Security Suit Alert

Shadowtroop · 14.08.2010, 09:31

Hallo,
ich habe ein Problem mit Security Suit Alert. Das Programm blockiert meinen ganzen Computer ich kann gar nichts mehr machen. Ich habe in diesem Thread schon davon gelesen http://www.trojaner-board.de/88043-w...are-alert.html
Jetzt ist meine Frage ob ich das genauso mit OTL machen soll?

Zitat:

ootl:
Systemscan mit OTL
download otl:
hxxp://oldtimer.geekstogo.com/OTL.exe

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
poste die beiden.

Ich sollte noch dazu sagen das ich Windows Vista Home Premium 64Bit habe.

cosinus · 14.08.2010, 18:21

Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

Shadowtroop · 19.08.2010, 17:31

So hier ist die Logdatei von Malewarebytes

Zitat:

Malwarebytes' Anti-Malware 1.46
w*w.malwarebytes.org

Datenbank Version: 4448

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18943

19.08.2010 18:12:45
mbam-log-2010-08-19 (18-12-45).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 491948
Laufzeit: 3 Stunde(n), 10 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 2
Infizierte Dateien: 27

Infizierte Speicherprozesse:
C:\Users\Benutzer\AppData\Local\Temp\Ojj.exe (Trojan.Agent.Gen) -> Unloaded process successfully.

Infizierte Speichermodule:
C:\Users\Benutzer\AppData\Local\Temp\sshnas21.dll (Trojan.Agent.Gen) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zwunzi (Adware.Zwunzi) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ZE18MW23GY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Zwunzi (Adware.Zwunzi) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ze18mw23gy (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\metropolis (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vfbxybwm (Rogue.SecuritySuite) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\ProgramData\Zwunzi (Adware.Zwunzi) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Zwunzi (Adware.Zwunzi) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Users\Benutzer\AppData\Local\Temp\Ojj.exe (Trojan.Agent.Gen) -> Delete on reboot.
C:\Users\Benutzer\AppData\Local\Temp\sshnas21.dll (Trojan.Agent.Gen) -> Delete on reboot.
C:\Users\Benutzer\AppData\Roaming\mvaxgmbeg\ixtijdbshdw.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PXJUAW8Q\evwdlf[1].htm (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PXJUAW8Q\oytnvg[2].htm (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQUHXGGX\oytnvg[1].htm (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1UAQ07S\vmdkfnhp[1].htm (Rogue.SecuritySuite) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1UAQ07S\vmdkfnhp[2].htm (Rogue.SecuritySuite) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\mvaxgmbeg\ixtijdbshdw.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Temp\Ojf.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Temp\Ojg.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Temp\Ojh.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Temp\Oji.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Temp\Ojk.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Temp\ufijhxj.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Local\Temp\wcamxnorse.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows\Templates\memory.tmp (Spyware.Passwords) -> Quarantined and deleted successfully.
C:\Users\Benutzer\Desktop\ocr\netload.in\asmCaptcha\test.exe (Malware.Packer) -> Quarantined and deleted successfully.
C:\Users\Benutzer\Desktop\router\FRITZ!Box\nc.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Windows\Olelia.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\ProgramData\Zwunzi\zwunzi171.exe (Adware.Zwunzi) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Zwunzi\uninstall.exe (Adware.Zwunzi) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Zwunzi\zwunzi.dll (Adware.Zwunzi) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Zwunzi\zwunzi.exe (Adware.Zwunzi) -> Quarantined and deleted successfully.
C:\Windows\System32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.

cosinus · 19.08.2010, 18:52

Was ist mit OTL?

Shadowtroop · 20.08.2010, 20:14

Hier ist die OTL.txt

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 20.08.2010 20:41:49 - Run 2
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Users\Benutzer\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 40,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 291,08 Gb Total Space | 1,08 Gb Free Space | 0,37% Space Free | Partition Type: NTFS
Drive D: | 291,09 Gb Total Space | 113,65 Gb Free Space | 39,04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 3,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 123,23 Mb Total Space | 22,24 Mb Free Space | 18,05% Space Free | Partition Type: FAT
 
Computer Name: BENUTZER
Current User Name: Benutzer
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Benutzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
PRC - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
PRC - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\mcafee\VIRUSS~1\mcvsshld.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\mcafee\msc\mcuimgr.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\mcafee.com\agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Benutzer\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll (McAfee, Inc.)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\SysNative\TUProgSt.exe ()
SRV:64bit: - (TuneUp.Defrag) -- C:\Windows\SysNative\TuneUpDefragService.exe ()
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe ()
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll ()
SRV:64bit: - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SearchAnonymizer) -- C:\Users\Benutzer\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (DAUpdaterSvc) -- D:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (BUNAgentSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (McNASvc) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McODS) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
SRV - (McShield) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.)
SRV - (MpfService) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (lilsgt) -- C:\Windows\SysNative\DRIVERS\lilsgt.sys File not found
DRV:64bit: - (ithsgt) -- C:\Windows\SysNative\DRIVERS\ithsgt.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\vmm.sys ()
DRV:64bit: - (RRNetCapMP) -- C:\Windows\SysNative\DRIVERS\rrnetcap.sys ()
DRV:64bit: - (RRNetCap) -- C:\Windows\SysNative\DRIVERS\rrnetcap.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys ()
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys ()
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys ()
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\DRIVERS\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\DRIVERS\lirsgt.sys ()
DRV:64bit: - (Si3531) -- C:\Windows\SysNative\DRIVERS\Si3531.sys ()
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys ()
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys ()
DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys ()
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys ()
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys ()
DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys ()
DRV:64bit: - (MPFP) -- C:\Windows\SysNative\Drivers\Mpfp.sys ()
DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\DRIVERS\VMNetSrv.sys ()
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\DRIVERS\fwlanusb.sys ()
DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys ()
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV:64bit: - (AmdTools64) -- C:\Windows\SysNative\DRIVERS\AmdTools64.sys ()
DRV:64bit: - (SI3112) -- C:\Windows\SysNative\DRIVERS\SI3112.sys ()
DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\DRIVERS\SiWinAcc.sys ()
DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\DRIVERS\SiRemFil.sys ()
DRV - (ithsgt) -- C:\Windows\SysWOW64\drivers\ithsgt.sys ()
DRV - (lilsgt) -- C:\Windows\SysWOW64\drivers\lilsgt.sys ()
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1008&m=aspire_g7200
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1008&m=aspire_g7200
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1008&m=aspire_g7200
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1008&m=aspire_g7200
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1008&m=aspire_g7200
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = h**p://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://w*w.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\100220859\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = h**p=127.0.0.1:6522
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "h**p://w*w.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "h**p://w*w.google.de/ig?hl=de#restore"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1.1
FF - prefs.js..extensions.enabledItems: {c2db4fe6-8409-45ce-8010-189a7b5cce86}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "h**p://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.6&q="
FF - prefs.js..network.proxy.no_proxies_on: "fritz.box"
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010.06.24 13:02:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.05.09 17:38:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.27 12:14:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.27 12:14:52 | 000,000,000 | ---D | M]
 
