Aus Sicherheitsgründen wurde ihr System blockiert!

Karusa · 21.12.2011, 03:54

Moin,

meine Freundin hat es auch erwischt.

Hilfe bitte.

MfG Karusa

kira · 21.12.2011, 06:05

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

Zitat:

Wenn ein System kompromittiert wurde, ist das System nicht mehr vertrauenswürdig
Eine Neuinstallation garantiert die rückstandsfreie Entfernung der Infektion - Lesestoff: "Hilfe: Ich wurde das Opfer eines Hackerangriffs. Was soll ich tun?" - Säubern eines gefährdeten Systems

Falls du doch für die Systemreinigung entscheidest - Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst::

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

2.
die Trusted-Zone Einträge (015) sind von dir also absichtlich zur vertrauenswürdigen Zone zugefügt?

Zitat:

O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)

3.
sind Dir bekannte *.wma Dateien? unter:

Zitat:

[2011.12.17 23:01:52 | 000,124,096 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (24).wma.sfk
[2011.12.17 13:42:34 | 001,096,043 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (24).wma

und noch viele andere...

4.
nicht empfohlen, ich würde deinstallieren (Magnet für Malware) :
unter `Systemsteuerung/Programme

Code:

ATTFilter

SweetIM

5.

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360710z506pe455x1k5w45k1t250
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360710z506pe455x1k5w45k1t250
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360710z506pe455x1k5w45k1t250
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360710z506pe455x1k5w45k1t250
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360710z506pe455x1k5w45k1t250
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKCU\..\URLSearchHook: {b106b661-3e1b-4015-af5c-195e909f35c6} - No CLSID value found
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2801937&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2801937&SearchSource=13"
FF - prefs.js..keyword.URL: "http://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
[2011.03.21 16:45:22 | 000,000,915 | ---- | M] () -- C:\Users\viola\AppData\Roaming\Mozilla\Firefox\Profiles\b64oyy79.default\searchplugins\conduit.xml
[2011.10.05 21:45:24 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.05 21:45:24 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B106B661-3E1B-4015-AF5C-195E909F35C6} - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4 - HKCU..\Run: [Userinit] C:\Users\viola\AppData\Roaming\appconf32.exe File not found
O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} http://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab (Aosmgr Control)

:Commands
[purity]
[emptytemp]
[resethosts]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

6.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

7.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
kira

Karusa · 21.12.2011, 18:35

Zu 2. sind entfernt.
Zu 3. das sind ihre Weihnacht's Geschichten.
Zu 4. ist deinstalliert.

12212011_164258:

Code:

ATTFilter

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b106b661-3e1b-4015-af5c-195e909f35c6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b106b661-3e1b-4015-af5c-195e909f35c6}\ not found.
Prefs.js: "Yahoo" removed from browser.search.defaultenginename
Prefs.js: "NCH DE Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801937&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=937811&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: "Yahoo" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.conduit.com/?ctid=CT2801937&SearchSource=13" removed from browser.startup.homepage
Prefs.js: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" removed from keyword.URL
C:\Users\viola\AppData\Roaming\Mozilla\Firefox\Profiles\b64oyy79.default\searchplugins\conduit.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B106B661-3E1B-4015-AF5C-195E909F35C6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B106B661-3E1B-4015-AF5C-195E909F35C6}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Userinit not found.
Starting removal of ActiveX control {063F7D71-5E0B-48F2-87D5-F63C5917947E}
C:\Windows\Downloaded Program Files\aosmgr.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{063F7D71-5E0B-48F2-87D5-F63C5917947E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{063F7D71-5E0B-48F2-87D5-F63C5917947E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{063F7D71-5E0B-48F2-87D5-F63C5917947E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{063F7D71-5E0B-48F2-87D5-F63C5917947E}\ not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: viola
->Temp folder emptied: 573504 bytes
->Temporary Internet Files folder emptied: 4598828 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 622332116 bytes
->Google Chrome cache emptied: 6942913 bytes
->Flash cache emptied: 470 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5185539 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes
RecycleBin emptied: 35182169 bytes
 
Total Files Cleaned = 644,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 12212011_164258

Files\Folders moved on Reboot...
C:\Users\viola\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

OTL:

Code:

ATTFilter

OTL logfile created on: 21.12.2011 18:51:47 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\viola\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,98 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 67,36% Memory free
5,97 Gb Paging File | 5,01 Gb Available in Paging File | 83,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,45 Gb Total Space | 190,76 Gb Free Space | 41,61% Space Free | Partition Type: NTFS
Drive D: | 458,96 Gb Total Space | 343,57 Gb Free Space | 74,86% Space Free | Partition Type: NTFS
 
