Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Seltsame Dateien in C:\Windows

Seltsame Dateien in C:\Windows


Log-Analyse und Auswertung: Seltsame Dateien in C:\Windows

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 05.07.2011, 00:19   #1
Thomas13
 
Seltsame Dateien in C:\Windows - Standard

Seltsame Dateien in C:\Windows


Nabend.

Mir sind heute in C:\Windows seltsame Dateinamen aufgefallen, wo ich einfach nachfragen wollte.
Die Dateien sind xö2, Ôø¼, 4÷O und ,ôÅ

Anbei noch ein OTL Log:
OTL.txt
Code:
ATTFilter
OTL logfile created on: 7/5/2011 1:06:28 AM - Run 4
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Thomas\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.34 Gb Total Space | 237.53 Gb Free Space | 52.51% Space Free | Partition Type: NTFS
Drive D: | 13.32 Gb Total Space | 1.64 Gb Free Space | 12.30% Space Free | Partition Type: NTFS
Drive G: | 3.76 Gb Total Space | 2.62 Gb Free Space | 69.87% Space Free | Partition Type: FAT32
 
Computer Name: THOMASPC | User Name: Thomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/06/15 10:58:53 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/05/14 01:44:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas\Downloads\OTL.exe
PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2007/06/05 14:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/05/14 01:44:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas\Downloads\OTL.exe
MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/11/20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/03/05 02:25:36 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2010/01/14 05:04:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011/06/29 22:01:19 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/06/01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/05 14:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/05/10 13:59:48 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/01/14 05:26:00 | 006,327,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/01/14 04:10:56 | 000,185,344 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/11/19 01:30:56 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/10/22 13:54:24 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\14507332.sys -- (14507332)
DRV:64bit: - [2009/10/09 23:30:56 | 000,352,784 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\1450733.sys -- (setup_9.0.0.722_11.06.2011_06-10drv)
DRV:64bit: - [2009/09/25 17:59:46 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\14507331.sys -- (14507331)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/04 09:31:40 | 000,982,016 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=158.130.6.253:3124
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com/"
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..network.proxy.http: "128.119.41.211"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/06/28 17:16:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/25 15:45:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/05 00:39:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/07/04 01:10:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2011/03/15 19:36:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions
[2010/11/16 18:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/03/15 19:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2011/07/04 15:44:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\2k2rtmay.default\extensions
[2011/03/25 16:38:38 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\2k2rtmay.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/03/15 19:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\SeaMonkey\Profiles\13rv2xx9.default\extensions
[2011/06/25 16:06:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011/05/02 20:19:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/06/25 16:06:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/06/28 17:16:28 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/06/15 10:23:45 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/06/15 10:23:45 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/06/15 10:23:45 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/06/15 10:23:45 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/06/15 10:23:45 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011/03/16 21:07:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: ({DLL_Str}) -  File not found
O20 - AppInit_DLLs: ({DLL_Str}) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010/11/14 19:05:56 | 000,000,000 | ---- | M] () - C:\Autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/07/05 00:36:41 | 004,488,201 | ---- | C] (Krzysztof Kowalczyk) -- C:\Users\Thomas\Desktop\SumatraPDF-1.6-install.exe
[2011/07/04 20:23:32 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Documents\Any Video Converter
[2011/07/04 20:23:24 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\AnvSoft
[2011/07/04 12:40:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/04 01:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird
[2011/07/04 00:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2011/07/04 00:10:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft
[2011/07/04 00:07:29 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{16FB997E-A7D3-4E1E-95B3-B01D81A06AF5}
[2011/07/01 23:58:33 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\Texture
[2011/07/01 23:28:50 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\InstallShield
[2011/07/01 14:28:33 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\ATI
[2011/07/01 14:28:33 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\ATI
[2011/07/01 14:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/07/01 14:26:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011/07/01 14:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/07/01 14:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/07/01 13:20:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI-Assistent für Problemberichte
[2011/07/01 13:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011/07/01 13:20:25 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/07/01 13:19:55 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/07/01 13:19:06 | 000,000,000 | ---D | C] -- C:\AMD
