02 20:30:17 | 000,032,554 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

2. Extras

OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 02.07.2011 21:30:11 - Run 4
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\Standard\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 55,23% Memory free
6,73 Gb Paging File | 5,23 Gb Available in Paging File | 77,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 118,96 Gb Free Space | 51,08% Space Free | Partition Type: NTFS
 
Computer Name: TOBIAS-PC | User Name: Standard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{065DD2F7-9920-439F-BD04-0E3073B25533}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{0B4A45E2-5CFD-4367-A421-244382F6B85F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0C02E0C5-C730-45F9-8905-761654C45C4C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{19FE9E3E-85FF-4569-BDD9-2DDD3E02D8B9}" = rport=139 | protocol=6 | dir=out | app=system | 
"{1C27ED59-8710-4B0D-81D3-7BC5A81855C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{2390DA5F-FFA4-4E25-8164-F16A9C9E2864}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{244264B0-7A1F-4F91-AFFE-084BE4DCC019}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{32ABC149-73D7-4A82-8A77-4C990C7FBC1E}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4C795BFC-BF53-49FE-B563-0C194924175A}" = lport=137 | protocol=17 | dir=in | app=system | 
"{4D7AC7AB-C92E-4D3C-9C8F-FCC13AC552EA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{50EE43AD-15DA-46D3-9D61-E8AC076E637D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{554EC450-094C-43C9-ABBC-FAA54658E75A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5CB26342-473C-436A-818A-D8DC91F8C91D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{5F207028-1998-4794-BA7C-E1A9D1C3B6DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{631D8B3A-529D-416D-97D7-8B813DF2E8ED}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{64E52F38-D611-43E3-A9A1-1B251E8D6A64}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{6E207099-C83C-458D-AED4-B2916C048D28}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{73526175-250A-4798-BAB6-6D82636F8BBE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{89EFE265-E1A6-4E88-9421-A3A669E63357}" = rport=445 | protocol=6 | dir=out | app=system | 
"{9DFA0E9D-39C3-4D22-B3E6-32EE73ED76A5}" = lport=10301 | protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe | 
"{A97E9E66-E36A-4A83-ACFB-2796A1A533F2}" = rport=137 | protocol=17 | dir=out | app=system | 
"{ADA6E7CA-0EBA-453C-BE48-BEB2714AD344}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B21D5DA9-4407-4FFD-B791-72FB4E250912}" = lport=28960 | protocol=6 | dir=in | name=cod4 | 
"{B3137CA7-6526-44DF-ADBA-BD51F36991D7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{B42E7AEE-6A2B-4343-9461-0AB0DC54BFDD}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{B71098B0-C5F3-4858-986A-0EBC051D6732}" = rport=138 | protocol=17 | dir=out | app=system | 
"{BE6126A6-6ADB-4259-AD06-908C8BC5D1DA}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{C71B8A78-D6B2-419A-89DB-50CE72190F8E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{C967780B-3F94-4760-B0B7-F63F6DDBA795}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CA7DCB4F-B4AE-433A-8754-0E19DB0FEE8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{DB1D00AB-4B99-47D6-80EF-A28E3F19A1DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DD559780-8A6B-4BC0-BC71-B2B04EABF550}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{E28EF668-EBF9-49D5-88ED-AE89CAAB5EA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{F37075E6-DF8E-4CE3-8407-29548006EB07}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F390B772-40D8-4A76-A5FD-AB50DE6A1E24}" = lport=10300 | protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe | 
"{F87DB93A-8A65-40BC-B857-B65B4BA22872}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0014C0BA-205B-4149-9B05-CB56F8A58915}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{0065883F-1A8C-4049-BB2C-655E4C7925EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{05903F01-EA69-4353-9C67-9C94EEA1612C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0BB9F8C3-4F11-424E-BFB3-15F548B0125A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 | 