Computer Name: VIOLA-PC | User Name: viola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.21 03:04:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\viola\Desktop\OTL.exe
PRC - [2011.12.12 23:20:56 | 003,305,760 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\viola\AppData\Local\Akamai\netsession_win.exe
PRC - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.09.20 14:34:58 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009.08.12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.09.20 14:34:58 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.08.10 14:23:36 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.06.15 10:10:00 | 000,382,976 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\SysNative\yk62x64.dll -- (yksvc)
SRV:64bit: - [2009.06.03 14:54:40 | 000,660,640 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\atwtusb.exe -- (WTService)
SRV - [2011.12.13 23:00:51 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.10 14:31:08 | 002,027,840 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.08.10 14:23:30 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.11.15 02:40:03 | 000,827,884 | ---- | M] (                                                                                                    ) [Auto | Stopped] -- C:\Windows\SysWOW64\regw2.exe -- (FLEXnet Licensing Manager)
SRV - [2010.06.17 22:50:00 | 003,890,920 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.09.10 14:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.08.25 18:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.08.12 23:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.09.06 22:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.09.06 22:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.09.06 22:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.09.06 22:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.09.06 22:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.09.06 22:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.07.08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.19 11:39:00 | 000,107,096 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:64bit: - [2010.09.13 06:01:00 | 000,182,872 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:64bit: - [2010.07.23 23:21:58 | 000,421,248 | ---- | M] (Illusion & Hope. Porting to AMD64 by Sergey Sakharov.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\BT848.sys -- (BT848) Conexant's BtPCI WDM Video Capture (AMD64)
DRV:64bit: - [2010.07.21 16:26:16 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.03.08 03:37:00 | 000,097,368 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2BthF.sys -- (Mkd2Bthf)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.13 22:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.15 10:10:00 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.11 06:34:38 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.02 12:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.02 12:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.02 12:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.06 00:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 00:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009.05.04 17:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.04.17 02:18:26 | 000,007,808 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\walvhid.sys -- (vhidmini)
DRV:64bit: - [2009.03.08 18:16:14 | 000,007,680 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\moufiltr.sys -- (moufiltr)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (Blbemsl)
DRV - [2005.01.04 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
DRV - [2001.05.23 09:42:52 | 000,012,084 | ---- | M] (Aiptek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\UTBLFILT.sys -- (utblfilt)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\viola\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.param.yahoo-fr: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.18 23:04:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.09 13:53:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.27 22:49:37 | 000,000,000 | ---D | M]
 