[2009.06.19 19:29:01 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Extensions
[2009.05.10 13:59:33 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\extensions
[2009.05.10 13:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.08.12 16:51:26 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions
[2010.04.27 16:16:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.03 19:15:58 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.06.24 14:50:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.02.18 18:19:28 | 000,000,000 | ---D | M] (NCH Toolbar) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}
[2010.06.03 22:38:09 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009.07.15 13:47:50 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\pennerbar3@pennergame.de
[2010.08.11 19:14:33 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-1.xml
[2010.04.03 17:31:55 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-2.xml
[2010.06.27 02:29:53 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-3.xml
[2010.06.27 14:37:41 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-4.xml
[2010.07.21 19:57:54 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-5.xml
[2010.07.27 12:15:46 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-6.xml
[2010.07.27 21:25:19 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-7.xml
[2010.02.20 10:00:47 | 000,001,055 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin.xml
[2010.02.20 10:00:47 | 000,001,834 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\{18416856-C11F-4168-ADCA-A9B6F1B0A03B}.xml
[2010.02.20 10:00:47 | 000,002,152 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\{4361A5E0-1FEE-4E92-84CE-F2A7C0BEDBAE}.xml
[2010.02.20 10:00:47 | 000,002,041 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\{C672D396-656E-4C36-BD16-D8EAD9676C9E}.xml
[2010.07.11 00:33:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.07.02 12:41:10 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.09.21 11:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll
[2010.03.12 20:29:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.03.12 20:29:26 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.03.12 20:29:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.03.12 20:29:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.03.12 20:29:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
[2010.01.29 15:39:21 | 000,002,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zwunzi138.xml
[2010.01.30 13:05:58 | 000,002,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zwunzi141.xml
[2010.03.02 21:38:15 | 000,002,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zwunzi143.xml
[2010.03.11 16:21:52 | 000,002,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zwunzi145.xml
[2010.03.16 15:54:11 | 000,002,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zwunzi147.xml
 
