50 Euro Trojaner

Morpheus64

Servus,
habe das gleiche Problem wie viele andere im moment auch anbei Logfile von OTL...wäre cool wenn mir jemand helfen könnte.

nerOTL logfile created on: 03.01.2012 17:40:03 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Mor_pheus\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 64,76% Memory free
4,84 Gb Paging File | 3,77 Gb Available in Paging File | 77,90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 44,18 Gb Total Space | 29,94 Gb Free Space | 67,77% Space Free | Partition Type: NTFS
Drive D: | 253,91 Gb Total Space | 123,25 Gb Free Space | 48,54% Space Free | Partition Type: NTFS

Computer Name: MORPHEUS | User Name: Mor_pheus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Dokumente und Einstellungen\Mor_pheus\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe ()
PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Core Temp.exe ()
PRC - C:\Programme\Everything\Everything.exe ()
PRC - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\RocketDock\RocketDock.exe ()
PRC - C:\mysql\bin\mysqld-nt.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Programme\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe ()
MOD - C:\Programme\Yuna Software\Messenger Plus!\Detoured.dll ()
MOD - C:\WINDOWS\system32\AnyDiscHelp.dll ()
MOD - C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Core Temp.exe ()
MOD - C:\Programme\Everything\Everything.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Programme\RocketDock\RocketDock.exe ()
MOD - C:\Programme\RocketDock\RocketDock.dll ()
MOD - C:\mysql\bin\mysqld-nt.exe ()


========== Win32 Services (SafeList) ==========

SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SXDS10) -- C:\Programme\Gemeinsame Dateien\soft Xpansion\sxds10.exe (soft Xpansion)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (Fabs) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Professional Business 2009.SP1b\RpcAgentSrv.exe (SiSoftware)
SRV - (O&O Defrag) -- C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MySQL) -- C:\mysql\bin\mysqld-nt.exe ()