[2011/06/30 09:44:53 | 000,000,000 | ---D | C] -- C:\Windows\de
[2011/06/30 09:44:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/06/30 09:43:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/06/30 09:43:39 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/06/29 22:59:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2011/06/29 22:42:55 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\avidemux
[2011/06/29 22:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux
[2011/06/29 22:42:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avidemux 2.5
[2011/06/29 22:07:38 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\Windows Live
[2011/06/29 21:32:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/06/29 18:42:31 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\Foxit Software
[2011/06/29 13:54:51 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\roaming
[2011/06/29 10:29:53 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011/06/29 10:29:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011/06/29 10:29:51 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011/06/29 10:29:51 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011/06/29 10:29:50 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011/06/29 10:29:50 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011/06/29 10:29:50 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011/06/29 10:29:50 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011/06/29 10:29:50 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011/06/29 10:29:49 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011/06/29 10:29:49 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011/06/29 10:29:49 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011/06/29 10:29:49 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2011/06/29 10:29:49 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011/06/29 10:29:49 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011/06/29 10:29:49 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2011/06/29 00:07:35 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\Biggis-Wunderwelt 747
[2011/06/28 20:17:15 | 000,982,016 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2011/06/28 20:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belkin
[2011/06/28 20:06:22 | 000,000,000 | ---D | C] -- C:\Windows\{0D59735E-1DA7-4E6D-B1CC-44A4F59FD0FD}
[2011/06/28 19:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2011/06/28 18:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OZx
[2011/06/28 17:16:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/06/28 17:16:44 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/06/28 17:16:43 | 000,287,576 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/06/28 17:16:41 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/06/28 17:16:40 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/06/28 17:16:39 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/06/28 17:16:39 | 000,064,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/06/28 17:16:24 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/06/28 17:16:24 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/06/28 17:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/06/28 17:16:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/06/27 15:06:49 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\Unity
[2011/06/27 14:59:31 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\Unity
[2011/06/25 19:42:17 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\Ifly 737 AES config
[2011/06/25 17:04:03 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\gegl-0.1
[2011/06/25 17:04:03 | 000,000,000 | ---D | C] -- C:\Users\Thomas\.gimp-2.7
[2011/06/25 16:18:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Phantom
[2011/06/25 16:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Editor
[2011/06/25 16:07:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/06/25 16:06:53 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/06/25 16:06:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/06/25 16:06:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/06/25 15:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011/06/25 00:20:18 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/25 00:20:18 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/25 00:20:16 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/06/25 00:20:16 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/06/25 00:20:16 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/25 00:20:16 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/25 00:20:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/25 00:20:15 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/24 19:27:35 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\PMDG400X_PaintKit
[2011/06/24 19:23:49 | 000,237,056 | ---- | C] (MW Publishing) -- C:\Windows\SysWow64\mwgfx24.dll
[2011/06/24 19:23:49 | 000,191,488 | ---- | C] (MW Graphics) -- C:\Windows\SysWow64\mwgfx.dll
[2011/06/24 19:23:49 | 000,104,960 | ---- | C] (MW Graphics) -- C:\Windows\SysWow64\mwdds.dll
[2011/06/24 19:23:49 | 000,056,832 | ---- | C] (MW Graphics) -- C:\Windows\SysWow64\mwace.dll
[2011/06/24 19:23:49 | 000,028,672 | ---- | C] (MW Graphics) -- C:\Windows\SysWow64\mwgfxcopy.exe
[2011/06/24 19:23:49 | 000,000,000 | ---D | C] -- C:\Graphics
[2011/06/24 13:01:51 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/06/24 12:12:20 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/11 18:33:09 | 000,352,784 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\1450733.sys
[2011/06/11 18:33:09 | 000,157,712 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\14507331.sys
[2011/06/11 18:33:09 | 000,040,464 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\14507332.sys
[2011/06/11 17:16:24 | 000,305,152 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2011/06/11 16:55:17 | 000,000,000 | ---D | C] -- C:\Windows\{58DD9328-F612-41B7-8353-D3B190E70C7C}
[2011/06/07 16:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
 
