Bekomme immer wieder eine Meldung das Mein Windowssystem geblockt wird!

Quantumboy

Hallo ich bekomme immer wieder eine Meldung das Mein Windowssystem geblockt wird. Und ich müsse mir ein Update kaufen damit mein PC wieder funktioniert! Ich kann zwar eine Zeitlang auf meinen Desktop zugreifen aber sobald ich alle meine Startprogramme schließe kommt ein schwarzer Hintergrund und es steht geschriebn das ich bezahlen soll!

Ich habe jetzt schon eine Weile in euren Foren gestöbert und habe das OTL heruntergeladen und dies auch so ausgeführt wie ihr es im Forum gepostet habt, und dies sind meine Ergebnisse ich hoffe ihr könnt damit schon was anfangen und wenn nicht mir irgendwie helfen.

OTL Extras logfile created on: 07.01.2012 18:46:59 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bernhard\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

3,19 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 63,54% Memory free
6,37 Gb Paging File | 4,89 Gb Available in Paging File | 76,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 359,35 Gb Free Space | 77,15% Space Free | Partition Type: NTFS
Drive D: | 5,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 931,51 Gb Total Space | 743,91 Gb Free Space | 79,86% Space Free | Partition Type: NTFS

Computer Name: BERNHARD-PC | User Name: Bernhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01F703BB-2D85-4748-A4E2-8103713F8AAE}" = Clones
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{13F59927-CFBE-44D1-8417-7203AD4F1795}" = Gothic 3
"{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = WN111v2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{434D0FA0-AB8C-497F-B30A-7A1000038201}" = DiRT 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{50E4FCC7-90B9-48C6-9D17-7AE66F282878}" = Juiced2_HIN
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FBC9407-713D-4B8A-98D2-57210DA56049}" = MSN Toolbar
"{90840407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{ACC9AC0E-8B6E-4393-AF52-E43CF31BA7AC}" = Trickshot
"{BA1F2D65-B22F-47C7-A3D0-A7827DF20272}_is1" = ArcaniA - Fall of Setarrif
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.217
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"3dcarp2_demo_is1" = 3dcarp2_demo
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo WinOptimizer 2010 Advanced_is1" = Ashampoo WinOptimizer 2010 Advanced
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"Google Chrome" = Google Chrome
"InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = RangeMax Wireless-N USB Adapter WN111v2
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 32800" = The Lord of the Rings: War in the North
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player 1.0.3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"gamealarm-DEFAULT" = Game Alarm
"sc12-AT_MAIN" = Ski Challenge 12 (AT)
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 03.01.2012 09:04:46 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =

Error - 03.01.2012 09:43:24 | Computer Name = Bernhard-PC | Source = Application Hang | ID = 1002
Description = Programm bf3.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: fe0 Startzeit:
01ccca1ac39c51da Endzeit: 144 Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield
3\bf3.exe Berichts-ID:

Error - 03.01.2012 12:26:05 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =

Error - 03.01.2012 17:31:05 | Computer Name = Bernhard-PC | Source = Application Hang | ID = 1002
Description = Programm bf3.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: e44 Startzeit:
01ccca587fa792fc Endzeit: 211 Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield
3\bf3.exe Berichts-ID:

Error - 04.01.2012 07:45:33 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =

Error - 05.01.2012 13:45:55 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =

Error - 07.01.2012 12:01:59 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =

Error - 07.01.2012 12:04:42 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =

Error - 07.01.2012 12:14:13 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =

Error - 07.01.2012 13:21:31 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 07.01.2012 12:00:34 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 07.01.2012 12:00:34 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 07.01.2012 12:02:49 | Computer Name = Bernhard-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error - 07.01.2012 12:04:24 | Computer Name = Bernhard-PC | Source = DCOM | ID = 10000
Description =

Error - 07.01.2012 12:12:28 | Computer Name = Bernhard-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?07.?01.?2012 um 17:10:49 unerwartet heruntergefahren.

Error - 07.01.2012 12:12:20 | Computer Name = Bernhard-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error - 07.01.2012 12:17:13 | Computer Name = Bernhard-PC | Source = DCOM | ID = 10000
Description =

Error - 07.01.2012 13:19:52 | Computer Name = Bernhard-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?07.?01.?2012 um 18:18:20 unerwartet heruntergefahren.