========== Driver Services (SafeList) ==========

DRV - (ALSysIO) -- File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH)
DRV - (hotcore3) -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys (Paragon Software Group)
DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (cmuda3) -- C:\WINDOWS\system32\drivers\cmudax3.sys (C-Media Inc)
DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Professional Business 2009.SP1b\WNt500x86\sandra.sys (SiSoftware)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (acehlp10) -- C:\WINDOWS\system32\drivers\acehlp10.sys (Protect Software GmbH)
DRV - (acedrv10) -- C:\WINDOWS\system32\drivers\ACEDRV10.sys (Protect Software GmbH)
DRV - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s115mgmt.sys (MCCI Corporation)
DRV - (s115obex) -- C:\WINDOWS\system32\drivers\s115obex.sys (MCCI Corporation)
DRV - (s115mdm) -- C:\WINDOWS\system32\drivers\s115mdm.sys (MCCI Corporation)
DRV - (s115mdfl) -- C:\WINDOWS\system32\drivers\s115mdfl.sys (MCCI Corporation)
DRV - (s115bus) Sony Ericsson Device 115 driver (WDM) -- C:\WINDOWS\system32\drivers\s115bus.sys (MCCI Corporation)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (ElbyCDFL) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (cmpci) C-Media PCI Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\cmaudio.sys (C-Media Inc)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Programme\VDownloader\Addons\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.07.18 11:43:13 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Reloader] C:\WINDOWS\NiwradSoft Shell Pack\Tools\Reloader.exe (NiwradSoft)
O4 - HKCU..\Run: [Core Temp] C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Core Temp.exe ()
O4 - HKCU..\Run: [RocketDock] C:\Programme\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BackupNoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67106895
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 5
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1291480886421 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1799347-4244-4312-A5A2-6FE44B44909D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TU2011\WinStyler\tu_logonui.exe) -C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TU2011\WinStyler\tu_logonui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Mor_pheus\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Mor_pheus\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.04 17:22:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.01.03 17:13:29 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.01.03 17:03:22 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Mor_pheus\Desktop\OTL.exe
[2012.01.02 17:30:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2011.12.31 09:19:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mor_pheus\Desktop\Neuer Ordner
[2011.12.28 10:57:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Bilder bearbeitet
[2011.12.28 10:55:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mor_pheus\Desktop\Neuer Ordner (2)
[2011.12.23 16:12:20 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Mor_pheus\Recent
[2011.12.15 17:40:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011.11.19 13:30:36 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.01.03 17:03:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Mor_pheus\Desktop\OTL.exe
[2012.01.03 16:43:08 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.03 16:41:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.03 16:41:15 | 000,662,946 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2011.12.31 09:12:55 | 000,144,384 | ---- | M] () -- C:\Dokumente und Einstellungen\Mor_pheus\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.31 09:12:55 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.12.30 15:01:36 | 733,452,288 | ---- | M] () -- C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Alvin und die Chipmunks 2-xvid.avi
[2011.12.29 12:11:25 | 000,047,175 | ---- | M] () -- C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Konto_1490202206-Auszug_2011_015_pdf.pdf
[2011.12.28 12:43:21 | 000,000,100 | ---- | M] () -- C:\WINDOWS\OODCNT.INI
[2011.12.20 11:15:12 | 000,000,225 | RHS- | M] () -- C:\boot.ini
[2011.12.16 06:18:40 | 000,385,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.12 17:07:44 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.12.30 15:01:23 | 733,452,288 | ---- | C] () -- C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Alvin und die Chipmunks 2-xvid.avi
[2011.12.29 12:11:25 | 000,047,175 | ---- | C] () -- C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Konto_1490202206-Auszug_2011_015_pdf.pdf
[2011.12.20 11:09:22 | 000,001,970 | ---- | C] () -- C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Windows-Standard.tbs
[2011.11.19 13:30:38 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011.11.19 13:30:35 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.11.19 13:30:35 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.11.19 13:30:35 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.10.24 15:19:31 | 000,000,162 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.07.16 14:39:58 | 000,787,416 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.07.13 10:26:48 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2011.07.09 08:33:07 | 000,000,039 | ---- | C] () -- C:\WINDOWS\MB.ini
[2011.03.04 08:13:29 | 001,395,579 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-57989841-789336058-839522115-1003-0.dat
[2011.03.04 08:13:29 | 000,340,850 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011.02.07 19:56:50 | 000,000,306 | ---- | C] () -- C:\WINDOWS\gttb64.ini
[2011.01.11 13:44:57 | 008,101,888 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.mda
[2011.01.10 20:17:28 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\advd.dll
[2011.01.10 20:17:28 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll
[2011.01.10 20:17:28 | 000,012,782 | ---- | C] () -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\unins000.msg
[2011.01.10 20:17:27 | 000,559,104 | ---- | C] () -- C:\WINDOWS\System32\lame.exe
[2011.01.10 20:17:27 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011.01.10 20:17:26 | 000,709,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\unins000.exe
[2011.01.10 20:17:26 | 000,007,473 | ---- | C] () -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\unins000.dat
[2011.01.07 18:58:16 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\AnyDiscHelp.dll
[2011.01.07 18:52:25 | 000,000,123 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2010.12.20 17:51:26 | 000,153,600 | ---- | C] () -- C:\WINDOWS\System32\AI_ContextMenu.dll
[2010.12.18 00:50:42 | 000,000,167 | ---- | C] () -- C:\WINDOWS\ringtonemaker.INI
[2010.12.18 00:36:11 | 000,007,119 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2010.12.11 13:18:41 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.06 19:59:12 | 000,000,100 | ---- | C] () -- C:\WINDOWS\OODCNT.INI