========== Files - Modified Within 30 Days ==========
 
[2011/07/05 00:52:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/05 00:36:49 | 004,488,201 | ---- | M] (Krzysztof Kowalczyk) -- C:\Users\Thomas\Desktop\SumatraPDF-1.6-install.exe
[2011/07/05 00:25:09 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3793448899-3928903926-1007559840-1005UA.job
[2011/07/04 20:42:05 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/04 20:42:05 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/04 20:34:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/04 20:34:35 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/04 15:25:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3793448899-3928903926-1007559840-1005Core.job
[2011/07/04 14:33:37 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/04 14:33:37 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/07/04 14:33:37 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/04 14:33:37 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/07/04 14:33:37 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/04 01:10:17 | 000,002,011 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2011/07/04 00:10:58 | 000,001,242 | ---- | M] () -- C:\Users\Thomas\Desktop\Any Video Converter.lnk
[2011/07/03 13:22:16 | 000,002,516 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2011/07/02 21:23:07 | 000,025,109 | ---- | M] () -- C:\Users\Thomas\.recently-used.xbel
[2011/07/01 14:27:54 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011/06/30 09:52:38 | 000,001,307 | ---- | M] () -- C:\Users\Thomas\Desktop\Windows Live Movie Maker.lnk
[2011/06/30 09:44:22 | 000,000,020 | ---- | M] () -- C:\Windows\xö2
[2011/06/30 09:36:30 | 000,000,020 | ---- | M] () -- C:\Windows\Ôø¼
[2011/06/30 09:26:08 | 000,002,410 | ---- | M] () -- C:\Users\Thomas\Desktop\Google Chrome.lnk
[2011/06/29 22:59:07 | 000,000,949 | ---- | M] () -- C:\Users\Thomas\Desktop\Audacity.lnk
[2011/06/29 21:58:11 | 000,000,020 | ---- | M] () -- C:\Windows\,ôÅ
[2011/06/29 10:38:59 | 002,863,104 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/28 17:16:46 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/28 17:16:39 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/06/25 16:40:39 | 000,034,930 | ---- | M] () -- C:\Users\Thomas\AppData\Local\recently-used.xbel
[2011/06/25 15:45:22 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/06/25 15:32:21 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/24 19:23:49 | 000,001,688 | ---- | M] () -- C:\Users\Thomas\Desktop\DXTBmp.lnk
[2011/06/07 16:41:18 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/06 21:33:08 | 000,001,245 | ---- | M] () -- C:\Users\Thomas\Desktop\Free Studio.lnk
[2011/06/05 18:28:16 | 000,002,532 | ---- | M] () -- C:\Users\Public\Desktop\UT2 Power Pack.lnk
[2011/06/05 12:01:54 | 000,002,582 | ---- | M] () -- C:\Users\Public\Desktop\Ultimate Traffic 2.lnk
 