"{101C2C69-BA7E-4E1B-B48E-F61A753E6F2D}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | 
"{124E7BD5-10E7-4656-8052-A4F3AB8835C0}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe | 
"{15485653-9FE8-493B-970C-CA1D515C528B}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"{18795C90-77AF-4158-8F40-40F42D078CC6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1C53FC2B-B566-4552-951D-A53628B51D17}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{25EE3E7C-763D-4185-B9EB-CEA780989E0B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{28473026-2D1B-4B77-BA84-A0E5A2704323}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{30BB68EA-0214-404F-BCE5-41BE3FF888AE}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{30E64870-44A9-4CB1-9B14-022684A60092}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | 
"{32A61BFF-3438-4AE3-AE81-BC950957B6D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3791B316-7D65-4CA0-B0A8-FAF740333710}" = protocol=6 | dir=out | app=system | 
"{3FCBC69B-B200-4D06-86F4-2585B4E2B40A}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe | 
"{3FF7E4F4-1BD6-4F05-812B-CAD61DFE9F36}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"{4157F447-19CF-40DB-8335-98EF1A108E7C}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{4A65E5CC-988B-407B-B52D-86B9AA240978}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{552CFEF1-E7AC-4F88-B2BE-3D3923DB85E3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{5C08BDCB-4901-4D28-BEBC-74BF2D081CFB}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{5E119DE7-1CBA-4835-A38B-C73660D18C12}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{5E1DD7FB-1178-4F48-8CF7-FF7033109253}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5F777A5C-DAF8-4DC3-A382-69CE3D9608E7}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | 
"{7389CCD4-CDF6-44CA-9CCE-BB46741CBEE1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{760A8222-C06E-4840-936B-E9772ABC432C}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{78EC60A4-320B-496B-90ED-4AC3BF99A198}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{79B8B291-80E7-4FEF-B068-B64791611776}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{816512E6-EB29-4A08-A763-F3F8B821ACF3}" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\cinergydvr.exe | 
"{914D7F33-6967-429F-81A6-3BCAE17F8E82}" = protocol=58 | dir=in | app=system | 
"{94268DF4-9A05-4B8C-9827-1B9DCBE40164}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{9ED55FC4-B4B7-4E8A-9CBA-EE8426BAA40C}" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe | 
"{A55090BD-3654-4CA8-B53A-2B245B5696BB}" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\launcher.exe | 
"{AA0080CB-4788-4EFD-90A3-671B3D63338C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{AA088164-E56B-41C3-83E2-2FF443077B8E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AB27CB8B-A6B2-4973-9FCD-8C2C84CE3EE0}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{AF00C150-65A5-4FF6-8E54-9AC6EDD6D7ED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B0D26DA5-42DC-43F7-86D9-4EBE7028F6C4}" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\insttool.exe | 
"{B2489612-AB6D-4B8B-B6E8-D3AA5838CD1B}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | 
"{BD3DE542-BFC0-4706-8BF9-F01D4DFC19B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C217537B-B728-4A63-AF21-D8BBEDD0A6D6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{CD9B160B-8168-4AD0-B412-5CE56F9B14C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{D186763E-6348-4F41-9995-266F79B5B465}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"{D7B0126E-A388-42F1-9E3F-0AF030D5AAE0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{E63AA1F5-9F20-400F-882D-B4EFCAC06DD9}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{F5D562D9-BB0A-453C-8235-2EE11FA2CA05}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"{F70A60BC-FB90-488C-9A0A-9593A5C86E02}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{FD224169-2DDE-4920-98BA-87D4FCE00EE1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"TCP Query User{1252B7A3-20B5-4984-9EEC-FC575FE3D48C}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{14CFB5A8-3160-455C-BBA4-8C5559078E69}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{2762A398-F718-46BF-B017-5D812D1F8D2C}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"TCP Query User{390503DC-5D29-4BD4-BD9E-F9B7E17D7E4B}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"TCP Query User{6144204B-BEE8-4BA1-988C-6C07E207584A}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{6458BF47-D5DB-4246-ACAA-E26C67DF6FDF}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"TCP Query User{74F68D95-45CC-49D9-8A64-3AC2082985A7}C:\program files\asus\gamerosd\sbs.exe" = protocol=6 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe | 