Error - 07.01.2012 13:19:39 | Computer Name = Bernhard-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error - 07.01.2012 13:19:59 | Computer Name = Bernhard-PC | Source = DCOM | ID = 10000
Description =


< End of report >
und das hier ist der 2 Report:

OTL logfile created on: 07.01.2012 18:46:59 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bernhard\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

3,19 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 63,54% Memory free
6,37 Gb Paging File | 4,89 Gb Available in Paging File | 76,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 359,35 Gb Free Space | 77,15% Space Free | Partition Type: NTFS
Drive D: | 5,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 931,51 Gb Total Space | 743,91 Gb Free Space | 79,86% Space Free | Partition Type: NTFS

Computer Name: BERNHARD-PC | User Name: Bernhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Bernhard\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Users\Bernhard\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
PRC - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-52.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-50.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-52.dll ()
MOD - C:\Users\Bernhard\AppData\Local\MediaGet2\QtWebKit4.dll ()
MOD - C:\Users\Bernhard\AppData\Local\MediaGet2\libvlccore.dll ()
MOD - C:\Users\Bernhard\AppData\Local\MediaGet2\libvlc.dll ()
MOD - C:\Users\Bernhard\AppData\Local\MediaGet2\QtGui4.dll ()
MOD - C:\Users\Bernhard\AppData\Local\MediaGet2\QtCore4.dll ()
MOD - C:\Users\Bernhard\AppData\Local\MediaGet2\QtNetwork4.dll ()
MOD - C:\Users\Bernhard\AppData\Local\MediaGet2\QtXml4.dll ()
MOD - C:\Users\Bernhard\AppData\Local\MediaGet2\imageformats\qmng4.dll ()
MOD - C:\Users\Bernhard\AppData\Local\MediaGet2\imageformats\qjpeg4.dll ()
MOD - C:\Users\Bernhard\AppData\Local\MediaGet2\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()


========== Win32 Services (SafeList) ==========

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe (mst software GmbH, Germany)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (jswpsapi) -- C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe (Atheros Communications, Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (WN111v2) -- C:\Windows\SysNative\drivers\WN111v2w7x.sys (Atheros Communications, Inc.)
DRV:64bit: - (pwdrvio) -- C:\Windows\SysNative\pwdrvio.sys ()
DRV:64bit: - (pwdspio) -- C:\Windows\SysNative\pwdspio.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (xnacc) -- C:\Windows\SysNative\drivers\xnacc.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (JSWPSLWF) -- C:\Windows\SysNative\drivers\jswpslwfx.sys (Atheros Communications, Inc.)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\drivers\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (PCAMp50a64) -- C:\Windows\SysNative\drivers\PCAMp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (PCASp50a64) -- C:\Windows\SysNative\drivers\PCASp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (JSWPSLWF) -- C:\Windows\SysWOW64\drivers\jswpslwfx.sys (Atheros Communications, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9C B8 EE FE 6D 53 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.07 17:19:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.01 16:07:00 | 000,000,000 | ---D | M]