========== Files Created - No Company Name ==========
 
[2011/07/04 14:31:03 | 000,032,876 | ---- | C] () -- C:\Users\Thomas\Documents\Gottfried Keller - Biografie.odt
[2011/07/04 00:10:58 | 000,001,242 | ---- | C] () -- C:\Users\Thomas\Desktop\Any Video Converter.lnk
[2011/07/02 21:23:07 | 000,025,109 | ---- | C] () -- C:\Users\Thomas\.recently-used.xbel
[2011/07/01 14:27:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/06/30 18:05:06 | 000,002,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2011/06/30 09:52:38 | 000,001,307 | ---- | C] () -- C:\Users\Thomas\Desktop\Windows Live Movie Maker.lnk
[2011/06/30 09:44:42 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/06/30 09:44:31 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/06/30 09:44:22 | 000,000,020 | ---- | C] () -- C:\Windows\xö2
[2011/06/30 09:36:30 | 000,000,020 | ---- | C] () -- C:\Windows\Ôø¼
[2011/06/29 22:59:07 | 000,000,961 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2011/06/29 22:59:07 | 000,000,949 | ---- | C] () -- C:\Users\Thomas\Desktop\Audacity.lnk
[2011/06/29 21:58:10 | 000,000,020 | ---- | C] () -- C:\Windows\,ôÅ
[2011/06/28 17:16:46 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/25 16:40:39 | 000,034,930 | ---- | C] () -- C:\Users\Thomas\AppData\Local\recently-used.xbel
[2011/06/24 19:23:49 | 000,001,688 | ---- | C] () -- C:\Users\Thomas\Desktop\DXTBmp.lnk
[2011/06/11 17:16:24 | 000,013,931 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2011/06/07 16:41:18 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/06 21:33:08 | 000,001,245 | ---- | C] () -- C:\Users\Thomas\Desktop\Free Studio.lnk
[2011/06/05 18:28:16 | 000,002,532 | ---- | C] () -- C:\Users\Public\Desktop\UT2 Power Pack.lnk
[2011/04/22 10:07:08 | 000,007,605 | ---- | C] () -- C:\Users\Thomas\AppData\Local\Resmon.ResmonCfg
[2011/03/25 23:54:13 | 000,000,061 | -HS- | C] () -- C:\Windows\cnerolf.bin
[2011/03/16 18:33:30 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/16 18:33:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/16 18:33:30 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/16 18:33:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/16 18:33:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/02/06 14:19:13 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\A8247170B7.sys
[2011/02/06 14:13:39 | 000,002,516 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2011/02/06 11:37:12 | 000,005,018 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/12/09 11:42:56 | 000,001,614 | ---- | C] () -- C:\Windows\convert-settings.ini
[2010/11/16 22:47:08 | 000,010,240 | ---- | C] () -- C:\Users\Thomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/01 15:34:02 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/10/07 04:46:29 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/09/16 22:02:50 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009/10/26 21:06:06 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/01/16 02:15:58 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2007/06/05 14:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\SysWow64\PSIService.exe

< End of report >
Extras.txt
Code:
ATTFilter
OTL Extras logfile created on: 7/5/2011 1:06:29 AM - Run 4
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Thomas\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.34 Gb Total Space | 237.53 Gb Free Space | 52.51% Space Free | Partition Type: NTFS
Drive D: | 13.32 Gb Total Space | 1.64 Gb Free Space | 12.30% Space Free | Partition Type: NTFS
Drive G: | 3.76 Gb Total Space | 2.62 Gb Free Space | 69.87% Space Free | Partition Type: FAT32
 