"TCP Query User{786FF187-6C2F-4FC2-8C95-7930B451FD58}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{7F8CDB64-BF21-4BA3-91A2-CF9D633215D2}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe | 
"TCP Query User{872D96FE-0E56-470A-A1D8-F482D6048F2A}C:\program files\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"TCP Query User{A8EB65FC-DAA5-442B-AA29-18E0A7F97345}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"TCP Query User{AA420A76-7CCE-44D4-8259-EB9908F3712E}C:\program files\devolo\informer\devinf.exe" = protocol=6 | dir=in | app=c:\program files\devolo\informer\devinf.exe | 
"TCP Query User{C9B165C1-843F-41F3-B36D-97BA636FA56E}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{F138B2A5-F65F-4513-A1FF-FCCF7B3CDDBD}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{F377A149-BE65-4496-89CF-FEA21E562E38}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{F99B2A89-36B4-474C-BB93-C5DE3080D993}C:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe | 
"TCP Query User{F9C3A6F8-F4B2-4141-A706-616A6BD14FA7}C:\program files\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files\hlsw\hlsw.exe | 
"UDP Query User{06EE2C64-6C67-49C8-B376-BB12EE07710B}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe | 
"UDP Query User{29CA7137-E326-49C6-9D69-F7747D5AD4E1}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{2A8D35C6-001F-4884-AE7D-CC32CB63E06D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{361CA2A3-8DA2-49A4-9F06-B025BE31C50F}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"UDP Query User{39C842B5-4590-40BE-9A91-032612CBDF25}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"UDP Query User{3BC66CCF-CEB8-4FFF-BED7-64DDE74307F3}C:\program files\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"UDP Query User{564ADE94-4393-477D-82AE-87271E387483}C:\program files\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files\hlsw\hlsw.exe | 
"UDP Query User{65503A8D-A917-4717-B542-6D5D242B1CBE}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"UDP Query User{65D4A092-3E9E-43A5-AF88-BA714B8FE44E}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{885BD7D7-8898-4199-9B60-93E0D4542C68}C:\program files\devolo\informer\devinf.exe" = protocol=17 | dir=in | app=c:\program files\devolo\informer\devinf.exe | 
"UDP Query User{8F5E2C06-987E-41AF-8105-BD5A9EA7614C}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe | 
"UDP Query User{BA548024-5A37-4861-BB9C-324BEB654C7C}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{BEA529BB-B7C7-4F6A-A3F3-9D02FADED7EC}C:\program files\asus\gamerosd\sbs.exe" = protocol=17 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe | 
"UDP Query User{CDBB24A0-0C27-403D-9323-1580F5ACC006}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{D836FB33-9916-444D-95E2-F09E7097F5CD}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{E3A6A25B-22A3-4814-B0D8-AD7E07A5BDB8}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{E437B427-9A45-48F2-8160-3A63E287A3C0}C:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp 1.7 patched.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{06A940CD-4924-485E-8500-476C9E08A820}" = Samsung PC Studio 3
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AAFCFAF-5544-EEAF-189B-C85B138112D1}" = ATI Catalyst Install Manager
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F0D5576-C383-4E5E-9906-0B47BECBB8B6}" = Hama Webcam Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{283CF61A-FAB6-4690-0001-05B15D792AC7}" = freeTunes*2.0
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{30A68EDA-53FA-43B5-8007-D18ED1F61659}" = Jollenbeck