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~2\mcafee\msk\MCAPBH~1.DLL ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~2\mcafee\msk\mcapbho.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll (Google Germany GmbH)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\100220859\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll (Google Germany GmbH)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Lau File not found
O4:64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Benutzer\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\amd_dc_opt\amd_dc_opt.exe ()
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [BkupTray] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files (x86)\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Programme (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found
O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 [2010.06.06 18:15:38 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2010.06.06 18:15:38 | 000,000,000 | ---D | M]
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI1933~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI1933~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} h**p://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} h**p://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.08.06 14:50:50 | 000,218,376 | R--- | M] () - I:\AutoStarter.exe -- [ CDFS ]
O32 - AutoRun File - [2009.07.20 15:07:04 | 000,003,496 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009.08.17 12:14:02 | 000,000,000 | ---D | M] - I:\autostarter -- [ CDFS ]
O33 - MountPoints2\{31cbf61c-5b6f-11df-8aac-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{31cbf61c-5b6f-11df-8aac-806e6f6e6963}\Shell\AutoRun\command - "" = L:\autorun.exe -- File not found
O33 - MountPoints2\{379994c6-3a50-11de-ac3f-002185948076}\Shell - "" = AutoRun
O33 - MountPoints2\{379994c6-3a50-11de-ac3f-002185948076}\Shell\AutoRun\command - "" = K:\pushinst.exe -- File not found
O33 - MountPoints2\{70473aeb-2eb3-11df-bcf2-002185948076}\Shell - "" = AutoRun
O33 - MountPoints2\{70473aeb-2eb3-11df-bcf2-002185948076}\Shell\AutoRun\command - "" = K:\pushinst.exe -- File not found
O33 - MountPoints2\{d436eb00-0cdb-11df-9277-001f3f016a7e}\Shell\AutoRun\command - "" = installer.exe
O33 - MountPoints2\{dc8ad5d8-a5c0-11dd-b7ca-002185948076}\Shell - "" = AutoRun
O33 - MountPoints2\{dc8ad5d8-a5c0-11dd-b7ca-002185948076}\Shell\AutoRun\command - "" = I:\AutoStarter.exe -- [2009.08.06 14:50:50 | 000,218,376 | R--- | M] ()
O33 - MountPoints2\{e8dc09f8-d2ec-11dd-a981-002185948076}\Shell - "" = AutoRun
O33 - MountPoints2\{e8dc09f8-d2ec-11dd-a981-002185948076}\Shell\AutoRun\command - "" = K:\pushinst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.20 20:40:14 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\OTL.exe
[2010.08.19 14:53:27 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Malwarebytes
[2010.08.19 14:53:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.08.19 14:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.08.19 14:53:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.14 01:35:42 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\mvaxgmbeg
[2010.08.14 01:35:42 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\mvaxgmbeg
[2010.08.14 01:35:28 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\Windows Server
[2010.08.11 20:17:54 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.08.11 20:17:51 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.08.11 20:17:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.08.11 20:17:24 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010.08.11 20:17:22 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010.08.11 20:17:20 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010.08.11 20:17:20 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.08.11 20:17:20 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.08.11 20:17:19 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010.08.11 20:17:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010.08.11 20:17:19 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010.08.11 20:17:18 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010.08.11 20:17:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.08.10 14:38:31 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\2K Games
[2010.08.10 14:38:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.08.10 14:37:36 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2010.08.10 14:37:36 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2010.08.10 14:37:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2010.08.10 14:37:31 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2010.08.10 14:37:29 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2010.08.10 14:37:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2010.08.10 14:37:24 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2010.08.10 14:37:21 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2010.08.10 14:37:17 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.08.10 14:37:17 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.08.10 14:37:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.08.10 14:37:11 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010.08.09 19:28:19 | 000,088,064 | ---- | C] (KelSat Presents) -- C:\Users\Benutzer\Desktop\Dragon_Age_Origins_V1.0_Plus_8_Trainer_By_KelSat.exe
[2010.08.09 18:09:38 | 000,000,000 | ---D | C] -- C:\Windows\1C4551A64743409391E41477CD655043.TMP
[2010.08.09 00:40:47 | 000,067,584 | ---- | C] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe
[2010.08.07 01:20:55 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2010.08.07 01:20:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\fwc
[2010.08.07 01:16:04 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\SeriousBit
[2010.08.04 19:35:02 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Documents\StarCraft II
[2010.08.04 19:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.08.04 19:35:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.07.27 21:16:35 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\Szene
[2010.07.22 00:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gothic III
[2010.07.21 21:38:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010.07.21 21:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010.07.21 21:35:44 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\Data
[2010.07.21 21:02:28 | 684,857,718 | ---- | C] (Humanforce                                                  ) -- C:\Users\Benutzer\Desktop\G3_Questpaket_4_Update1_Vollversion.exe
[2008.07.22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Benutzer\AppData\Local\*.tmp files -> C:\Users\Benutzer\AppData\Local\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.20 20:46:10 | 004,194,304 | -HS- | M] () -- C:\Users\Benutzer\ntuser.dat
[2010.08.20 20:46:05 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1D071076-F2AF-41E4-B583-9EA0DFF434F7}.job
[2010.08.20 20:37:48 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\OTL.exe
[2010.08.20 20:31:40 | 000,000,534 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2010.08.20 20:31:07 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.20 20:29:20 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.20 20:18:07 | 000,068,751 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2010.08.20 20:15:31 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.20 20:15:31 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.20 20:15:28 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010.08.20 20:15:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.20 20:15:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.19 19:27:02 | 000,524,288 | -HS- | M] () -- C:\Users\Benutzer\ntuser.dat{283ba2f3-2246-11df-9ec0-001f3f016a7e}.TMContainer00000000000000000001.regtrans-ms
[2010.08.19 19:27:02 | 000,065,536 | -HS- | M] () -- C:\Users\Benutzer\ntuser.dat{283ba2f3-2246-11df-9ec0-001f3f016a7e}.TM.blf
[2010.08.19 19:26:57 | 003,171,746 | -H-- | M] () -- C:\Users\Benutzer\AppData\Local\IconCache.db
[2010.08.19 14:53:16 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.14 17:44:27 | 000,001,356 | ---- | M] () -- C:\Users\Benutzer\AppData\Local\d3d9caps.dat
[2010.08.14 09:36:13 | 001,474,308 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.14 09:36:13 | 000,640,648 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.08.14 09:36:13 | 000,605,240 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.14 09:36:13 | 000,131,728 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.08.14 09:36:13 | 000,108,572 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.08.14 01:32:19 | 000,072,192 | ---- | M] () -- C:\Users\Benutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.12 03:33:39 | 000,374,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.09 18:11:30 | 000,000,701 | ---- | M] () -- C:\Users\Benutzer\Desktop\DAOriginsLauncher - Verknüpfung.lnk
[2010.08.09 18:09:27 | 000,000,701 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age Origins.lnk
[2010.08.09 13:26:31 | 000,032,816 | ---- | M] () -- C:\Users\Benutzer\Desktop\Dragon.Age.Origins.GERMAN-GWAREZ_4349_-vd08l1lgwtec.dlc
[2010.08.09 13:18:56 | 508,944,720 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.08.09 01:01:20 | 000,006,128 | ---- | M] () -- C:\Users\Benutzer\Desktop\-c45ef05182624425a4b9e86cb922aac5.dlc-
[2010.08.09 00:40:49 | 000,012,693 | ---- | M] () -- C:\Windows\scunin.dat
[2010.08.09 00:40:47 | 000,067,584 | ---- | M] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe
[2010.08.09 00:40:47 | 000,000,967 | ---- | M] () -- C:\Windows\ScUnin.pif
[2010.08.06 23:38:09 | 000,003,184 | ---- | M] () -- C:\Users\Benutzer\Desktop\StarCraft.Brood.War.GERMAN-GWAREZ_2024_-xz9al1lk0icx3.dlc