Computer Name: THOMASPC | User Name: Thomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" File not found
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" File not found
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{320C16AB-135A-9E61-AB5E-D63E42B98881}" = ATI Catalyst Install Manager
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46AE421C-BF1B-4B62-BE0E-62FE09C6D5B5}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{74AB84F4-B88B-99A5-CC5F-BF61B61E4CDE}" = ccc-utility64
"{801A9B09-B378-D466-2AD6-F1C5C6B0E95D}" = ATI Problem Report Wizard
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88FD4472-F950-4083-A6FA-A829AC785B04}" = Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten
"{8DB42533-B801-53EE-A166-E13DBD7B0178}" = ATI AVIVO64 Codecs
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D7716C7E-75F1-4C51-A2D5-C6A1E8311D53}" = HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Unlocker" = Unlocker 1.9.0-x64
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{056A95C1-6E95-0CFA-5AEE-2CF2FBC9C00A}" = CCC Help French
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CCEC882-3113-7B2E-62E1-96890AB0FBD6}" = Catalyst Control Center Graphics Light
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F5E7FC8-3D49-47DA-9A51-6A8B4BE393B0}" = aerosoft's - Mega Airport Paris CDG X
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20372FAA-3AF4-4B3D-9B1D-564CDEA5957C}" = PMDG744X_GE_LH
"{21616BFC-B067-ACFD-4589-9D54D1B7A15F}" = Catalyst Control Center Localization All
"{22DA31EE-2DEA-4DB7-9301-3222F91826F7}" = PMDGMD11XF_PW_FXF
"{24896CE5-C99B-8FF1-FF40-ABC409397FA3}" = HydraVision
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{26B7F336-1369-49D6-8E4C-DC2C7BD65647}" = aerosoft's - German Airports 2-Leipzig X
"{26C215D3-D5B9-486C-8E61-A2E5B0B8D3F4}" = PMDGMD11X_PW_QF
"{2982FC17-1189-6FC9-DB39-857A3E5FD771}" = CCC Help Italian
"{2C55D2F6-E698-227A-82CD-D3F31C4643CE}" = CCC Help Danish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3B6F6E35-900C-4FE3-B2F6-067443353CD1}" = aerosoft's - Mega Airport Stockholm Arlanda X
"{3BB7B4D3-C534-4700-AA1B-B01A8EA5F27C}" = Aerosoft's - VFR Germany 2
"{3DAD565E-1275-4EE8-9568-932CB7B75FB8}" = aerosoft's - German Airports 3 - Berlin-Tegel X
"{403DDDA0-57D1-AAC6-5C54-88E33B9DE7E0}" = Catalyst Control Center HydraVision Full
"{415826DA-CC9C-4836-AFDB-E67104272C52}" = PMDGMD11X_PW_DL2
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{433974CD-9707-489F-8C06-DFFC23C65C68}" = PMDGMD11X_GE_KL
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AD88F13-61B9-386A-B007-2872F0C146C8}" = CCC Help Korean
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4CFCC6FD-AEA2-4208-99A6-45CBF9DFFD82}" = Real Environment Xtreme
"{4D89CDD6-80E8-C8A9-89A0-9384C866C30C}" = CCC Help Russian
"{4EE9A620-46A0-4BCF-82AC-950D2BBED982}" = Belkin Wireless USB Adapter Setup
"{4F2F0EC1-6F33-3627-E1C4-87EF876F84A6}" = CCC Help Czech
"{5112E5EF-17A7-FD83-927C-E44137661C6A}" = CCC Help Thai
"{5B862783-8949-B423-7786-8C2DDADF409A}" = CCC Help Swedish
"{5C8EF467-5933-BCCC-A219-59CF7612327A}" = Catalyst Control Center Graphics Previews Vista
"{61C6337D-EDF5-43F0-9E50-541A389070BD}" = Aerosoft's - VFR Germany 3
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{65E5B64C-A556-2C9E-CA7A-C402B3DCAC25}" = Catalyst Control Center Graphics Full New
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6758B364-96C0-4143-ABDF-8160F8A2AA0D}" = PMDG744X_PW_SQ
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6E4C2590-DF8C-C855-5FE9-CCF1A5F444A6}" = CCC Help English
"{70864384-DD19-44CB-A999-A917F32F623D}" = aerosoft's - Approaching Innsbruck X
"{70D78DCD-8369-4857-BFEF-021C9899DA75}" = PMDG744X_GE_AF
"{710473D1-1838-54D2-D446-B54474967D06}" = CCC Help Dutch
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Hilfe
"{7A782D80-1C63-4D19-AC7A-E39E63DFDE78}" = PMDG744X_GE_QF2
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7D182F01-0465-FD8F-59F4-6DC9BD64ED79}" = CCC Help Chinese Standard
"{7E34E4DF-26FA-46D0-BC0F-77CE6CF4CBC5}" = Aerosoft's - VFR Germany 1
"{80269974-19AA-8465-B55A-61446A075D3E}" = ccc-core-static
"{8233F99B-C4C2-44E9-8486-374E9B300BF2}" = aerosoft's - Mega Airport Madrid Barajas
"{833D97B9-AC16-45C1-AD44-0A32198956F8}" = Gimp Themes v1.0
"{8591DD66-01FD-4E5F-AAB7-71998FEA4FF8}" = PMDG744X_GE_O82
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{91FD430B-2B60-1D6B-7E14-F83F91635378}" = Catalyst Control Center InstallProxy
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{97C97546-024D-40E1-A16E-255C3BAAAC16}" = PMDGMD11X_GE_CO
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C979BC5-0B86-47A1-B6C1-6057297DB61C}" = PMDG744X_RR_BA
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A34BB90E-F0AF-58B2-8884-0708E16A5E3D}" = CCC Help Greek
"{A663BED9-978C-4A04-82A3-3029245055BE}" = Aerosoft's - F-16 Fighting Falcon
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC3A895F-8A4B-F340-0FE2-C0ECD7AE0E4B}" = CCC Help Hungarian
"{AD6C554F-5050-40B1-B84D-51D74A09C7E4}" = Aerosoft's - Mega Airport Budapest
"{ADF128B5-69E8-6F79-2643-ACF1FA8C5925}" = CCC Help Portuguese
"{AF6DFB71-D86A-9ED2-1883-45C7EEC0C6CD}" = CCC Help Spanish