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{32BC62C5-32B9-F838-ADD4-CFEF544C6888}" = ccc-core-static
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software  1.12.33.2
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{771ABEA0-23AF-8F8E-63FE-168779F294B6}" = CCC Help English
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86B247F9-1D5E-CCC6-3280-71486D9A4E70}" = ATI Stream SDK v2 Developer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{8B128562-681D-4FFA-BEBF-A825985B2CB9}" = AirPlus G DWL-G510
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{9F238A60-C445-4B81-8EDE-07DC924E98F8}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A1399B3E-93A8-E865-EC9B-6B452E3094E5}" = Catalyst Control Center InstallProxy
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.0 - Deutsch
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"{BA6C526C-F50F-4F7D-920D-D55075E25C55}" = SPEED-LINK STEERING WHEEL DRIVER v4.1
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE4D9AE7-48F8-3A24-5C68-E064153618D3}" = Catalyst Control Center InstallProxy
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client
"{C92C89BB-1D11-C8D5-1584-D5259818479A}" = ccc-utility
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}" = ProtectSmart Hard Drive Protection
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}" = Microsoft Visual Basic 2010 Express - DEU
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DB837331-6864-4B66-7248-4CB823DB4222}" = Catalyst Control Center InstallProxy
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F47C09DB-746B-2ABA-819B-8FC759034E74}" = Catalyst Control Center Graphics Previews Common
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = hama PC-Webcam AC-140
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.50
"AIM_6" = AIM
"Ashampoo WinOptimizer 2010_is1" = Ashampoo WinOptimizer 2010
"Avira AntiVir Desktop" = Avira AntiVir Premium
"BiosAgentPlus" = BiosAgentPlus Plugin for Netscape by eSupport.com
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"EasyBits Magic Desktop" = Magic Desktop
"Finale NotePad 2008" = Finale NotePad 2008
"FormatFactory" = FormatFactory 2.60
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 5.0.3
"Free Video Dub_is1" = Free Video Dub version 1.4
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"FreePDF_XP" = FreePDF XP (Remove only)
"Get Styles" = Get Styles
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"HLSW_is1" = HLSW v1.3.3.7b
"ICQToolbar" = ICQ Toolbar
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}" = ASUS VideoSecurity Online
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"MegaTrainer XL_is1" = MegaTrainer XL V1.4.5.3-Beta
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2010 Express - DEU" = Microsoft Visual Basic 2010 Express - DEU
"Mozilla Firefox 5.0 (x86 en-GB)" = Mozilla Firefox 5.0 (x86 en-GB)
"Mozilla Thunderbird (3.1.11)" = Mozilla Thunderbird (3.1.11)
"NetworkActiv AUTAPF 1.1" = NetworkActiv AUTAPF 1.1
"Notepad++" = Notepad++
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"s4uVoctra" = s4uVoctra
"Samsung ML-191x 252x Series" = Wartung Samsung ML-191x 252x Series
"Searchqu MediaBar" = Windows Searchqu Toolbar
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"Uninstall_is1" = Uninstall 1.0.0.1
"ViewpointMediaPlayer" = Viewpoint Media Player
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"WashAndGo_is1" = WashAndGo
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"xvid" = XviD MPEG-4 Video Codec
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Move Media Player" = Move Media Player
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 02.07.2011 14:13:40 | Computer Name = Tobias-PC | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 02.07.2011 14:14:02 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:14:03 | Computer Name = Tobias-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2011 14:28:46 | Computer Name = Tobias-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel
 0x47918b89, fehlerhaftes Modul urlmon.dll, Version 8.0.6001.19048, Zeitstempel 
0x4d6355e2, Ausnahmecode 0xc0000005, Fehleroffset 0x0003e35a,  Prozess-ID 0x464, Anwendungsstartzeit
 01cc38dbbb9dc259.
 