[2010.08.05 14:08:24 | 000,000,691 | ---- | M] () -- C:\Users\Benutzer\Desktop\StarCraft II - Verknüpfung.lnk
[2010.08.04 14:40:56 | 000,010,205 | ---- | M] () -- C:\Users\Benutzer\Desktop\Rapid.docx
[2010.08.04 14:35:57 | 000,027,460 | ---- | M] () -- C:\Users\Benutzer\Desktop\Starcraft.II.Wings.of.Liberty.GERMAN-0x0007_5249_-lbquf6lisb7d8.dlc
[2010.07.28 22:39:08 | 000,009,941 | ---- | M] () -- C:\Users\Benutzer\Desktop\hallo.docx
[2010.07.22 14:07:06 | 000,008,224 | ---- | M] () -- C:\Windows\SysNative\GDIPFONTCACHEV1.DAT
[2010.07.22 14:06:00 | 000,100,864 | ---- | M] () -- C:\Users\Benutzer\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.22 03:05:54 | 000,000,219 | ---- | M] () -- C:\Windows\win.ini
[2010.07.21 21:38:24 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Benutzer\AppData\Local\*.tmp files -> C:\Users\Benutzer\AppData\Local\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.19 14:53:16 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.19 14:53:13 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010.08.11 20:18:04 | 001,420,176 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.08.11 20:17:59 | 000,462,848 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2010.08.11 20:17:59 | 000,174,592 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2010.08.11 20:17:56 | 002,749,952 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2010.08.11 20:17:53 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\rtutils.dll
[2010.08.11 20:17:48 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2010.08.11 20:17:35 | 009,250,816 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2010.08.11 20:17:33 | 012,473,344 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2010.08.11 20:17:32 | 002,335,744 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2010.08.11 20:17:28 | 001,487,360 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2010.08.11 20:17:27 | 001,147,904 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2010.08.11 20:17:26 | 000,706,048 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2010.08.11 20:17:26 | 000,459,776 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2010.08.11 20:17:25 | 000,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2010.08.11 20:17:24 | 001,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2010.08.11 20:17:24 | 000,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2010.08.11 20:17:24 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll
[2010.08.11 20:17:24 | 000,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll
[2010.08.11 20:17:23 | 000,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll
[2010.08.11 20:17:23 | 000,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2010.08.11 20:17:22 | 001,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl
[2010.08.11 20:17:21 | 000,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2010.08.11 20:17:21 | 000,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll
[2010.08.11 20:17:20 | 000,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll
[2010.08.11 20:17:18 | 000,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe
[2010.08.11 20:17:18 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe
[2010.08.11 20:17:17 | 001,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2010.08.11 20:17:14 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll
[2010.08.11 20:17:09 | 000,343,040 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2010.08.10 14:37:36 | 000,518,488 | ---- | C] () -- C:\Windows\SysNative\XAudio2_7.dll
[2010.08.10 14:37:36 | 000,077,656 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010.08.10 14:37:34 | 000,176,984 | ---- | C] () -- C:\Windows\SysNative\xactengine3_7.dll
[2010.08.10 14:37:31 | 002,526,056 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010.08.10 14:37:29 | 001,907,552 | ---- | C] () -- C:\Windows\SysNative\d3dcsx_43.dll
[2010.08.10 14:37:26 | 000,276,832 | ---- | C] () -- C:\Windows\SysNative\d3dx11_43.dll
[2010.08.10 14:37:24 | 000,511,328 | ---- | C] () -- C:\Windows\SysNative\d3dx10_43.dll
[2010.08.10 14:37:21 | 002,401,112 | ---- | C] () -- C:\Windows\SysNative\D3DX9_43.dll
[2010.08.10 14:37:17 | 000,530,776 | ---- | C] () -- C:\Windows\SysNative\XAudio2_6.dll
[2010.08.10 14:37:17 | 000,078,680 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010.08.10 14:37:14 | 000,176,984 | ---- | C] () -- C:\Windows\SysNative\xactengine3_6.dll
[2010.08.10 14:37:11 | 000,024,920 | ---- | C] () -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010.08.09 18:11:30 | 000,000,701 | ---- | C] () -- C:\Users\Benutzer\Desktop\DAOriginsLauncher - Verknüpfung.lnk
[2010.08.09 18:09:27 | 000,000,701 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age Origins.lnk
[2010.08.09 13:26:31 | 000,032,816 | ---- | C] () -- C:\Users\Benutzer\Desktop\Dragon.Age.Origins.GERMAN-GWAREZ_4349_-vd08l1lgwtec.dlc
[2010.08.09 01:01:20 | 000,006,128 | ---- | C] () -- C:\Users\Benutzer\Desktop\-c45ef05182624425a4b9e86cb922aac5.dlc-
[2010.08.09 00:40:49 | 000,012,693 | ---- | C] () -- C:\Windows\scunin.dat
[2010.08.09 00:40:47 | 000,000,967 | ---- | C] () -- C:\Windows\ScUnin.pif
[2010.08.07 01:15:54 | 000,015,867 | ---- | C] () -- C:\Windows\SysNative\Empty.ico
[2010.08.06 23:38:06 | 000,003,184 | ---- | C] () -- C:\Users\Benutzer\Desktop\StarCraft.Brood.War.GERMAN-GWAREZ_2024_-xz9al1lk0icx3.dlc
[2010.08.05 14:08:24 | 000,000,691 | ---- | C] () -- C:\Users\Benutzer\Desktop\StarCraft II - Verknüpfung.lnk
[2010.08.04 14:40:55 | 000,010,205 | ---- | C] () -- C:\Users\Benutzer\Desktop\Rapid.docx
[2010.08.04 14:35:56 | 000,027,460 | ---- | C] () -- C:\Users\Benutzer\Desktop\Starcraft.II.Wings.of.Liberty.GERMAN-0x0007_5249_-lbquf6lisb7d8.dlc
[2010.08.04 14:33:00 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll
[2010.07.28 22:39:07 | 000,009,941 | ---- | C] () -- C:\Users\Benutzer\Desktop\hallo.docx
[2010.07.21 21:43:19 | 000,270,208 | ---- | C] () -- C:\Windows\SysNative\MpSigStub.exe
[2010.07.21 21:38:24 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.07.02 12:45:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.05.01 01:40:43 | 000,000,096 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\fusioncache.dat
[2010.04.30 16:35:31 | 001,479,426 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.04.04 18:37:32 | 000,412,420 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistMSI70F4.txt
[2010.04.04 18:37:32 | 000,011,426 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistUI70F4.txt
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.03.09 22:21:14 | 000,003,403 | ---- | C] () -- C:\Windows\messer.ini
[2010.03.09 16:05:09 | 000,422,578 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistMSI0CDE.txt
[2010.03.09 16:05:09 | 000,011,440 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistUI0CDE.txt
[2010.03.08 22:55:13 | 000,000,784 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2010.01.28 16:37:44 | 000,001,356 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\d3d9caps.dat
[2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.07 19:25:32 | 000,162,432 | ---- | C] () -- C:\Windows\SysWow64\drivers\ithsgt.sys
[2009.11.07 19:25:32 | 000,012,032 | ---- | C] () -- C:\Windows\SysWow64\drivers\lilsgt.sys
[2009.08.04 22:45:13 | 000,000,000 | ---- | C] () -- C:\Windows\zSpy.INI
[2009.06.29 18:21:12 | 000,419,930 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistMSI3D59.txt
[2009.06.29 18:21:12 | 000,011,410 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistUI3D59.txt
[2009.06.11 22:06:51 | 000,613,652 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_NET_Framework35_LangPack_MSI6BA9.txt
[2009.06.11 22:06:39 | 000,077,308 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx35install_lp.txt
[2009.06.11 22:06:39 | 000,000,002 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx35error_lp.txt
[2009.06.11 22:05:35 | 001,881,352 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_NET_Framework35_x64_MSI6AB1.txt
[2009.06.11 21:50:43 | 000,232,410 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2009.06.11 21:50:38 | 000,228,168 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx35install.txt
[2009.06.11 21:50:38 | 000,000,002 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx35error.txt
[2009.05.15 22:00:39 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009.05.07 16:20:37 | 000,069,382 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_depcheckdotnetfx30.txt
[2009.05.07 16:20:29 | 000,056,334 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx3install.txt
[2009.05.07 16:20:29 | 000,006,666 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\uxeventlog.txt
[2009.05.07 16:20:29 | 000,000,710 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx3error.txt
[2009.03.02 11:33:32 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008.12.26 23:55:07 | 000,072,192 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.29 16:10:59 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2008.10.29 16:10:59 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2008.08.23 04:35:49 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIOFM4.dll
[2008.08.23 04:35:49 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIBUN5.dll
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 04:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2004.07.29 01:19:46 | 000,175,104 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2002.08.13 17:04:12 | 000,217,088 | R--- | C] () -- C:\Users\Benutzer\AppData\Roaming\MafiaSetup.exe
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC_MMX.dll
[1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 477 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >

--- --- ---

Shadowtroop · 20.08.2010, 20:15

Und hier die OTL Extras

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 20.08.2010 20:41:49 - Run 2
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Users\Benutzer\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 40,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 291,08 Gb Total Space | 1,08 Gb Free Space | 0,37% Space Free | Partition Type: NTFS
Drive D: | 291,09 Gb Total Space | 113,65 Gb Free Space | 39,04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 3,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 123,23 Mb Total Space | 22,24 Mb Free Space | 18,05% Space Free | Partition Type: FAT
 
Computer Name: BENUTZER
Current User Name: Benutzer
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0069B63C-6F5F-4494-80B7-DA3E3AA701CB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{0773D079-B8C3-4AAB-B0F6-9CF7E0554548}" = lport=137 | protocol=17 | dir=in | app=system | 
"{0791340B-E7AA-4960-8BAF-46AFD8702BC9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{14ACE78F-5651-4751-8B65-0CDAA55D333B}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1740B934-F27F-4F41-948C-97DC13348537}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{23A285E4-EC20-4379-8331-9E967B9F233F}" = lport=138 | protocol=17 | dir=in | app=system | 
"{24879913-5ADB-4FA5-8FD8-E9A19D4E3375}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2728B0D7-F583-4D71-B2D2-1026E71EC70B}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2AED947C-E347-4CD7-83EA-118245F2380D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{3426B7BB-3490-4146-9B59-3642DA72A973}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3E1EE4C6-42DE-4E2B-88AE-2166257CC235}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{44565139-1A99-4342-847C-460501B48C6D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{4C590988-F8A1-4524-B89D-139BD7C500D0}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{4E58418F-5DA1-4E3A-9A94-DC35B5EC3755}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{577ECCBC-3C4D-4922-911D-6D2A97D54323}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{5B6915C8-0C5C-4820-83F1-8699BA34DE65}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{5E10D95E-F1C4-40A6-A561-50D9AE9B2CB0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{60298346-7BCF-4914-B0F1-B99072DFD3DC}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{664D5719-A960-4DE5-810F-77F7ED9AE5D9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6AE9724C-7055-4E53-AB95-D07CC88E0BF5}" = rport=445 | protocol=6 | dir=out | app=system | 
"{71C4CE87-628F-46DC-921D-96E3B00F25C7}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{766E6467-E75D-4293-A18F-7699080CC70B}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{86EA0B1D-D940-4A8E-8625-9C8640827284}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{87740EEA-9C99-4C30-A429-B13C30B08217}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9CF71B3B-2D71-4DF7-BD67-D62E35D6CEE6}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A2FC7D8F-33CC-4373-9185-BC425E987CE9}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A4C391D8-2F48-4654-84BD-EA680A7E2AB2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B6D354BF-C1A8-4C73-ACD2-ED0427B74865}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CB2F21E8-E677-41CE-888E-F62CAD706835}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D366B9DC-EA4F-499F-9A4E-A4270589E4BA}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{D6A0753E-4504-4EB1-B80B-8D3816EF1A46}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{D9422901-6611-43F8-B248-07D60F68B85F}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{DA50A642-2827-4A56-A642-AFFEBE0DE005}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{DE0637BD-6F89-4DAB-BE63-2F0DB93C5CAE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DF0B48F6-D3B4-4746-8E96-AB2A88EA933C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{E32A8C8F-D1B7-4459-A2A5-0B78FADB203B}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{EB53DBA9-7AA3-41B2-A5A4-F07C3C2C9399}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F53EF61C-91DF-4956-90D0-CCE3AA6EFE8E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FA085C10-D5A8-4D53-85D1-8BEE06CC43BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FD273609-3304-4AF8-A307-EB12AB1B6403}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FD900E87-B236-4A7C-AC04-91BBC00CD902}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001D1A89-4606-4ED5-9784-8C27184E43F1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{00268926-D747-403D-9A2B-1397E04C4139}" = protocol=6 | dir=in | app=d:\program files (x86)\mass effect 2\binaries\masseffect2.exe | 
"{06AB12E7-45C2-4145-95FF-495634AEF154}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{08861BDE-A214-4BF7-84F8-3D8ADA841472}" = protocol=6 | dir=in | app=d:\program files (x86)\mass effect\binaries\masseffect.exe | 
"{089F792B-DB04-429E-8185-DA010E9BCB46}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{09EB7AFD-3B2C-49E9-8F16-A305A6FEDC3B}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{0DD72B0F-C101-4791-A210-BEC9C619888F}" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe | 
"{12E3DF65-F3EA-40B0-8147-69EDE5D18230}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe | 
"{1AA5503E-6B69-4B8F-8FC5-5481A9074F2A}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{1EF46788-783B-4280-8640-3D2B507397DD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{1F1B624B-B24C-44B0-826F-DE5157B03512}" = protocol=6 | dir=in | app=d:\program files (x86)\mass effect 2\masseffect2launcher.exe | 
"{2019C889-2A1F-4132-ABC7-9D16DCB1E71B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\r.u.s.e. beta\ruse.exe | 
"{20FFD2C4-9470-4D55-B642-EB245FCB4B67}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe | 
"{22D4B9FF-C3B0-48F9-8489-AD5B9181DC34}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | 
"{23138DA8-2699-41C8-940A-53A422900FCF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{25B6AC57-A83B-4062-97AD-DAB6C6BF695E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{2978A530-E6D0-4D3C-A502-9D9BD62D6E31}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{29A7656A-0CED-4551-B970-5633BD7D4DF9}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\acer homemedia connect.exe | 
"{2AC8001E-7C4B-4952-B9FA-EEE0451B9F28}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mafia ii - public demo\launcher.exe | 
"{2B61712C-0A56-4A53-9277-2E6755C17B11}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{2D0BD9CF-B5F3-4AAF-B6DE-B55F0F83FAAF}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{2D7FC01B-F014-40AA-9748-1B2377CD81B5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\james cameron's avatar - das spiel\bin\avatar.exe | 
"{2FBB9FD2-74E9-4D69-80D8-3FE7190CCD16}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{311EFFB2-F0C0-4CB6-8F28-3125F2878695}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{337543DA-3FA3-4359-A46C-005D742ABF0B}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | 
"{34D2F2E5-7A5C-48A9-A785-F14CF577EFEE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\addon.exe | 
"{36EDFF26-0D2C-4E72-9A50-88223B7BD9F1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shadowtroop1992\source sdk base 2007\hl2.exe | 
"{3941CE53-5175-4DD9-B723-6FE9A8A55E71}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe | 
"{3C3532C8-C3B5-41DB-A4B4-DC7570ACE3F9}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{3CC37A7C-D396-4CC1-9C01-F9E4A6D85105}" = protocol=6 | dir=in | app=d:\program files (x86)\capcom\resident evil 5\re5dx9.exe | 
"{3D251C8B-A911-4FDB-B736-F125708A0CB3}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{3EAEB77E-AC86-4458-BAB8-08141F53F92F}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | 
"{48D3EABE-4224-4A56-944E-FD2C2D27E0B6}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | 
"{49C0F741-0EE4-4F2F-BBBA-144ACCCFB7C8}" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe | 
"{4C5FBB28-CD8B-4F81-936A-E5F11B8DD7FE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shadowtroop1992\source sdk base 2007\hl2.exe | 
"{4ECA65BF-8FB9-4D1E-AD97-D4B3A437204F}" = protocol=6 | dir=in | app=d:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe | 
"{51AE3E32-D4DC-4F01-B767-935156AE4B1C}" = protocol=17 | dir=in | app=d:\program files (x86)\capcom\resident evil 5\re5dx9.exe | 
"{53E9AD3E-328F-4A73-8347-0556F81EF494}" = protocol=17 | dir=in | app=d:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe | 
"{55ABBC98-2A21-4CB1-A80D-D423632A4719}" = protocol=17 | dir=in | app=d:\program files (x86)\starcraft 2\starcraft ii.exe | 
"{5712C72B-A1A0-4AEF-8D5B-876800BCF3E3}" = protocol=17 | dir=in | app=d:\program files (x86)\dragon age\daoriginslauncher.exe | 
"{5800AF76-6D81-4B98-803E-34BDC69B1F41}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe | 