[2010.12.06 19:46:40 | 000,708,432 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2010.12.06 19:46:40 | 000,106,724 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2010.12.06 18:16:51 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2010.12.04 18:09:43 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010.12.04 18:09:16 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfl
[2010.12.04 18:08:58 | 000,001,480 | R--- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfg
[2010.12.04 18:08:57 | 000,002,421 | R--- | C] () -- C:\WINDOWS\cmudax3.ini
[2010.12.04 18:02:15 | 000,000,101 | ---- | C] () -- C:\WINDOWS\CMMIXER.INI
[2010.12.04 18:00:31 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2010.12.04 17:39:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.12.04 17:32:17 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010.12.04 17:28:31 | 000,144,384 | ---- | C] () -- C:\Dokumente und Einstellungen\Mor_pheus\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.04 17:24:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.12.04 17:19:01 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.12.04 17:11:14 | 000,004,359 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.12.04 17:09:59 | 000,385,608 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.02.11 05:12:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.02.11 05:12:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.01.12 21:18:18 | 000,556,491 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010.01.12 21:18:16 | 004,507,983 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010.01.12 21:18:10 | 000,877,385 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2010.01.12 21:18:08 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010.01.11 08:24:40 | 000,001,665 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2010.01.01 01:00:00 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2009.10.24 21:15:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\FKStampPainter20.dll
[2009.10.09 16:18:42 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC8.dll
[2009.10.09 16:16:16 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC8.dll
[2009.10.09 16:15:54 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC8.dll
[2009.04.23 23:29:16 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008.05.26 21:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 21:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 21:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008.05.26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008.05.26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2004.08.04 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.04 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.04 13:00:00 | 000,517,200 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004.08.04 13:00:00 | 000,472,866 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.04 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.04 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004.08.04 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.04 13:00:00 | 000,100,572 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004.08.04 13:00:00 | 000,075,960 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.04 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.04 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004.08.04 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.04 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.04 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.04 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.04 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002.11.19 15:46:20 | 000,039,104 | ---- | C] () -- C:\WINDOWS\cmijack.dat
[2002.11.19 15:43:38 | 000,022,178 | ---- | C] () -- C:\WINDOWS\cmaudio.dat
[2002.03.17 01:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000023.DLL
[2001.12.12 12:41:36 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\W32btstp.dll
[2001.12.12 12:41:36 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\W32btxlt.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2011.05.12 12:03:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AllMyMovies
[2011.07.03 08:57:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve
[2011.05.25 08:35:23 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2010.12.06 20:12:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2011.08.07 08:34:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EXPLAUNCHER
[2011.07.09 08:31:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fun communications
[2011.02.12 14:27:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2010.12.06 18:43:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus!
[2010.12.18 13:18:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2011.01.07 19:14:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2011.08.09 16:25:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\soft Xpansion
[2011.11.19 13:16:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer
[2011.05.20 10:13:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Teleca
[2011.12.13 13:17:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.12.06 17:19:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2011.02.12 14:23:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2011.11.01 10:32:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\xml_param
[2010.12.06 17:17:00 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.03.14 11:05:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\aicon
[2011.01.07 18:46:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\AnvSoft
[2011.07.17 08:20:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\Ashampoo
[2012.01.02 19:48:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\BitTorrent
[2011.07.09 09:23:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\Buhl Data Service GmbH
[2011.01.10 20:17:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\concept design
[2011.01.16 15:41:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.01.10 20:18:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\Franzis
[2011.04.24 09:51:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\GetRightToGo
[2011.02.12 14:06:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\gtk-2.0
[2011.06.21 08:18:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\gtopala
[2011.02.12 14:27:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\MAGIX
[2010.12.11 09:45:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\Mp3tag
[2011.05.12 05:34:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\Obsidium
[2010.12.18 13:21:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\PC Suite
[2011.05.20 10:24:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\Teleca
[2010.12.06 17:17:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\TuneUp Software
[2011.02.12 14:29:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\Ulead Systems
[2011.06.13 08:50:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\Windows Desktop Search
[2011.06.13 08:51:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\Windows Search
[2010.12.06 20:13:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Mor_pheus\Anwendungsdaten\Zeon