[2010.08.01 23:53:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\viola\AppData\Roaming\mozilla\Extensions
[2011.12.14 23:28:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\viola\AppData\Roaming\mozilla\Firefox\Profiles\b64oyy79.default\extensions
[2011.11.11 02:50:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\viola\AppData\Roaming\mozilla\Firefox\Profiles\b64oyy79.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.11.10 15:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\VIOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B64OYY79.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.11.09 13:53:58 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.09.27 22:49:28 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.05 21:45:24 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.05 21:45:24 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.05 21:45:24 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.05 21:45:24 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2011.12.21 17:24:50 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [MacroKeyManager] C:\Windows\SysNative\WTMKM.exe ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\viola\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.246.64.8 62.220.18.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F37B7DCE-B643-4119-BDBD-08154AA81C6F}: DhcpNameServer = 89.246.64.8 62.220.18.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.21 18:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.12.21 18:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.12.21 18:34:33 | 003,562,624 | ---- | C] (Piriform Ltd) -- C:\Users\viola\Desktop\ccsetup314.exe
[2011.12.21 13:35:30 | 000,000,000 | ---D | C] -- C:\Users\viola\AppData\Roaming\Malwarebytes
[2011.12.21 13:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.21 13:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.21 13:35:24 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.21 13:35:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.12.21 13:34:47 | 009,852,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\viola\Desktop\mbam-setup-1.51.2.1300.exe
[2011.12.21 03:08:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.12.21 03:06:49 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\viola\Desktop\OTL.exe
[2011.12.21 01:42:58 | 000,000,000 | ---D | C] -- C:\Users\viola\AppData\Roaming\Opera
[2011.12.15 21:07:08 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.15 21:07:08 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.15 21:07:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.15 21:07:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.15 21:07:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.15 21:07:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.15 21:07:05 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.15 21:07:05 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.15 21:07:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.15 21:07:04 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.15 21:07:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.15 17:26:53 | 000,000,000 | ---D | C] -- C:\Users\viola\Desktop\Neuer Ordner
[2011.12.15 16:09:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.15 16:09:37 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.15 16:09:36 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.12.14 18:58:58 | 000,000,000 | ---D | C] -- C:\Users\viola\AppData\Local\DDMSettings
[2011.11.23 05:55:42 | 000,000,000 | ---D | C] -- C:\Users\viola\AppData\Roaming\NVIDIA
[2010.11.15 02:40:03 | 000,827,884 | ---- | C] (                                                                                                    ) -- C:\Windows\SysWow64\regw2.exe
[2009.10.12 12:24:23 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.21 18:50:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.21 18:50:30 | 2403,237,888 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.21 18:35:57 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.21 18:35:57 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.21 17:24:50 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011.12.21 16:23:16 | 003,562,624 | ---- | M] (Piriform Ltd) -- C:\Users\viola\Desktop\ccsetup314.exe
[2011.12.21 13:29:16 | 009,852,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\viola\Desktop\mbam-setup-1.51.2.1300.exe
[2011.12.21 03:23:13 | 000,000,020 | ---- | M] () -- C:\Users\viola\defogger_reenable
[2011.12.21 03:21:48 | 000,050,477 | ---- | M] () -- C:\Users\viola\Desktop\Defogger.exe
[2011.12.21 03:10:29 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.21 03:10:29 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.21 03:10:29 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.21 03:10:29 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.21 03:10:29 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.21 03:04:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\viola\Desktop\OTL.exe
[2011.12.19 14:17:25 | 000,006,086 | ---- | M] () -- C:\Users\viola\Documents\wichteln.rtf
[2011.12.18 09:49:13 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.12.17 23:01:52 | 000,124,096 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (24).wma.sfk
[2011.12.17 23:01:52 | 000,104,832 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (10).wma.sfk
[2011.12.17 23:01:52 | 000,103,040 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (23).wma.sfk
[2011.12.17 23:01:52 | 000,080,448 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (8).wma.sfk