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B6B1DA81-F781-FF6C-0E60-1248ACD29F27}" = CCC Help Japanese
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B97A0C89-29C0-4682-902C-364109A9857C}" = Belkin F6D4050 Enhanced Wireless USB Adapter
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5084F12-A5E6-4C34-B66F-0401589CF19B}" = PMDGMD11X_PW_CI
"{C5869150-CAA3-B29A-76E6-74DFFC92A848}" = CCC Help Norwegian
"{C72AF0FF-C3CB-8E57-10E8-E2C09FC7775F}" = CCC Help Chinese Traditional
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CED6EAB9-9FFD-44B2-939A-D77905AD35F3}" = PMDG_MD11_FSX
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D20A9F26-DB85-A6E7-D453-B13EF4090240}" = CCC Help Finnish
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4CF23EE-B0B6-4E5F-A335-8E63F8AFAC98}" = PMDG744X_GE_KL
"{D8CFEC4C-1F9F-D1E8-AE0F-9819B461A45C}" = Catalyst Control Center Graphics Full Existing
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAA73076-84A5-4141-A630-79380E48C9D0}" = aerosoft's - Mega Airport Lisbon X
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DEB42BC5-3922-4B3F-ED07-11868A89320A}" = CCC Help German
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}" = Microsoft Flight Simulator X Service Pack 2
"{EAB979F7-84A6-47B6-AB39-CA73A6EEAE69}" = PMDG744X_PW_UA3
"{ECE3EB63-6317-7F5E-5FFB-8A3F20CBD9D8}" = Catalyst Control Center Core Implementation
"{EDCEE320-0FB3-4197-9F86-8C1CCF2278FB}" = PMDG 747-400/400F for FSX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4B17F94-CF35-C084-D913-9272C7048B44}" = CCC Help Polish
"{F7016342-C196-44B1-AAC5-D7BA4708473E}" = Aerosoft's - VFR Germany 4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9D89717-868E-F925-33CE-207C0DBFC86D}" = CCC Help Turkish
"{FACF4134-520E-BD72-C32E-2562C91E61A3}" = Catalyst Control Center Graphics Previews Common
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface
"Any Video Converter_is1" = Any Video Converter 3.2.5
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"Avidemux 2.5" = Avidemux 2.5
"F1UT2" = Ultimate Traffic 2 - Service Pack
"F1UT2PP" = Ultimate Traffic 2 Power Pack
"FileZilla Client" = FileZilla Client 3.4.0
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Phantom" = Foxit Phantom
"Fraps" = Fraps (remove only)
"Free Studio_is1" = Free Studio version 5.0.10
"Free YouTube Download_is1" = Free YouTube Download version 2.10.38.602
"Grand Canyon & KGCN V2" = Grand Canyon & KGCN V2
"Icy Tower v1.5_is1" = Icy Tower v1.5
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{B97A0C89-29C0-4682-902C-364109A9857C}" = Belkin F6D4050 Enhanced Wireless USB Adapter
"IvAp-v2_is1" = IvAp v1.9.8 (build 2138)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Mozilla Thunderbird (3.1.11)" = Mozilla Thunderbird (3.1.11)
"Revo Uninstaller" = Revo Uninstaller 1.92
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"TeamViewer 6" = TeamViewer 6
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.10
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1C5E2C25-5095-4160-9CAC-DD731863EEFE}" = PMDGMD11XF_PW_5XF
"{2F4AF40B-433A-494E-BB41-816D113F32BA}" = aerosoft's - Mega Airport London Heathrow X
"{31AECBEB-BE18-4342-B8AA-DD18F2BAC5B5}" = aerosoft's - German Airports 2-Cologne-Bonn X
"{3DB1F8B4-96A5-45B8-9C50-CB5828A0B1C6}" = PMDGMD11X_GE_LH
"{60EC279D-3806-47FA-BE7E-C2C41D350647}" = PMDGMD11X_GE_AY1
"{93ACD680-40F5-4D37-BC07-52FD96AFDDCD}" = PMDGMD11XF_GE_LHF
"{ABB4DB59-0284-414D-9346-4992E1856E7F}" = PMDGMD11X_GE_AA
"{AF209F10-BD3A-4AA7-A485-845508D6C672}" = aerosoft's - German Airports 2-Hannover X
"{C1E2F394-F52F-41E9-8D97-1F89AD04147A}" = PMDGMD11X_PW_UA3
"{EA6E7823-9E5B-4EDD-9750-C3C87FDF0460}" = aerosoft's - German Airports 3 - Hamburg X
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 6/29/2011 3:55:05 PM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Thomas\Desktop\SoftonicDownloader_fuer_windows-live-movie-maker.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 6/29/2011 3:59:55 PM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Thomas\Desktop\SoftonicDownloader_fuer_windows-live-movie-maker.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 6/29/2011 4:01:36 PM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 6/29/2011 4:01:36 PM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 6/29/2011 4:01:44 PM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 6/29/2011 4:29:47 PM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 6/29/2011 4:29:49 PM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 6/29/2011 4:36:45 PM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 6/29/2011 4:59:24 PM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 6/30/2011 3:23:08 AM | Computer Name = ThomasPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MovieMaker.exe, Version: 15.4.3502.922,
 Zeitstempel: 0x4c9b0191  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7bafa  Ausnahmecode: 0xc06d007e  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0x89c  Startzeit der fehlerhaften Anwendung: 0x01cc36f68c21e4e0  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: ccf2c9d0-a2e9-11e0-81db-7071bc609175
 