"{5935A2BA-5739-4635-9FD6-1375D3D47E51}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{5A3A8FE2-4B22-4709-9744-1D05F0E8CD3D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5CFDAFA1-11AB-442E-BCA4-96DF6696AD4C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{5E4D73A3-DBCB-495A-8015-F13D3B451E9C}" = protocol=6 | dir=in | app=c:\program files (x86)\lucasarts\star wars empire at war forces of corruption\swfoc.exe | 
"{632E8AB5-1973-478A-AE36-0B4E309B9922}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{65684571-921E-41D8-BF45-463B15A6F909}" = protocol=6 | dir=in | app=d:\program files (x86)\starcraft 2\starcraft ii.exe | 
"{65BBCD20-4056-48C3-9004-66BA6E4B5340}" = dir=in | app=c:\program files (x86)\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe | 
"{674EB971-8E67-49CE-9672-C2CBB25CBAEA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shadowtroop1992\half-life\hl.exe | 
"{67689F2B-219E-4A30-A818-3BDD54176ABA}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\addonweb.exe | 
"{687D842C-42EE-4B11-B6D6-FAA4DEDD17BE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe | 
"{693B1191-B7DC-4C83-B8C4-D3EB448D2209}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\addon.exe | 
"{6B335F25-FECD-463A-B2D1-FB617B255361}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{6C7945BE-6122-472E-9C92-C54958A4F8DC}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{6DBF9EC0-AD79-4499-B471-CE77B1486211}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\r.u.s.e. beta\ruse.exe | 
"{717D7139-9CCD-4815-A4BA-483EBDD25E4B}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dv magician\acer dv magician.exe | 
"{73E65046-81F8-4180-8AA3-A8916FA6D1FC}" = protocol=6 | dir=in | app=d:\program files (x86)\capcom\resident evil 5\re5dx10.exe | 
"{777D611D-4E86-4C53-B807-00644155E5D3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\addonweb.exe | 
"{790C3742-A8A3-498F-AF99-489FE0BF26E6}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe | 
"{79A96E46-35AA-4EAD-97FF-FCCD28C3F592}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{7BDCF26D-0134-402E-945A-D34A6804518A}" = protocol=17 | dir=in | app=d:\program files (x86)\mass effect 2\masseffect2launcher.exe | 
"{84D99521-62C6-4435-9ABF-967EB53E5CD1}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{8513E28B-00AF-4789-9FC9-EE744F92AE53}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{862F2004-4209-4810-BF9B-86F8B45316F6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{89DECAFF-27D0-408C-891C-B482B98AD321}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | 
"{8B64C296-2DE8-40D0-B872-40439646399C}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia\acer homemedia.exe | 
"{90F0EE00-FD2E-4F1D-BCD6-95B02B38293D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\james cameron's avatar - das spiel\bin\avatarlauncher.exe | 
"{9305F86D-4BE3-43C1-9945-1B0201CDBBD2}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{96346143-1BD5-4518-A1B3-3966C70C8A9B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{964093D4-CCFC-42EF-B171-A2D2B69491FE}" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe | 
"{9A500349-416C-4278-AE9C-DD2468E569D2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{9BFFB9C5-63E6-474B-B963-E30A8624521D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mafia ii - public demo\launcher.exe | 
"{9CC38B21-BB5C-4A71-B659-DCA65E3A8241}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\gu.exe | 
"{9D169887-4852-4552-BD8E-853F8A469E68}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{A21833A3-6198-482E-9978-FB7DE2FC5EB9}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | 
"{A5A302AE-0C0A-4D31-9AD0-3B2880CF0E52}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{A6319F45-59F2-4D06-906C-694A92BBCB75}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dvdivine\acer dvdivine.exe | 
"{A9E1B9E6-669E-409F-BD81-987504281B1D}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | 
"{AB78486C-4C5F-4A8C-BFA7-C549EF1D5EE4}" = protocol=6 | dir=in | app=d:\program files (x86)\dragon age\daoriginslauncher.exe | 
"{AC14D7FD-67AB-41F6-AE7F-8A306A618A59}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\james cameron's avatar - das spiel\bin\avatar.exe | 
"{AC922FC8-1092-47ED-8C72-DC0BAE969289}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{AC9321F7-4BBE-4545-8F5C-86CD1E673176}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{ADF828C0-4B1E-4B27-9772-3C85F58ADB76}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{AEA33184-866B-4C26-8C09-76C9E24D31EC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shadowtroop1992\half-life\hl.exe | 
"{AEA7349A-196E-410B-9386-A897747B0F87}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{B0E9764C-2B9B-45CE-99FE-F558DF82D09D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\james cameron's avatar - das spiel\bin\avatarlauncher.exe | 
"{B12BBD39-6122-40E4-AD5E-8FD1B0592A0D}" = protocol=17 | dir=in | app=d:\program files (x86)\capcom\resident evil 5\re5dx10.exe | 
"{B83272F3-A725-4B56-92EE-AE9F35F5BF19}" = protocol=6 | dir=in | app=d:\program files (x86)\mass effect\masseffectlauncher.exe | 
"{B848EFDF-5DE7-4952-B4AA-D8CA3B63E9AC}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{B91FEBDB-2E5C-4BB9-9862-042C29334D19}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{BA6A7E04-A95D-485F-9C5C-59360AD97A22}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{C3A18C58-A31D-4BFA-B08B-3EEE5AB41A31}" = protocol=17 | dir=in | app=d:\program files (x86)\dragon age\bin_ship\daorigins.exe | 
"{C4F992DE-9DCF-49E8-A37E-BCD5B65B0A3C}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{CB1BD53B-7BF7-42A8-9E83-32CA56B0CF77}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{D2430318-D088-4269-9F3D-1A9C1EC2EFB3}" = protocol=17 | dir=in | app=d:\program files (x86)\mass effect 2\binaries\masseffect2.exe | 
"{D3417DB0-0B3A-4400-8AC4-F5EEAFE4E5CB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\gu.exe | 
"{D48ECB26-7BDC-41CA-A984-D6EA84A6F9D1}" = protocol=6 | dir=in | app=d:\program files (x86)\dragon age\bin_ship\daorigins.exe | 
"{DB0BFA75-4A8E-4EA7-B630-4D3EFB76E77F}" = dir=in | app=c:\program files (x86)\acer arcade live\acer videomagician\acer videomagician.exe | 
"{DD34485B-616C-4774-B64F-C2D0A2528266}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{E3CB9B40-F3B0-4170-9598-CD3564B1AA89}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe | 
"{E691B993-787D-4E49-9928-1033649092F8}" = dir=in | app=c:\program files (x86)\acer arcade live\acer arcade live main page\acer arcade live.exe | 
"{E726C344-F06A-4CC5-B624-6A78ED5942A9}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe | 
"{E7D50F07-471F-4928-9306-6DACE82A8B91}" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe | 
"{E8B45B69-F2E5-4FEA-AD7B-59CD4371BC5F}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{E95870D6-16D1-4C66-9AE1-074D0EE54859}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | 
"{F07A7C11-3D65-4C95-9215-C3E330F9DE03}" = protocol=17 | dir=in | app=d:\program files (x86)\mass effect\binaries\masseffect.exe | 
"{F3D0A926-A190-4B9B-AC77-6FA522C65330}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe | 
"{F4A40623-2CE0-4089-8DA4-3095E4C48AC2}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{F517B86C-28D1-42EE-8CBA-7FC1F4C7BC0C}" = protocol=17 | dir=in | app=d:\program files (x86)\mass effect\masseffectlauncher.exe | 
"{F549CFB7-F50A-4C38-86E0-F2D1DDABD73A}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe | 
"{F7A4AD0E-BBE0-47D2-86B4-03B2D7F94157}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{F962D1A6-D31C-408A-A2B6-04CEB5EC093D}" = protocol=17 | dir=in | app=c:\program files (x86)\lucasarts\star wars empire at war forces of corruption\swfoc.exe | 
"TCP Query User{1131D629-D5FE-4C47-A083-13C3C2D85AA8}D:\program files (x86)\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\far cry 2\bin\farcry2.exe | 
"TCP Query User{2CBF0D1E-B731-43D6-B158-203B429F2E0B}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"TCP Query User{310E3034-20D6-47B4-A514-D1523B28834F}D:\program files (x86)\capcom\resident evil 5\re5dx10.exe" = protocol=6 | dir=in | app=d:\program files (x86)\capcom\resident evil 5\re5dx10.exe | 
"TCP Query User{43CE71E4-594D-4BF1-81F5-482D3E1C6C6F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{59CBDD79-9FE7-460B-8E3B-0D90744A91BB}C:\users\Benutzer\desktop\starwars battlefront ii\gamedata\battlefrontii.exe" = protocol=6 | dir=in | app=c:\users\Benutzer\desktop\starwars battlefront ii\gamedata\battlefrontii.exe | 
"TCP Query User{5C82C791-FD88-4CE5-A190-1BBE67020B4A}C:\program files (x86)\microsoft games\age of empires iii\age3y.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe | 
"TCP Query User{6DFE5221-92E4-455A-A6D3-8EF2B36F4CA2}D:\program files (x86)\far cry 2\bin\fc2serverlauncher.exe" = protocol=6 | dir=in | app=d:\program files (x86)\far cry 2\bin\fc2serverlauncher.exe | 
"TCP Query User{7930C53F-7F37-4E60-9682-CA5568443801}D:\program files (x86)\starcraft 2\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\starcraft 2\versions\base15405\sc2.exe | 