[2011.12.17 23:01:52 | 000,078,720 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (4).wma.sfk
[2011.12.17 23:01:52 | 000,062,720 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (3).wma.sfk
[2011.12.17 23:01:52 | 000,061,568 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (18).wma.sfk
[2011.12.17 23:01:52 | 000,060,928 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (20).wma.sfk
[2011.12.17 23:01:52 | 000,055,744 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (22).wma.sfk
[2011.12.17 23:01:52 | 000,050,496 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (13).wma.sfk
[2011.12.17 23:01:52 | 000,047,744 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (21).wma.sfk
[2011.12.17 23:01:52 | 000,042,048 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (11).wma.sfk
[2011.12.17 23:01:52 | 000,034,432 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (6).wma.sfk
[2011.12.17 23:01:52 | 000,032,256 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (16).wma.sfk
[2011.12.17 23:01:52 | 000,028,160 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (5).wma.sfk
[2011.12.17 23:01:52 | 000,027,664 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (15).wma.sfk
[2011.12.17 23:01:52 | 000,019,664 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (17).wma.sfk
[2011.12.17 23:01:52 | 000,012,352 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (19).wma.sfk
[2011.12.17 23:01:52 | 000,012,160 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (7).wma.sfk
[2011.12.17 23:01:52 | 000,011,664 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (9).wma.sfk
[2011.12.17 23:01:52 | 000,008,640 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (12).wma.sfk
[2011.12.17 23:01:52 | 000,008,192 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (14).wma.sfk
[2011.12.17 13:45:37 | 000,037,824 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (2).wma.sfk
[2011.12.17 13:45:15 | 000,054,720 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt.wma.sfk
[2011.12.17 13:42:34 | 001,096,043 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (24).wma
[2011.12.17 13:40:59 | 000,911,953 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (23).wma
[2011.12.17 13:39:40 | 000,498,873 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (22).wma
[2011.12.17 13:38:50 | 000,427,033 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (21).wma
[2011.12.17 13:38:10 | 000,539,283 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (20).wma
[2011.12.17 13:37:18 | 000,117,223 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (19).wma
[2011.12.17 13:37:01 | 000,548,263 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (18).wma
[2011.12.17 13:36:06 | 000,180,083 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (17).wma
[2011.12.17 13:35:33 | 000,287,843 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (16).wma
[2011.12.17 13:35:06 | 000,247,433 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (15).wma
[2011.12.17 13:34:18 | 000,076,813 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (14).wma
[2011.12.17 13:33:53 | 000,449,483 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (13).wma
[2011.12.17 13:33:12 | 000,081,303 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (12).wma
[2011.12.17 13:32:56 | 000,377,643 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (11).wma
[2011.12.17 13:32:21 | 000,925,423 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (10).wma
[2011.12.17 13:31:01 | 000,108,243 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (9).wma
[2011.12.17 13:30:42 | 000,714,393 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (8).wma
[2011.12.17 13:29:40 | 000,112,733 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (7).wma
[2011.12.17 13:29:22 | 000,310,293 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (6).wma
[2011.12.17 13:28:51 | 000,251,923 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (5).wma
[2011.12.17 13:28:25 | 000,696,433 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (4).wma
[2011.12.17 13:27:17 | 000,557,243 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (3).wma
[2011.12.17 13:26:22 | 000,337,233 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt (2).wma
[2011.12.17 13:25:22 | 000,485,403 | ---- | M] () -- C:\Users\viola\Documents\Unbenannt.wma
[2011.12.17 01:32:54 | 000,010,309 | ---- | M] () -- C:\Users\viola\Documents\zinnsoldat.rtf
[2011.12.16 10:16:43 | 000,368,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.07 20:56:08 | 000,134,824 | ---- | M] () -- C:\Users\viola\Desktop\Ch-running.jpg
[2011.12.05 16:30:33 | 000,066,565 | ---- | M] () -- C:\Users\viola\Desktop\schneefl2.jpg
[2011.12.05 16:30:18 | 000,075,496 | ---- | M] () -- C:\Users\viola\Desktop\schneefl.jpg
[2011.11.29 03:19:39 | 000,058,893 | ---- | M] () -- C:\Users\viola\Desktop\manga-haende-14.jpg
[2011.11.28 19:43:01 | 000,008,592 | ---- | M] () -- C:\Users\viola\Documents\weihnachten mit hindernissen.rtf
[2011.11.28 19:18:41 | 000,032,444 | ---- | M] () -- C:\Users\viola\Desktop\event.jpg
[2011.11.27 19:07:07 | 000,184,330 | ---- | M] () -- C:\Users\viola\Desktop\go.png
[2011.11.26 18:23:48 | 000,605,513 | ---- | M] () -- C:\Users\viola\Desktop\rekrutment.png
[2011.11.26 16:26:41 | 000,670,807 | ---- | M] () -- C:\Users\viola\Desktop\rearecruts.png
[2011.11.25 23:13:19 | 000,182,280 | ---- | M] () -- C:\Users\viola\Desktop\reabanner.png
[2011.11.24 23:40:03 | 000,002,340 | ---- | M] () -- C:\Users\viola\Desktop\weihnachtsgeschichte - Verknüpfung.lnk
 