[ Media Center Events ]
Error - 1/28/2011 9:58:58 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:58:53 - Fehler beim Herstellen der Internetverbindung.  14:58:53 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 1/29/2011 9:25:23 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:25:23 - Fehler beim Herstellen der Internetverbindung.  14:25:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 1/29/2011 9:25:59 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:25:52 - Fehler beim Herstellen der Internetverbindung.  14:25:52 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 1/30/2011 9:24:49 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:24:48 - Fehler beim Herstellen der Internetverbindung.  14:24:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 1/30/2011 9:25:23 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:25:18 - Fehler beim Herstellen der Internetverbindung.  14:25:18 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 1/31/2011 9:20:13 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:20:13 - Fehler beim Herstellen der Internetverbindung.  14:20:13 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 1/31/2011 9:20:46 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:20:42 - Fehler beim Herstellen der Internetverbindung.  14:20:42 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 2/1/2011 9:48:29 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:48:29 - Fehler beim Herstellen der Internetverbindung.  14:48:29 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 2/1/2011 9:49:02 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:48:58 - Fehler beim Herstellen der Internetverbindung.  14:48:58 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 2/15/2011 10:32:35 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 15:32:35 - MCESpotlight konnte nicht abgerufen werden (Fehler: Timeout
 für Vorgang überschritten)  
 