Error - 02.07.2011 15:19:05 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 31.03.2011 10:52:14 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 01.04.2011 11:39:16 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 01.04.2011 15:39:28 | Computer Name = Tobias-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.04.2011 11:18:10 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.04.2011 11:19:05 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 02.04.2011 11:19:07 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 02.04.2011 11:27:57 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 02.04.2011 11:27:57 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

--- --- ---

Toni_75 · 02.07.2011, 20:43

3. Install (CC)

Code:

ATTFilter

Activation Assistant for the 2007 Microsoft Office suites	Microsoft Corporation	26.01.2009	14,0MB	
Adobe AIR	Adobe Systems Incorporated	01.07.2011		2.7.0.19530
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	25.06.2011		10.3.181.26
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	24.06.2011		10.3.181.26
Adobe Media Player	Adobe Systems Incorporated	14.01.2011	2,95MB	1.1
Adobe Photoshop CS4	Adobe Systems Incorporated	14.01.2011		11.0
Adobe Reader 8.3.0 - Deutsch	Adobe Systems Incorporated	17.06.2011	102,1MB	8.3.0
Adobe Shockwave Player 11.6	Adobe Systems, Inc.	01.07.2011	8,17MB	11.6.0.626
Agere Systems HDA Modem	Agere Systems	19.02.2009		
AIDA64 Extreme Edition v1.50	FinalWire Ltd.	11.02.2011	21,0MB	1.50
AIM		26.01.2009		
AirPlus G DWL-G510	D-Link	14.02.2011	5,84MB	1.0.24
Apple Application Support	Apple Inc.	10.06.2011	51,0MB	1.5.2
Apple Mobile Device Support	Apple Inc.	10.06.2011	22,1MB	3.4.1.2
Apple Software Update	Apple Inc.	21.03.2011	2,26MB	2.1.2.120
Ashampoo WinOptimizer 2010	Ashampoo GmbH & Co. KG	10.12.2009	30,8MB	6.5.0
ASUS Gamer OSD	ASUSTeK COMPUTER INC.	07.12.2010	9,04MB	3.05.0729
ASUS VideoSecurity Online	ASUSTeK Computer Inc.	13.04.2009	35,7MB	3.5.1.3
Atheros Driver Installation Program	Atheros	27.01.2009	11,0MB	5.0
ATI Catalyst Install Manager	ATI Technologies, Inc.	13.06.2011	16,6MB	3.0.808.0
ATI Stream SDK v2 Developer	ATI Technologies Inc.	13.02.2011	20,2MB	2.3.0.0
Avira AntiVir Premium	Avira GmbH	01.07.2011	62,2MB	10.2.0.719
BiosAgentPlus Plugin for Netscape by eSupport.com		13.02.2011		
Bonjour	Apple Inc.	20.04.2011	1,12MB	2.0.5.0
Broadcom 802.11 Wireless LAN Adapter	Broadcom Corporation	25.06.2011		5.10.38.26
Call of Duty(R) - World at War(TM)	Activision	12.06.2011	8.248MB	1.7
Camtasia Studio 7	TechSmith Corporation	30.01.2011	219MB	7.0.1
CCleaner	Piriform	01.07.2011	3,82MB	3.08
Cheat Engine 5.6.1	Dark Byte	01.12.2010	10,1MB	
Cisco EAP-FAST Module	Cisco Systems, Inc.	27.01.2009	1,04MB	2.1.6
Cisco LEAP Module	Cisco Systems, Inc.	27.01.2009	1,04MB	1.0.12
Cisco PEAP Module	Cisco Systems, Inc.	27.01.2009	0,85MB	1.0.13
Compatibility Pack für 2007 Office System	Microsoft Corporation	11.05.2011	64,0MB	12.0.6425.1000
devolo dLAN-Konfigurationsassistent	devolo AG	29.12.2010		20.0.0.0
devolo Informer	devolo AG	29.12.2010		28.0.0.0
EasyBits GO	EasyBits Media	16.06.2011	13,3MB	
Finale NotePad 2008	MakeMusic	10.01.2011	58,9MB	13.0.0.0
FormatFactory 2.60	Free Time	31.01.2011	112,9MB	2.60
Free Audio CD Burner version 1.4.7	DVDVideoSoft Limited.	18.04.2011	3,26MB	
Free Studio version 5.0.3	DVDVideoSoft Limited.	30.12.2010	139,0MB	
Free Video Dub version 1.4	DVD Video Soft Limited.	16.04.2009	2,28MB	
Free YouTube Download 2.2	DVDVideoSoft Limited.	16.04.2009	2,34MB	
Free YouTube to MP3 Converter version 3.9.35.324	DVDVideoSoft Limited.	18.04.2011	2,21MB	
FreePDF XP (Remove only)		26.04.2009	3,01MB	
freeTunes*2.0	Engelmann Media GmbH	10.12.2009	41,6MB	2.19.1120