"TCP Query User{D781FBE2-D691-4CDE-9B1A-327CA5938E9F}C:\program files (x86)\microsoft games\age of empires iii\age3y.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe | 
"TCP Query User{EB69B3C1-ED52-475C-A195-CDA9E9EBCFDE}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe | 
"UDP Query User{279B5833-3B5D-400D-B5E9-21C1D3C64416}C:\program files (x86)\microsoft games\age of empires iii\age3y.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe | 
"UDP Query User{28B119F3-14E0-42D9-8724-443FF7C9105C}D:\program files (x86)\far cry 2\bin\fc2serverlauncher.exe" = protocol=17 | dir=in | app=d:\program files (x86)\far cry 2\bin\fc2serverlauncher.exe | 
"UDP Query User{3D7DD4C7-51FD-4FF0-AE39-21F8879C446A}D:\program files (x86)\capcom\resident evil 5\re5dx10.exe" = protocol=17 | dir=in | app=d:\program files (x86)\capcom\resident evil 5\re5dx10.exe | 
"UDP Query User{4AA6BFAA-1DF8-451E-8661-C2E98DDA3701}C:\program files (x86)\microsoft games\age of empires iii\age3y.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe | 
"UDP Query User{907CBA9D-6628-49DD-81F5-BE0178DFA6FE}D:\program files (x86)\starcraft 2\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\starcraft 2\versions\base15405\sc2.exe | 
"UDP Query User{A0CB1E80-46F7-45DA-A321-1DF17BC89C73}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |  
"UDP Query User{A3D8DE63-AB38-4CA7-8393-6E609A07221A}C:\users\Benutzer\desktop\starwars battlefront ii\gamedata\battlefrontii.exe" = protocol=17 | dir=in | app=c:\users\Benutzer\desktop\starwars battlefront ii\gamedata\battlefrontii.exe | 
"UDP Query User{B010B871-E9AA-4FC6-B168-C0D735F1B30B}D:\program files (x86)\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\far cry 2\bin\farcry2.exe | 
"UDP Query User{B33981FF-404A-4A2A-B19D-3A6FE78BD67E}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"UDP Query User{F8E36EE9-0AB2-427F-9B87-7F4210F97732}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86416013FF}" = Java(TM) 6 Update 13 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5F94D3B9-2B02-9C37-740B-A59C7B8D17CC}" = ATI Catalyst Install Manager
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{A792E67C-FDA4-A301-0C3C-53BA86EFBB5A}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Essentials" = Microsoft Security Essentials
"SearchAnonymizer" = SearchAnonymizer
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0216DA39-95B3-4D8A-9043-B748E0726C14}" = Gothic III - Götterdämmerung 1.08.9 Patch
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1DC4E424-5D92-4C92-B1E1-4BE4318E7136}" = James Cameron's AVATAR(tm): DAS SPIEL (Demo)
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{26D1AA3E-36F2-4E2E-BBF5-FFBBE9D7B766}" = Monkey Island
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2B21DEAC-4EB7-4516-8E0C-F1F3A29FF2AE}" = Gothic III - Götterdämmerung Patch
"{302AC480-43D2-11D5-A818-00500435FC18}" = Gothic-Patch 1.08h
"{3D6A24EA-A543-6C84-351E-D7646E7AB86E}" = Catalyst Control Center InstallProxy
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3F64C088-9A45-41B3-8B99-71AFAB720A77}" = Sherlock Holmes jagt Jack the Ripper - Demoversion
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{45070F4E-2C7A-FA43-8A55-5CEF1501E076}" = AVATAR Interactive Desktop
"{47CAFF95-C3D8-ABF2-70BC-89DE00D8FB19}" = Catalyst Control Center Graphics Light
"{4962EBAC-AE7C-1B22-1EA0-0916A7E40954}" = Catalyst Control Center Graphics Full Existing
"{49A62E2B-B35C-941D-DF48-601207CF14C0}" = Catalyst Control Center Graphics Previews Common
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{4D4C7CA5-3912-40A3-94BF-9B8089188A7A}" = FRITZBox Anrufmonitor
"{5454085C-840F-4070-8FAA-441000028301}" = BioShock 2
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}" = msxml4
"{6592FDEC-2C1A-413A-9985-25FEC2F0848D}" = Star Wars Empire at War Forces of Corruption
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A490E11-6C8A-777C-4E00-43F3CC16A1EC}" = CCC Help English
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{766FF098-68AB-48BE-BF41-05708D178198}" = Wer wird Millionär
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{775DC704-AAE3-4A79-981F-EA1CBAF96EB7}" = Gothic III - Götterdämmerung
"{77919701-C3E7-09AA-D2F7-DBF42CD7C13D}" = Catalyst Control Center HydraVision Full
"{78B2F09F-BDC7-7865-CF4C-233B64A3BE51}" = Catalyst Control Center Graphics Full New
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): DAS SPIEL
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{886C92E6-4AF1-4290-BB86-4B5064A1BB7D}" = AMD Dual-Core Optimizer
"{888DD888-82BE-4D85-BCB2-2E042CD3E844}" = Tom Clancy's Splinter Cell Chaos Theory
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}" = Die Sims - Hokus Pokus
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4ED5256-CF3F-4DEA-9101-E2C87545478B}" = Gothic III - Götterdämmerung 1.0.6 Patch
"{A5101403-2C42-40E0-8D9E-5E49E7C3B89E}" = Tycoon City - New York
"{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BBF10B37-4ED3-11D5-A818-00500435FC18}" = Gothic
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C2980C98-B472-4C83-A944-B0CE3BAACBF5}" = Tunebite
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CF91A5A9-F10D-433D-A677-9505B84EAF1B}" = Stardock Impulse
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan
"{D241BBEC-B1C7-7953-EDDE-D90A654A8D2C}" = ccc-core-static
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D5C24E77-099E-9B84-5BE2-708E70B938A9}" = Catalyst Control Center Core Implementation
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC4757E2-BAE3-0BFE-C6E5-576CB911FF52}" = Catalyst Control Center Graphics Previews Vista
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E86BFD65-8287-4FF2-BC7D-808E70417A48}" = Monkey Island 2
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Anno 1404 Screensaver" = Anno 1404 Screensaver
"AVMWLANCLI" = AVM FRITZ!WLAN
"Battle of the Kings 3" = Battle of the Kings 3
"Battle of the Kings 3 Patch" = Battle of the Kings 3 Patch
"bgbennyboyCMIReplacementSetup_is1" = Curse Of Monkey Island
"BootSkin Vista (Free)" = BootSkin Vista (Free)
"Breitbildfix" = Breitbildfix
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"com.oskoui-oskoui.avatar" = AVATAR Interactive Desktop
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fake Webcam_is1" = Fake Webcam 6.1.3
"Flatcast_is1" = Flatcast Viewer Plugin 5.2.2.454
"Fraps" = Fraps (remove only)
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"G1_VistaSP1_BGM-Patch" = G1_VistaSP1_BGM-Patch
"G2-Classic-Mod" = G2-Classic-Mod
"G2-Fixed-Video-Portal_Raven.bik" = G2-Fixed-Video-Portal_Raven.bik
"G2MDK" = Gothic II - Modification Development Kit
"G2MDK - LP Mini Zuris Mod" = G2MDK - LP Mini Zuris Mod
"G3QP231012008_is1" = Questpaket 4 Update 1 Deinstallation
"Game Booster_is1" = Game Booster
"Google Chrome" = Google Chrome
"Gothic 3 Interaktive Komplettlösung" = Gothic 3 Interaktive Komplettlösung
"Gothic II" = Gothic II
"Gothic II - Die Nacht des Raben" = Gothic II - Die Nacht des Raben
"Gothic II Breitbildkamera-Patch" = Gothic II Breitbildkamera-Patch
"ICQToolbar" = ICQ Toolbar
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"Karibik Sprachausgabe_is1" = Karibik Sprachausgabe 1.0a
"LogonStudio Vista" = LogonStudio Vista
"Mafia Game" = Mafia Game
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSC" = McAfee SecurityCenter
"NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan (Symantec Corporation)
"PunkBusterSvc" = PunkBuster Services
"RADVideo" = RAD Video Tools
"Sarkeras - Artefakt der Ahnen" = Sarkeras - Artefakt der Ahnen
"ScummVM_is1" = ScummVM 0.13.1a
"Sprunk" = Sprunk Screen Saver
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"Stardock Impulse" = Stardock Impulse
"Startscreen Patch" = Startscreen Patch
"Steam App 130" = Half-Life: Blue Shift
"Steam App 20" = Team Fortress Classic
"Steam App 218" = Source SDK Base - Orange Box
"Steam App 220" = Half-Life 2
"Steam App 33310" = R.U.S.E. Beta
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"Steam App 50" = Opposing Force
"Steam App 50280" = Mafia II - Demo
"Steam App 70" = Half-Life
"Sumpfis Textur Patch" = Sumpfis Textur Patch
"The KMPlayer" = The KMPlayer (remove only)
"UEAW v4 " = UEAW v4 
"Uninstall_is1" = Uninstall 1.0.0.1
"VDF Manager für Gothic II_is1" = VDFManager v1.0.2
"Velaya Sprachausgabe_is1" = Velaya Sprachausgabe 1.00
"VLC media player" = VLC media player 1.0.5
"Weihnachtsmod 2008" = Weihnachtsmod 2008
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
"X in 1 Mod" = X in 1 Mod
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2C067478-457E-4066-8844-804FC5E686F0}" = 7Million
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"Dark Mysteries" = Dark Mysteries
"FileZilla Client" = FileZilla Client 3.3.1
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 09.08.2010 07:21:50 | Computer Name = Benutzer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 09.08.2010 07:21:50 | Computer Name = Benutzer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 09.08.2010 12:09:38 | Computer Name = Benutzer | Source = MsiInstaller | ID = 1013
Description = 
 