========== Purity Check ==========



========== Custom Scans ==========


< OTL logfile created on: 03.01.2012 17:36:01 - Run 2 >

< OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Mor_pheus\Desktop >

< Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation >

< Internet Explorer (Version = 8.0.6001.18702) >

< Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy >

< >

< 3,00 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 66,93% Memory free >

< 4,84 Gb Paging File | 3,82 Gb Available in Paging File | 78,88% Paging File free >

< Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] >

< >

< %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme >

< Drive C: | 44,18 Gb Total Space | 29,94 Gb Free Space | 67,77% Space Free | Partition Type: NTFS >

< Drive D: | 253,91 Gb Total Space | 123,25 Gb Free Space | 48,54% Space Free | Partition Type: NTFS >

< >

< Computer Name: MORPHEUS | User Name: Mor_pheus | Logged in as Administrator. >

< Boot Mode: Normal | Scan Mode: Current user >

< Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days >

< >

< ========== Processes (SafeList) ========== >
Invalid Switch: color]


< >

< PRC - C:\Dokumente und Einstellungen\Mor_pheus\Desktop\OTL.exe (OldTimer Tools) >

< PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) >

< PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) >

< PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) >

< PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) >

< PRC - C:\Programme\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe () >

< PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software) >

< PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) >

< PRC - C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Core Temp.exe () >

< PRC - C:\Programme\Everything\Everything.exe () >

< PRC - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) >

< PRC - C:\WINDOWS\system32\oodag.exe (O&O Software GmbH) >

< PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) >

< PRC - C:\Programme\RocketDock\RocketDock.exe () >

< PRC - C:\mysql\bin\mysqld-nt.exe () >

< >

< >

< ========== Modules (No Company Name) ========== >
Invalid Switch: color]


< >

< MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll () >

< MOD - C:\Programme\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe () >

< MOD - C:\Programme\Yuna Software\Messenger Plus!\Detoured.dll () >

< MOD - C:\WINDOWS\system32\AnyDiscHelp.dll () >

< MOD - C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Core Temp.exe () >

< MOD - C:\Programme\Everything\Everything.exe () >

< MOD - C:\WINDOWS\system32\msdmo.dll () >

< MOD - C:\Programme\RocketDock\RocketDock.exe () >

< MOD - C:\Programme\RocketDock\RocketDock.dll () >

< MOD - C:\mysql\bin\mysqld-nt.exe () >

< >

< >

< ========== Win32 Services (SafeList) ========== >
Invalid Switch: color]


< >

< SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) >

< SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) >

< SRV - (SXDS10) -- C:\Programme\Gemeinsame Dateien\soft Xpansion\sxds10.exe (soft Xpansion) >

< SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) >

< SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software) >

< SRV - (Fabs) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) >

< SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Professional Business 2009.SP1b\RpcAgentSrv.exe (SiSoftware) >

< SRV - (O&O Defrag) -- C:\WINDOWS\system32\oodag.exe (O&O Software GmbH) >

< SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) >

< SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG) >

< SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) >

< SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) >

< SRV - (MySQL) -- C:\mysql\bin\mysqld-nt.exe () >

< >

< >

< ========== Driver Services (SafeList) ========== >
Invalid Switch: color]


< >

< DRV - (ALSysIO) -- File not found >

< DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) >

< DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) >

< DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH) >

< DRV - (hotcore3) -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys (Paragon Software Group) >

< DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.) >

< DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software) >

< DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) >

< DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) >

< DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) >

< DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.) >

< DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative) >

< DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) >

< DRV - (cmuda3) -- C:\WINDOWS\system32\drivers\cmudax3.sys (C-Media Inc) >

< DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Professional Business 2009.SP1b\WNt500x86\sandra.sys (SiSoftware) >

< DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) >

< DRV - (acehlp10) -- C:\WINDOWS\system32\drivers\acehlp10.sys (Protect Software GmbH) >

< DRV - (acedrv10) -- C:\WINDOWS\system32\drivers\ACEDRV10.sys (Protect Software GmbH) >

< DRV - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s115mgmt.sys (MCCI Corporation) >

< DRV - (s115obex) -- C:\WINDOWS\system32\drivers\s115obex.sys (MCCI Corporation) >

< DRV - (s115mdm) -- C:\WINDOWS\system32\drivers\s115mdm.sys (MCCI Corporation) >