Get Styles		06.09.2010	0,37MB	
Google Earth	Google	25.05.2011	84,7MB	6.0.3.2197
GPL Ghostscript 8.64		26.04.2009	22,5MB	
hama PC-Webcam AC-140	Sonix	14.04.2009	107,4MB	0.1.0.000
Hama Webcam Suite	ArcSoft	14.04.2009	107,4MB	
HLSW v1.3.3.7b	Timo Stripf	22.02.2011	42,9MB	
HP Customer Experience Enhancements	Hewlett-Packard	01.07.2008	0,98MB	5.7.0.2630
HP Easy Setup - Frontend	Hewlett-Packard	01.07.2008	2,17MB	5.7.0.2630
HP Games	WildTangent	16.04.2009	376MB	1.0.0.71
HP Help and Support	Hewlett-Packard	01.07.2008	14,3MB	2.0.7.0
HP MULTIPLE MODEM INSTALLER for VISTA	Hewlett Packard Company	19.02.2009	13,8MB	1.0.1.30
HP Product Detection	Hewlett-Packard Company	14.02.2011	1,90MB	10.7.9.0
HP Quick Launch Buttons 6.40 H2	Hewlett-Packard	19.02.2009	17,2MB	6.40 H2
HP QuickPlay 3.7		26.01.2009	7,27MB	
HP QuickTouch 1.00 D2	Hewlett-Packard	01.07.2008	1,77MB	1.0.9
HP Total Care Advisor	Hewlett-Packard	01.07.2008	38,8MB	2.1.3359.2635
HP Update	Hewlett-Packard	01.07.2008	3,72MB	4.000.010.008
HP Wireless Assistant	Hewlett-Packard	01.07.2008	3,84MB	3.00 I2
ICQ Toolbar	ICQ	18.04.2011		3.0.0
ICQ7.5	ICQ	26.04.2011	54,0MB	7.5
IDT Audio	IDT	26.01.2009	25,7MB	1.0.5893.0
Intel® Matrix Storage Manager	Intel Corporation	26.01.2009	37,3MB	
IrfanView (remove only)	Irfan Skiljan	01.07.2011	1,61MB	4.27
iTunes	Apple Inc.	10.06.2011	144,0MB	10.3.1.55
Java(TM) 6 Update 5	Sun Microsystems, Inc.	01.07.2008	171,1MB	1.6.0.50
JMicron JMB38X Flash Media Controller	JMicron Technology Corp.	26.01.2009	2,26MB	1.00.10.04
Jollenbeck	Sysgration Ltd.	25.09.2009	14.525MB	1.00.0000
Keyboard & Mouse Driver	Driver Builder	22.04.2011	3,44MB	5.1
LightScribe System Software  1.12.33.2	LightScribe	26.01.2009	20,9MB	1.12.33.2
LogMeIn Hamachi	LogMeIn, Inc.	13.06.2011	3,27MB	2.0.3.115
Magic Desktop		26.02.2010		
Malwarebytes' Anti-Malware Version 1.51.0.1200	Malwarebytes Corporation	24.06.2011	7,29MB	1.51.0.1200
MegaTrainer XL V1.4.5.3-Beta		27.01.2011	3,48MB	
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	05.04.2009	37,0MB	
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	19.02.2009	37,4MB	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	24.06.2010	120,3MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	24.06.2010	24,5MB	4.0.30319
Microsoft .NET Framework 4 Extended	Microsoft Corporation	29.01.2011	46,0MB	4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	29.01.2011	11,7MB	4.0.30319
Microsoft .NET Framework 4 Multi-Targeting Pack	Microsoft Corporation	28.01.2011	83,5MB	4.0.30319
Microsoft Help Viewer 1.0	Microsoft Corporation	29.01.2011	6,09MB	1.0.30319
Microsoft Help Viewer 1.0 Language Pack - DEU	Microsoft Corporation	29.01.2011	6,09MB	1.0.30319
Microsoft Office PowerPoint Viewer 2007 (German)	Microsoft Corporation	11.05.2011	89,0MB	12.0.6425.1000
Microsoft Office Standard Edition 2003	Microsoft Corporation	11.05.2011	348MB	11.0.8173.0
Microsoft Silverlight	Microsoft Corporation	21.04.2011	68,5MB	4.0.60310.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	25.01.2011	1,74MB	3.1.0000
Microsoft SQL Server 2008	Microsoft Corporation	16.04.2009	363MB	
Microsoft SQL Server 2008 Native Client	Microsoft Corporation	16.04.2009	3,16MB	10.0.1600.22
Microsoft SQL Server 2008 R2 Management Objects	Microsoft Corporation	28.01.2011	17,1MB	10.50.1447.4
Microsoft SQL Server 2008 Setup Support Files (English)	Microsoft Corporation	16.04.2009	29,6MB	10.0.1600.22
Microsoft SQL Server 2008-Browser	Microsoft Corporation	16.04.2009	8,01MB	10.0.1600.22
Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)	Microsoft Corporation	16.04.2009	9,10MB	3.5.5692.0
Microsoft SQL Server Compact 3.5 SP2 DEU	Microsoft Corporation	28.01.2011	3,69MB	3.5.8080.0