========== Files Created - No Company Name ==========
 
[2011.12.21 03:23:12 | 000,000,020 | ---- | C] () -- C:\Users\viola\defogger_reenable
[2011.12.21 03:22:56 | 000,050,477 | ---- | C] () -- C:\Users\viola\Desktop\Defogger.exe
[2011.12.18 09:49:13 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.12.17 13:47:38 | 000,124,096 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (24).wma.sfk
[2011.12.17 13:47:34 | 000,103,040 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (23).wma.sfk
[2011.12.17 13:47:31 | 000,055,744 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (22).wma.sfk
[2011.12.17 13:47:26 | 000,047,744 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (21).wma.sfk
[2011.12.17 13:47:19 | 000,060,928 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (20).wma.sfk
[2011.12.17 13:47:15 | 000,012,352 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (19).wma.sfk
[2011.12.17 13:47:11 | 000,061,568 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (18).wma.sfk
[2011.12.17 13:47:07 | 000,019,664 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (17).wma.sfk
[2011.12.17 13:47:02 | 000,032,256 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (16).wma.sfk
[2011.12.17 13:46:59 | 000,027,664 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (15).wma.sfk
[2011.12.17 13:46:55 | 000,008,192 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (14).wma.sfk
[2011.12.17 13:46:51 | 000,050,496 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (13).wma.sfk
[2011.12.17 13:46:46 | 000,008,640 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (12).wma.sfk
[2011.12.17 13:46:39 | 000,042,048 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (11).wma.sfk
[2011.12.17 13:46:34 | 000,104,832 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (10).wma.sfk
[2011.12.17 13:46:30 | 000,011,664 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (9).wma.sfk
[2011.12.17 13:46:27 | 000,080,448 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (8).wma.sfk
[2011.12.17 13:46:23 | 000,012,160 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (7).wma.sfk
[2011.12.17 13:46:20 | 000,034,432 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (6).wma.sfk
[2011.12.17 13:46:16 | 000,028,160 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (5).wma.sfk
[2011.12.17 13:46:12 | 000,078,720 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (4).wma.sfk
[2011.12.17 13:46:08 | 000,062,720 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (3).wma.sfk
[2011.12.17 13:45:21 | 000,037,824 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (2).wma.sfk
[2011.12.17 13:45:09 | 000,054,720 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt.wma.sfk
[2011.12.17 13:42:34 | 001,096,043 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (24).wma
[2011.12.17 13:40:59 | 000,911,953 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (23).wma
[2011.12.17 13:39:40 | 000,498,873 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (22).wma
[2011.12.17 13:38:50 | 000,427,033 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (21).wma
[2011.12.17 13:38:10 | 000,539,283 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (20).wma
[2011.12.17 13:37:18 | 000,117,223 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (19).wma
[2011.12.17 13:37:01 | 000,548,263 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (18).wma
[2011.12.17 13:36:06 | 000,180,083 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (17).wma
[2011.12.17 13:35:33 | 000,287,843 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (16).wma
[2011.12.17 13:35:06 | 000,247,433 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (15).wma
[2011.12.17 13:34:18 | 000,076,813 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (14).wma
[2011.12.17 13:33:53 | 000,449,483 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (13).wma
[2011.12.17 13:33:11 | 000,081,303 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (12).wma
[2011.12.17 13:32:56 | 000,377,643 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (11).wma
[2011.12.17 13:32:21 | 000,925,423 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (10).wma
[2011.12.17 13:31:01 | 000,108,243 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (9).wma
[2011.12.17 13:30:42 | 000,714,393 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (8).wma
[2011.12.17 13:29:40 | 000,112,733 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (7).wma
[2011.12.17 13:29:22 | 000,310,293 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (6).wma
[2011.12.17 13:28:51 | 000,251,923 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (5).wma
[2011.12.17 13:28:24 | 000,696,433 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (4).wma
[2011.12.17 13:27:17 | 000,557,243 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (3).wma
[2011.12.17 13:26:22 | 000,337,233 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt (2).wma
[2011.12.17 13:25:22 | 000,485,403 | ---- | C] () -- C:\Users\viola\Documents\Unbenannt.wma
[2011.12.17 01:32:54 | 000,010,309 | ---- | C] () -- C:\Users\viola\Documents\zinnsoldat.rtf
[2011.12.16 21:05:11 | 000,006,086 | ---- | C] () -- C:\Users\viola\Documents\wichteln.rtf
[2011.12.07 20:56:07 | 000,134,824 | ---- | C] () -- C:\Users\viola\Desktop\Ch-running.jpg
[2011.12.05 16:30:33 | 000,066,565 | ---- | C] () -- C:\Users\viola\Desktop\schneefl2.jpg
[2011.12.05 16:30:18 | 000,075,496 | ---- | C] () -- C:\Users\viola\Desktop\schneefl.jpg
[2011.11.29 03:19:37 | 000,058,893 | ---- | C] () -- C:\Users\viola\Desktop\manga-haende-14.jpg
[2011.11.28 19:43:01 | 000,008,592 | ---- | C] () -- C:\Users\viola\Documents\weihnachten mit hindernissen.rtf
[2011.11.28 19:18:41 | 000,032,444 | ---- | C] () -- C:\Users\viola\Desktop\event.jpg
[2011.11.27 19:07:06 | 000,184,330 | ---- | C] () -- C:\Users\viola\Desktop\go.png
[2011.11.26 18:23:48 | 000,605,513 | ---- | C] () -- C:\Users\viola\Desktop\rekrutment.png
[2011.11.26 16:26:40 | 000,670,807 | ---- | C] () -- C:\Users\viola\Desktop\rearecruts.png
[2011.11.25 23:13:19 | 000,182,280 | ---- | C] () -- C:\Users\viola\Desktop\reabanner.png
[2011.11.22 00:52:20 | 000,002,340 | ---- | C] () -- C:\Users\viola\Desktop\weihnachtsgeschichte - Verknüpfung.lnk
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.07.25 19:14:31 | 000,159,881 | ---- | C] () -- C:\Windows\ScanWiz Uninstaller.exe
[2011.07.24 10:50:24 | 000,151,552 | ---- | C] () -- C:\Windows\UnUSBDrv.exe
[2011.03.05 05:30:46 | 000,000,038 | -HS- | C] () -- C:\Windows\camcodec100.ini
[2011.03.05 05:30:46 | 000,000,028 | -HS- | C] () -- C:\Windows\lagarith.ini
[2011.03.05 05:30:05 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011.01.03 17:19:24 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2010.12.04 18:42:41 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.11.07 11:55:25 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010.08.25 18:43:39 | 000,003,202 | ---- | C] () -- C:\Windows\SysWow64\CONFIG.INI
[2010.08.25 13:25:58 | 000,000,114 | ---- | C] () -- C:\Windows\wininit.ini
[2010.08.23 18:58:09 | 000,000,008 | ---- | C] () -- C:\Users\viola\AppData\Roaming\DofusAppId0_1
[2010.08.23 18:33:50 | 000,000,173 | ---- | C] () -- C:\Users\viola\AppData\Roaming\D2Info0
[2010.08.23 18:33:50 | 000,000,008 | ---- | C] () -- C:\Users\viola\AppData\Roaming\DofusAppId0_2
[2010.07.23 23:06:56 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\HCWxds.dll
[2010.07.23 19:29:29 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\dmcrypto.dll
[2010.07.23 16:27:52 | 000,030,327 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.07.23 16:27:37 | 000,000,507 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.07.23 16:27:37 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.07.23 16:27:28 | 000,142,337 | ---- | C] () -- C:\Windows\SysWow64\Wait.exe
[2009.10.12 12:11:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.10 15:33:44 | 000,127,648 | ---- | C] () -- C:\Windows\RmTablet.exe
 