[2011.08.05 18:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bernhard\AppData\Roaming\mozilla\Extensions
[2012.01.07 18:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.07 17:19:07 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.01 16:06:57 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.07 17:19:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.07 17:19:04 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.07 17:19:04 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.07 17:19:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.07 17:19:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.07 17:19:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files (x86)\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WN111v2\jswtrayutil.exe" File not found
O4 - HKCU..\Run: [{4EEC4296-B9DD-11E0-AA69-806E6F6E6963}] C:\Users\Bernhard\AppData\Roaming\Microsoft\dllhsts.exe (The Pidgin developer community)
O4 - HKCU..\Run: [bluebirds] C:\Users\Bernhard\Bluebirds\BlueBirds.exe (LG Electronics)
O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [MediaGet2] C:\Users\Bernhard\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
O4 - HKCU..\Run: [RapalaProFishing.exe] C:\Users\Bernhard\Desktop\Downloads\rapala-pro-fishing.exe ()
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED File not found
O4 - Startup: C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{180342E8-0E8D-45D2-95E3-9871E3DD7A54}: DhcpNameServer = 10.0.0.138 10.0.0.138
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.02.04 10:33:12 | 000,000,000 | R--D | M] - D:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2006.02.04 10:33:04 | 000,724,992 | R--- | M] (Electronic Arts Inc.) - D:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2006.01.31 03:56:47 | 000,942,080 | R--- | M] (Electronic Arts Inc.) - D:\AutoRunGUI.dll -- [ UDF ]
O32 - AutoRun File - [2006.02.04 11:03:19 | 000,000,161 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{4eec4299-b9dd-11e0-aa69-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4eec4299-b9dd-11e0-aa69-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2006.02.04 10:33:04 | 000,724,992 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\BlueBirds.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.01.07 18:41:43 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bernhard\Desktop\OTL.exe
[2012.01.04 13:05:35 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2012.01.04 13:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2012.01.03 10:54:36 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\Desktop\Spiele
[2011.12.28 22:33:13 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\AppData\Local\WB Games
[2011.12.27 21:29:48 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\Documents\Clones
[2011.12.27 21:29:48 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\AppData\Roaming\Clones
[2011.12.27 21:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Clones
[2011.12.26 12:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.12.24 21:44:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011.12.24 21:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2011.12.24 21:10:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2011.12.24 21:03:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011.12.24 21:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.12.24 21:03:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011.12.24 21:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
[2011.12.24 21:02:10 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\SysWow64\mkl_blueripple.dll
[2011.12.24 21:02:10 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2011.12.24 21:02:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS
[2011.12.24 21:02:08 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.12.24 21:02:08 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.12.24 21:02:08 | 000,122,904 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011.12.24 21:02:08 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2011.12.24 21:02:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011.12.16 20:08:01 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.16 20:07:35 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.12.16 20:07:35 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.16 20:07:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.16 20:07:34 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.16 20:07:34 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.16 20:07:34 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.16 20:07:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.16 20:06:12 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.16 20:06:12 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.12.10 22:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3dcarp2_demo
[2011.12.10 22:47:09 | 000,000,000 | ---D | C] -- C:\3DCARP_IMAGES
[2011.12.10 22:47:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\3dcarp
[2011.12.10 22:37:26 | 000,000,000 | ---D | C] -- C:\Downloads
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.01.07 18:41:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bernhard\Desktop\OTL.exe
[2012.01.07 18:27:10 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.07 18:27:10 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.07 18:26:47 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.07 18:26:47 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.07 18:26:47 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.07 18:26:47 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.07 18:26:47 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.07 18:21:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.07 18:19:58 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.07 18:19:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.07 18:19:41 | 2566,365,184 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.04 16:56:23 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.01.04 16:56:23 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.01.04 16:56:08 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.01.04 13:05:16 | 000,002,317 | ---- | M] () -- C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk
[2012.01.03 11:04:45 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.12.24 21:23:40 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.12.24 21:23:40 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.12.24 21:23:40 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011.12.24 21:23:40 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2011.12.16 22:59:12 | 000,276,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.16 20:23:53 | 001,198,392 | ---- | M] () -- C:\Users\Bernhard\IMAG0090.jpg
[2011.12.16 20:23:15 | 001,314,605 | ---- | M] () -- C:\Users\Bernhard\IMAG0089.jpg
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.04 13:05:16 | 000,002,317 | ---- | C] () -- C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk
[2011.12.24 21:03:35 | 000,001,346 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011.12.16 20:23:32 | 001,198,392 | ---- | C] () -- C:\Users\Bernhard\IMAG0090.jpg
[2011.12.16 20:23:06 | 001,314,605 | ---- | C] () -- C:\Users\Bernhard\IMAG0089.jpg
[2011.10.28 16:44:09 | 000,281,880 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.10.28 16:44:08 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.10.14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.07.31 16:46:00 | 000,000,017 | ---- | C] () -- C:\Users\Bernhard\AppData\Local\resmon.resmoncfg
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.12.27 21:29:48 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Clones
[2011.08.07 14:03:43 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\InterTrust
[2011.07.29 19:08:29 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Leadertech
[2011.10.29 19:49:03 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Media Get LLC
[2012.01.04 13:07:11 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2011.10.28 16:14:19 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Origin
[2011.10.01 16:50:05 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Rovio
[2012.01.03 16:40:32 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\TS3Client
[2011.08.13 16:55:09 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\ts3overlay
[2011.11.11 12:14:01 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
Ich hoffe ihr Könnt mir hierbei schnell helfen. Danke schon mal im voraus!
MfG Quantumboy