Microsoft SQL Server System CLR Types	Microsoft Corporation	28.01.2011	2,55MB	10.50.1447.4
Microsoft SQL Server VSS Writer	Microsoft Corporation	16.04.2009	1,81MB	10.0.1600.22
Microsoft Visual Basic 2010 Express - DEU	Microsoft Corporation	29.01.2011	228MB	10.0.30319
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	05.12.2010	2,52MB	8.0.59193
Microsoft Visual C++ 2005 Redistributable - KB2467175	Microsoft Corporation	13.04.2011	0,29MB	8.0.51011
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	13.04.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	Microsoft Corporation	12.06.2011	1,41MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	16.04.2009	0,57MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	13.04.2009	0,58MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	08.11.2010	0,57MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974	Microsoft Corporation	28.01.2011	0,58MB	9.0.30729.4974
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319	Microsoft Corporation	13.04.2011	11,0MB	10.0.30319
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools	Microsoft Corporation	28.01.2011	35,4MB	10.0.30319
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu	Microsoft Corporation	16.04.2009	5,74MB	3.5.30729
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32	Microsoft Corporation	16.04.2009	2,61MB	6.1.5295.17011
Microsoft Works	Microsoft Corporation	26.01.2011	378MB	9.7.0621
MobileMe Control Panel	Apple Inc.	07.05.2011	12,0MB	3.1.6.0
Move Media Player	Move Networks	30.03.2010		
Mozilla Firefox 5.0 (x86 en-GB)	Mozilla	01.07.2011	35,7MB	5.0
Mozilla Thunderbird (3.1.11)	Mozilla	01.07.2011	34,7MB	3.1.11 (de)
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	19.02.2009	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	24.11.2009	1,34MB	4.20.9876.0
Need for Speed(TM) Hot Pursuit	Electronic Arts	07.02.2011	3.827MB	1.0.0.0
NetworkActiv AUTAPF 1.1	NetworkActiv	04.04.2011	0,52MB	
Notepad++		26.02.2010	8,91MB	5.6.7
Paint.NET v3.5.8	dotPDN LLC	17.04.2011	10,4MB	3.58.0
Power2Go	CyberLink Corp.	26.01.2009	163,9MB	5.6.3919
ProtectSmart Hard Drive Protection	Hewlett-Packard	26.01.2009	2,25MB	3.10 A7
QuickPlay SlingPlayer 0.4.6	SlingMedia	26.01.2009	194,1MB	0.4.6
QuickTime	Apple Inc.	24.01.2011	73,7MB	7.69.80.9
Realtek 8169 8168 8101E 8102E Ethernet Driver	Realtek	27.01.2009	1,50MB	1.00.0000
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	15.02.2011	12,2MB	6.0.1.6215
RedMon - Redirection Port Monitor		26.04.2009		
s4uVoctra		24.06.2009	63,8MB	
Safari	Apple Inc.	20.04.2011	41,3MB	5.33.21.1
Secunia PSI (2.0.0.3003)		01.07.2011	4,45MB	
Skype Toolbars	Skype Technologies S.A.	09.03.2010	5,25MB	1.0.4051
Skype™ 5.3	Skype Technologies S.A.	08.06.2011	22,6MB	5.3.116
SPEED-LINK STEERING WHEEL DRIVER v4.1	Ihr Firmenname	25.09.2009	12,2MB	4.10.0000
Steam	Valve Corporation	09.06.2011	42,3MB	1.0.0.0
TerraTec Home Cinema		01.07.2010	95,8MB	6.11.5
Uninstall 1.0.0.1		18.04.2011	15,4MB	
Viewpoint Media Player		26.01.2009	7,30MB	
Virtual DJ Home - Atomix Productions		02.03.2011	19,0MB	
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU	Microsoft Corporation	28.01.2011	11,2MB	4.0.8080.0
Wartung Samsung ML-191x 252x Series	Samsung Electronics CO.,LTD	06.02.2010	99,6MB	
WashAndGo	Abelssoft GmbH	18.01.2011	55,4MB	11.00
Windows Live Essentials	Microsoft Corporation	26.01.2011		15.4.3508.1109
Windows Media Player Firefox Plugin	Microsoft Corp	18.05.2009	0,29MB	1.0.0.8
Windows Searchqu Toolbar	Bandoo Media Inc	06.02.2011	5,49MB	2.0.0.94786
WinRAR		14.01.2011	3,79MB	
XviD MPEG-4 Video Codec	XviD Development Team	13.04.2009		
Yontoo Layers 1.10.01		12.06.2011	0,19MB	1.10.01