========== LOP Check ==========
 
[2010.08.06 14:45:36 | 000,000,000 | -HSD | M] -- C:\Users\viola\AppData\Roaming\.#
[2010.08.23 18:58:13 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\app
[2011.03.04 17:47:19 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Audio Record Edit Toolbox
[2011.03.04 17:42:40 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Audio Recorder for Free 2010
[2010.11.19 08:12:55 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\BitTorrent
[2010.07.21 16:55:59 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\DAEMON Tools Lite
[2010.08.23 19:23:41 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Dofus 2
[2010.08.23 18:33:50 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.08.23 18:58:09 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011.11.28 20:08:19 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\FileZilla
[2010.08.06 14:45:12 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\GameConsole
[2011.11.12 11:25:46 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\kock
[2011.09.20 17:20:23 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\LolClient
[2011.04.07 10:13:14 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\NCH Swift Sound
[2011.11.08 11:31:28 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\OpenOffice.org
[2011.12.21 01:42:58 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Opera
[2011.03.12 02:12:40 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\PlayFirst
[2010.07.21 13:29:04 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\PowerCinema
[2011.02.11 22:03:03 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\PriceGong
[2010.11.07 11:56:17 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Publish Providers
[2010.08.23 18:58:13 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011.07.25 19:12:38 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Scan2PDF
[2010.07.21 13:29:15 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\SoftDMA
[2011.02.24 20:55:29 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Sony
[2010.11.15 02:50:41 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\Sony Creative Software Inc
[2010.07.23 22:48:39 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\TeamViewer
[2011.11.23 12:16:45 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\TS3Client
[2011.06.30 11:10:16 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\TuneUp Software
[2011.11.12 11:25:47 | 000,000,000 | ---D | M] -- C:\Users\viola\AppData\Roaming\xmldm
[2011.11.14 14:40:31 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:888AFB86

< End of report >

Extra:

Code:

ATTFilter

OTL Extras logfile created on: 21.12.2011 18:51:47 - Run 3
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\viola\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,98 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 67,36% Memory free
5,97 Gb Paging File | 5,01 Gb Available in Paging File | 83,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,45 Gb Total Space | 190,76 Gb Free Space | 41,61% Space Free | Partition Type: NTFS
Drive D: | 458,96 Gb Total Space | 343,57 Gb Free Space | 74,86% Space Free | Partition Type: NTFS
 
Computer Name: VIOLA-PC | User Name: viola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1F9241E8-87C1-FB9C-5D76-3FF7D0318A87}" = ATI Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"LSI Soft Modem" = LSI PCI-SV92PP Soft Modem
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E9C6F05-A8E5-482F-B7D5-78943BCC6073}" = Ragnarok
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}" = Vegas Movie Studio HD Platinum 10.0
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0 SP1
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.7 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = v2011.build.46
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{ccb6b889-f9d9-45fd-8a78-2a4f2e599441}" = Nero 9 Essentials
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FEEA1915-314F-4406-8BCF-B11412BE936F}" = RagnarokOnline
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AhnLab Online Security" = AhnLab Online Security
"Akamai" = Akamai NetSession Interface Service
"AutocompletePro3_is1" = AutocompletePro
"avast" = avast! Free Antivirus
"Bishoujo Senshi Sailor Moon_is1" = Bishoujo Senshi Sailor Moon
"DivX Setup" = DivX-Setup
"FileZilla Client" = FileZilla Client 3.5.1
"Final Fantasy VII" = Final Fantasy VII
"Fraps" = Fraps (remove only)
"Grand Fantasia" = Grand Fantasia
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
"MacroX" = MacroX 3.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Neffy" = Neffy 1,3,29,0
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Scan2PDF_is1" = Scan2PDF 1.6
"ScanWiz" = ScanWiz
"Super C_is1" = Super C
"Switch" = Switch Audiodatei-Konverter
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VLC media player" = VLC media player 1.1.11
"VueScan" = VueScan
"WavePad" = WavePad Audiobearbeitungs-Software
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"SOE-DC Universe Online Live" = DC Universe Online Live
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 02.12.2011 00:32:02 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 02.12.2011 00:32:02 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 02.12.2011 00:32:02 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 02.12.2011 00:32:02 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 03.12.2011 02:56:13 | Computer Name = viola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: soffice.bin, Version: 3.3.9556.500,
 Zeitstempel: 0x4d061efd  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7ba58  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0007377a  ID des fehlerhaften
 Prozesses: 0xab0  Startzeit der fehlerhaften Anwendung: 0x01ccb1889f29f44c  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: e34d4903-1d7b-11e1-bd2f-90fba64b2e81
 