[ System Events ]
Error - 7/4/2011 5:16:59 AM | Computer Name = ThomasPC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.100  registriert werden. Der Computer mit IP-Adresse 192.168.2.102
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 7/4/2011 5:22:09 AM | Computer Name = ThomasPC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.100  registriert werden. Der Computer mit IP-Adresse 192.168.2.102
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 7/4/2011 5:27:19 AM | Computer Name = ThomasPC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.100  registriert werden. Der Computer mit IP-Adresse 192.168.2.102
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 7/4/2011 5:32:29 AM | Computer Name = ThomasPC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.100  registriert werden. Der Computer mit IP-Adresse 192.168.2.102
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 7/4/2011 5:37:39 AM | Computer Name = ThomasPC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.100  registriert werden. Der Computer mit IP-Adresse 192.168.2.102
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 7/4/2011 5:42:49 AM | Computer Name = ThomasPC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.100  registriert werden. Der Computer mit IP-Adresse 192.168.2.102
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 7/4/2011 8:59:38 AM | Computer Name = ThomasPC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
 
Error - 7/4/2011 8:59:38 AM | Computer Name = ThomasPC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
 
Error - 7/4/2011 8:59:39 AM | Computer Name = ThomasPC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
 
Error - 7/4/2011 2:34:47 PM | Computer Name = ThomasPC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TrueVector Internet Monitor" wurde aufgrund folgenden 
Fehlers nicht gestartet:   %%2
 
 
< End of report >
__________________
Gruß,
Thomas

 

Themen zu Seltsame Dateien in C:\Windows
7-zip, akamai, antivirus, autorun, bho, c:\windows\system32\rundll32.exe, converter, desktop, error, fehler, firefox, flash player, format, home, ip-adresse, kaspersky, locker, logfile, mbamservice.exe, mozilla, mozilla thunderbird, mp3, nodrives, plug-in, programm, realtek, registry, revo uninstaller, richtlinie, rundll, scan, security, shell32.dll, shortcut, software, start menu, syswow64, teamspeak, thomas, tower, visual studio, windows


« PC überprüfen | Ist die datei clean ? »


Ähnliche Themen: Seltsame Dateien in C:\Windows


  1. Windows 7 - Seltsame Verbindungen und Kontaktierungen
    Log-Analyse und Auswertung - 12.03.2015 (8)
  2. Windows 8.1: Seltsame Browser Redirects und Popups
    Log-Analyse und Auswertung - 08.05.2014 (12)
  3. Win 7 - AVG entdeckt Virus - *.sys dateien im windows ordner- Nach Löschung entstehen neue befallene Dateien
    Plagegeister aller Art und deren Bekämpfung - 14.09.2013 (13)
  4. Proxy Einstellungen verändert, seltsame Dateien - Befall möglich? (OTL & Malwarebyte Logs)
    Log-Analyse und Auswertung - 01.10.2012 (5)
  5. Einfrieren, Bluescreens, Umleiten auf andere Webseiten, Seltsame Dateien und Benutzerkonten u.v.m.
    Log-Analyse und Auswertung - 15.12.2011 (19)
  6. Seltsame Dateien die leer sind, sonst keine Funde von vielen Scannern
    Plagegeister aller Art und deren Bekämpfung - 09.11.2011 (37)
  7. Seltsame RAR Dateien gefunden (Benutzername+Geburtstag)
    Plagegeister aller Art und deren Bekämpfung - 21.07.2010 (3)
  8. seltsame Dateien unter c:\windows
    Alles rund um Windows - 25.06.2010 (6)
  9. Computer vollgemüllt, langsam, seltsame dateien
    Log-Analyse und Auswertung - 02.03.2010 (2)
  10. seltsame Aktionen beim Ausführen von *.bat-Dateien
    Plagegeister aller Art und deren Bekämpfung - 24.06.2009 (6)
  11. seltsame .tmp Dateien im Windows/Temp/ Verzeichnis zum Teil mit IP Listen
    Log-Analyse und Auswertung - 03.03.2009 (0)
  12. Seltsame Dateien im Tempordner - gefährlich oder nicht?
    Plagegeister aller Art und deren Bekämpfung - 09.01.2009 (7)
  13. seltsame exe dateien auf ganzem pc verstreut
    Plagegeister aller Art und deren Bekämpfung - 28.01.2007 (1)
  14. habe seltsame Dateien - und keine Ahnung!!
    Plagegeister aller Art und deren Bekämpfung - 11.12.2006 (2)
  15. Seltsame Dateien
    Plagegeister aller Art und deren Bekämpfung - 08.04.2005 (5)
  16. Dialer und seltsame Dateien
    Plagegeister aller Art und deren Bekämpfung - 18.03.2005 (16)
  17. Pc langsam seltsame dateien logauswertung
    Log-Analyse und Auswertung - 12.12.2004 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Seltsame Dateien in C:\Windows - Nabend. Mir sind heute in C:\Windows seltsame Dateinamen aufgefallen, wo ich einfach nachfragen wollte. Die Dateien sind xö2, Ôø¼, 4÷O und ,ôÅ Anbei noch ein OTL Log: OTL.txt Code: Alles - Seltsame Dateien in C:\Windows...
Archiv
Du betrachtest: Seltsame Dateien in C:\Windows auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19