Toni_75 · 02.07.2011, 21:02

und die hjtscanlist bekomme ich erneut nicht reinkopiert - erneut kommt nach Drücken auf den Antworten-Button eine Fehlermeldung von Firefox.

Toni_75 · 02.07.2011, 21:13

Versuchs mal als ZIP (h....list=xx.zip)

Undd die FF-Fehlermeldung hänge ich gleich dazu.

Jetzt bin ich gespannt!!

kira · 02.07.2011, 22:04

so geht`s weiter:

Falls nicht (mehr) vorhanden:

1.
läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit)
Achtung!:
WENN GMER NICHT AUSGEFÜHRT WERDEN KANN ODER PROBMLEME VERURSACHT, fahre mit dem nächsten Punkt fort!- Es ist NICHT sinnvoll einen zweiten Versuch zu starten!
Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :

- also lade Dir Gmer herunter und entpacke es auf deinen Desktop
- starte gmer.exe
- [b]schließe alle Programme, ausserdem Antiviren und andere Schutzprogramme usw müssen deaktiviert sein, keine Verbindung zum Internet, WLAN auch trennen)
- bitte nichts am Pc machen während der Scan läuft!
- klicke auf "Scan", um das Tool zu starten
- wenn der Scan fertig ist klicke auf "Copy" (das Log wird automatisch in die Zwischenablage kopiert) und mit STRG + V musst Du gleich da einfügen
- mit "Ok" wird GMER beendet.
- das Log aus der Zwischenablage hier in Deinem Thread vollständig hineinkopieren

** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen
Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren!
Anleitung:-> GMER - Rootkit Scanner

2.
Kontrolle mit MBR -t, ob Master Boot Record in Ordnung ist (MBR-Rootkit)

Mit dem folgenden Tool prüfen wir, ob sich etwas Schädliches im Master Boot Record eingenistet hat.

Downloade die MBR.exe von Gmer und
kopiere die Datei mbr.exe in den Ordner C:\Windows\system32.
Falls Du den Ordner nicht sehen kannst, diese Einstellungen in den Ordneroptionen vornehmen.
Start => ausführen => cmd (da reinschreiben) => OK
es öffnet sich eine Eingabeaufforderung.

Vista- und Windows 7-User: Start => Alle Programme => Zubehör => Rechtsklick auf Eingabeaufforderung und wähle Als Administrator ausführen.
Nach dem Prompt (>_) folgenden

aus der Codebox manuell eingeben oder alternativ den mit STRG + C ins Clipboard kopieren und einfügen.
Einfügen in der Eingabeaufforderung: in der Titelleiste einen Rechtsklick machen => Bearbeiten => einfügen.
Code:
ATTFilter
```
mbr.exe -t > C:\mbr.log & C:\mbr.log
         
```
(Enter drücken)
Nach kurzer Zeit wird sich Dein Editor öffnen und die Datei C:\mbr.log beinhalten.
Bitte kopiere den Inhalt hier in Deinen Thread.

3.
Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/skins7/"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
[2011.04.27 10:13:02 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.31 22:24:30 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.12.31 22:15:52 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\944s7en5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.04.29 15:36:05 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.28 10:41:02 | 000,005,529 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
[2010.01.01 10:00:00 | 000,001,135 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Programme\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1104271012\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKCU..\Run: [{1289D823-E624-5CEE-AB7E-EC96825F68C4}] C:\Users\Standard\AppData\Roaming\Arxue\waenw.exe ()
O4 - HKCU..\Run: [4Y3Y0C3A9F7W1ZYDRRQYR] C:\Recycle.Bin\B6232F3ACEA.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell - "" = AutoRun
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell\AutoRun\command - "" = I:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{94db7882-308c-11e0-94d3-001e9065ba16}\Shell\dinstall\command - "" = I:\Directx\dxsetup.exe
[2011.07.02 15:11:52 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Uduzaw
[2011.07.02 15:11:52 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Arxue
[2011.06.26 20:37:06 | 000,302,592 | ---- | M] () -- C:\Users\Standard\Desktop\nvbbobxg.exe
[2011.06.26 13:31:52 | 000,004,990 | ---- | M] () -- C:\ProgramData\mtbjfghn.xbe

:Files
C:\iduhsfuisdf
:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

4.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung/virus-protect.org

5.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam

Log-Analyse und Auswertung: Sicherheitscenter nicht aktivierbar / Google leitet um / AVIRA nicht updatebar / Rechner langsam