< DRV - (s115mdfl) -- C:\WINDOWS\system32\drivers\s115mdfl.sys (MCCI Corporation) >

< DRV - (s115bus) Sony Ericsson Device 115 driver (WDM) -- C:\WINDOWS\system32\drivers\s115bus.sys (MCCI Corporation) >

< DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices) >

< DRV - (ElbyCDFL) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys (SlySoft, Inc.) >

< DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation) >
Invalid Switch: C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)


< DRV - (cmpci) C-Media PCI Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\cmaudio.sys (C-Media Inc) >

< DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys () >

< >

< >

< ========== Standard Registry (SafeList) ========== >
Invalid Switch: color]


< >

< >

< ========== Internet Explorer ========== >
Invalid Switch: color]


< >

< >

< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ >
Invalid Switch:


< IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 >

< >

< FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) >
Invalid Switch: DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)


< FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) >
Invalid Switch: DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)


< FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) >
Invalid Switch: JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)


< FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) >
Invalid Switch: NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)


< FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) >
Invalid Switch: WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)


< FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: File not found >
Invalid Switch: VDownloader: File not found


< >

< FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Programme\VDownloader\Addons\FireFox >

< FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.07.18 11:43:13 | 000,000,000 | ---D | M] >

< >

< >

< O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts >

< O1 - Hosts: 127.0.0.1 localhost >

< O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) >

< O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) >

< O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. >

< O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) >

< O4 - HKLM..\Run: [Reloader] C:\WINDOWS\NiwradSoft Shell Pack\Tools\Reloader.exe (NiwradSoft) >

< O4 - HKCU..\Run: [Core Temp] C:\Dokumente und Einstellungen\Mor_pheus\Eigene Dateien\Core Temp.exe () >

< O4 - HKCU..\Run: [RocketDock] C:\Programme\RocketDock\RocketDock.exe () >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BackupNoCDBurning = 0 >

< O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present >

< O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present >

< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153 >

< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1 >

< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67106895 >

< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data] >

< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = [binary data] >

< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 5 >

< O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) >
Invalid Switch: ieawsdc32.cab (Microsoft Office Template and Media Control)


< O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1291480886421 (MUWebControl Class) >
Invalid Switch: muweb_site.cab?1291480886421 (MUWebControl Class)


< O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) >
Invalid Switch: OnlineScanner.cab (OnlineScanner Control)


< O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) >
Invalid Switch: jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)


< O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) >
Invalid Switch: jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)


< O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) >
Invalid Switch: jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)


< O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) >
Invalid Switch: swflash.cab (Shockwave Flash Object)


< O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.) >
Invalid Switch: GarminAxControl.CAB (Reg Error: Key error.)


< O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 >

< O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1799347-4244-4312-A5A2-6FE44B44909D}: DhcpNameServer = 192.168.1.1 >

< O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) >

< O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) >

< O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) >

< O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) >

< O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) >
Invalid Switch: xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)


< O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) >

< O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) >

< O20 - HKLM Winlogon: UIHost - (C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TU2011\WinStyler\tu_logonui.exe) -C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TU2011\WinStyler\tu_logonui.exe (Microsoft Corporation) >

< O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) >

< O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home >

< O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Mor_pheus\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp >

< O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Mor_pheus\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp >

< O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) >

< O32 - HKLM CDRom: AutoRun - 1 >

< O32 - AutoRun File - [2010.12.04 17:22:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] >

< O34 - HKLM BootExecute: (autocheck autochk *) >

< O34 - HKLM BootExecute: (OODBS) >

< O35 - HKLM\..comfile [open] -- "%1" %* >

< O35 - HKLM\..exefile [open] -- "%1" %* >

< O37 - HKLM\...com [@ = comfile] -- "%1" %* >

< O37 - HKLM\...exe [@ = exefile] -- "%1" %* >

< >

< ========== Files/Folders - Created Within 30 Days ========== >
Invalid Switch: color]


< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 163 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:FB1B13D8
@Alternate Data Stream - 121 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:F17F235A

< End of report >