Error - 03.12.2011 04:07:58 | Computer Name = viola-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 03.12.2011 04:08:23 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 03.12.2011 04:08:23 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 03.12.2011 04:08:24 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 03.12.2011 04:08:24 | Computer Name = viola-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ Media Center Events ]
Error - 28.07.2010 08:15:31 | Computer Name = viola-PC | Source = MCUpdate | ID = 0
Description = 14:15:26 - Fehler beim Herstellen der Internetverbindung.  14:15:26 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 21.12.2011 11:23:26 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TuneUpUtilitiesDrv" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%2
 
Error - 21.12.2011 11:42:58 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 21.12.2011 13:28:34 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Conexant's BtPCI WDM Video Capture (AMD64)" wurde aufgrund
 folgenden Fehlers nicht gestartet:   %%577
 
Error - 21.12.2011 13:28:34 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "FLEXnet Licensing Manager for Adobe Products" wurde aufgrund
 folgenden Fehlers nicht gestartet:   %%2
 
Error - 21.12.2011 13:28:46 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TuneUpUtilitiesDrv" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%2
 
Error - 21.12.2011 13:39:15 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 21.12.2011 13:50:39 | Computer Name = viola-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?12.?2011 um 18:49:30 unerwartet heruntergefahren.
 
Error - 21.12.2011 13:50:48 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Conexant's BtPCI WDM Video Capture (AMD64)" wurde aufgrund
 folgenden Fehlers nicht gestartet:   %%577
 
Error - 21.12.2011 13:50:48 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "FLEXnet Licensing Manager for Adobe Products" wurde aufgrund
 folgenden Fehlers nicht gestartet:   %%2
 
Error - 21.12.2011 13:50:57 | Computer Name = viola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TuneUpUtilitiesDrv" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%2
 
 
< End of report >

Hab alles gemacht wie beschrieben.
Das Problem besteht weiterhin!

Karusa · 21.12.2011, 19:42

Install:

Code:

ATTFilter

Acer Arcade Deluxe	CyberLink Corp.	29.03.2010	103,3MB	3.2.6929
Acer Backup Manager	NewTech Infosystems	11.10.2009	226MB	2.0.2.19
Acer eRecovery Management	Acer Incorporated	11.10.2009		4.05.3005
Acer GameZone Console	Oberon Media, Inc.	11.10.2009		5.1.0.2
Acer Registration	Acer Incorporated	29.03.2010		1.02.3006
Acer ScreenSaver	Acer Incorporated	29.03.2010		1.1.0812
Acer Updater	Acer Incorporated	11.10.2009		1.01.3017
Acrobat.com	Adobe Systems Incorporated	11.10.2009	1,61MB	1.6.65
Adobe AIR	Adobe Systems Inc.	22.08.2010		2.0.3.13070
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	08.11.2011	6,00MB	10.3.183.10
Adobe Flash Player 11 Plugin 64-bit	Adobe Systems Incorporated	14.11.2011	6,00MB	11.1.102.55
Adobe Photoshop CS	Adobe Systems, Inc.	20.07.2010		CS
Adobe Reader 9.4.7 MUI	Adobe Systems Incorporated	17.12.2011	656MB	9.4.7
Adobe Shockwave Player 11.5	Adobe Systems, Inc.	13.10.2010		11.5.8.612
AhnLab Online Security	AhnLab, Inc	02.01.2011		
Akamai NetSession Interface		18.12.2011		
Akamai NetSession Interface Service		02.11.2011		
ATI Catalyst Install Manager	ATI Technologies, Inc.	29.03.2010	18,2MB	3.0.732.0
AutocompletePro		03.03.2011	0,81MB	
avast! Free Antivirus	AVAST Software	18.11.2011		6.0.1289.0
Bishoujo Senshi Sailor Moon	GameFabrique	12.03.2011		
CCleaner	Piriform	20.12.2011		3.14
Compatibility Pack für 2007 Office System	Microsoft Corporation	14.12.2011	113,2MB	12.0.6425.1000
DC Universe Online Live	Sony Online Entertainment	09.11.2011		
DivX-Setup	DivX, LLC	17.11.2011		2.6.0.34
FileZilla Client 3.5.1	FileZilla Project	08.10.2011	8,81MB	3.5.1
Final Fantasy VII		12.03.2011		
Fraps (remove only)		25.10.2010		
Grand Fantasia		22.02.2011		
Hotkey Utility	Acer Incorporated	29.03.2010		1.00.3004
Identity Card	Acer Incorporated	29.03.2010		1.00.3002
Java 2 Runtime Environment, SE v1.4.2	Sun Microsystems, Inc.	24.10.2010	78,5MB	1.4.2
Java(TM) 6 Update 22	Oracle	07.11.2011	97,1MB	6.0.220
Java(TM) 6 Update 26	Oracle	26.09.2011	94,9MB	6.0.260
League of Legends	Riot Games	19.09.2011		1.02.0000
LSI PCI-SV92PP Soft Modem	LSI Corporation	11.10.2009	16,00KB	2.2.95
MacroKey Manager		05.04.2011		
MacroX 3.1	Uhrzeit.org	01.01.2011		3.1
Malwarebytes' Anti-Malware Version 1.51.2.1300	Malwarebytes Corporation	20.12.2011	13,8MB	1.51.2.1300
Microsoft .NET Compact Framework 2.0 SP1	Microsoft Corporation	06.11.2010	91,0MB	2.0.6129
Microsoft Office File Validation Add-In	Microsoft Corporation	15.09.2011	7,95MB	14.0.5130.5003
Microsoft Office FrontPage 2003	Microsoft Corporation	15.09.2011	321MB	11.0.8173.0
Microsoft Office Language Pack 2007 - German/Deutsch	Microsoft Corporation	21.07.2010		12.0.6425.1000
Microsoft Office Professional Edition 2003	Microsoft Corporation	14.12.2011	704MB	11.0.8173.0
Microsoft Office Suite Activation Assistant	Microsoft Corporation	11.10.2009	8,37MB	2.9
Microsoft Silverlight	Microsoft Corporation	12.10.2011	188,3MB	4.0.60831.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	29.03.2010	1,72MB	3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053	Microsoft Corporation	06.04.2011	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	15.06.2011	0,29MB	8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	05.04.2011	0,68MB	8.0.61000
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175	Microsoft Corporation	24.04.2011	0,57MB	8.0.51011
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148	Microsoft Corporation	28.02.2011	0,21MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570	Microsoft Corporation	24.04.2011	0,77MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	24.04.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	26.02.2011	0,77MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148	Microsoft Corporation	07.11.2011	0,23MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	15.06.2011	0,77MB	9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	Microsoft Corporation	23.07.2011	1,42MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	20.07.2010	0,23MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	20.07.2010	0,58MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	15.06.2011	0,59MB	9.0.30729.6161
Microsoft Works	Microsoft Corporation	15.12.2010	1.043MB	9.7.0621
Mozilla Firefox 8.0 (x86 de)	Mozilla	08.11.2011	35,5MB	8.0
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	22.07.2010	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	22.07.2010	1,33MB	4.20.9876.0
MyWinLocker	Egis Technology Inc.	11.10.2009	47,9MB	3.1.76.0
Neffy 1,3,29,0	CDNetworks	04.08.2010		1,3,29,0
Nero 9 Essentials	Nero AG	11.10.2009		
NVIDIA 3D Vision Controller-Treiber 285.62	NVIDIA Corporation	18.11.2011		285.62
NVIDIA 3D Vision Treiber 285.62	NVIDIA Corporation	18.11.2011		285.62
NVIDIA Grafiktreiber 285.62	NVIDIA Corporation	18.11.2011		285.62
NVIDIA HD-Audiotreiber 1.2.24.0	NVIDIA Corporation	18.11.2011		1.2.24.0
NVIDIA PhysX-Systemsoftware 9.11.0621	NVIDIA Corporation	18.11.2011		9.11.0621
NVIDIA Update 1.5.20	NVIDIA Corporation	18.11.2011		1.5.20
OpenOffice.org 3.3	OpenOffice.org	07.11.2011	408MB	3.3.9567
Pando Media Booster	Pando Networks Inc.	19.09.2011	5,47MB	2.3.6.0
PMB	Sony Corporation	04.03.2011	259MB	5.2.00.03250
Ragnarok	Gravity	18.08.2010		12
RagnarokOnline	Gravity	20.07.2010		13.1.0000
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	11.10.2009		6.0.1.5898
Scan2PDF 1.6	Koma-Code	24.07.2011		
ScanWiz	Softi Software	24.07.2011		2.20
Super C	DotNes	20.07.2010		
Switch Audiodatei-Konverter	NCH Software	30.03.2011		
TeamSpeak 2 RC2	Dominating Bytes Design	20.07.2010		2.0.32.60
TeamSpeak 3 Client	TeamSpeak Systems GmbH	26.02.2011		
v2011.build.46	eRightSoft	04.03.2011	25,1MB	v2011.build.46
Vegas Movie Studio HD Platinum 10.0	Sony	23.02.2011	282MB	10.0.179
VLC media player 1.1.11	VideoLAN	23.07.2011		1.1.11
VueScan		23.07.2011		
WavePad Audiobearbeitungs-Software	NCH Software	30.03.2011		
Windows Live Anmelde-Assistent	Microsoft Corporation	29.03.2010	1,94MB	5.000.818.5
Windows Live Essentials	Microsoft Corporation	21.12.2010		14.0.8117.0416
Windows Live Sync	Microsoft Corporation	21.12.2010	2,79MB	14.0.8117.416
Windows Live-Uploadtool	Microsoft Corporation	29.03.2010	0,22MB	14.0.8014.1029
WinRAR		14.08.2010		
YouTube Downloader 3.4	BienneSoft	04.11.2011