Error - 09.08.2010 12:14:22 | Computer Name = Benutzer | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.3855 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: e74  Anfangszeit: 01cb37ddbd731ef8  Zeitpunkt der Beendigung:
 8098
 
Error - 09.08.2010 17:51:15 | Computer Name = Benutzer | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung DAOrigins.exe, Version 1.0.9353.0, Zeitstempel
 0x4ab2529e, fehlerhaftes Modul DAOrigins.exe, Version 1.0.9353.0, Zeitstempel 0x4ab2529e,
 Ausnahmecode 0x40000015, Fehleroffset 0x0008d8fb,  Prozess-ID 0x1540, Anwendungsstartzeit
 01cb37e88b1c2f48.
 
Error - 10.08.2010 06:57:16 | Computer Name = Benutzer | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.08.2010 08:37:40 | Computer Name = Benutzer | Source = System Restore | ID = 8193
Description = 
 
Error - 10.08.2010 08:49:06 | Computer Name = Benutzer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 10.08.2010 08:49:06 | Computer Name = Benutzer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 10.08.2010 08:49:06 | Computer Name = Benutzer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
[ Media Center Events ]
Error - 15.12.2009 13:50:34 | Computer Name = Benutzer | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 17.12.2009 13:49:08 | Computer Name = Benutzer | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 26.12.2009 17:43:27 | Computer Name = Benutzer | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerAccumulate failed;
 Win32 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center
 Guide 
 
Error - 07.01.2010 17:16:19 | Computer Name = Benutzer | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 24.02.2010 16:34:56 | Computer Name = Benutzer | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 26.05.2010 16:40:09 | Computer Name = Benutzer | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 02.06.2010 17:37:10 | Computer Name = Benutzer | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 19.06.2010 11:08:01 | Computer Name = Benutzer | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 13.07.2010 12:48:09 | Computer Name = Benutzer | Source = Mcx2Dvcs | ID = 401
Description = 
 
Error - 13.07.2010 12:50:04 | Computer Name = Benutzer | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
[ System Events ]
Error - 19.08.2010 12:15:03 | Computer Name = Benutzer | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\ithsgt.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 19.08.2010 12:15:03 | Computer Name = Benutzer | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\lilsgt.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 19.08.2010 12:15:25 | Computer Name = Benutzer | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 19.08.2010 12:15:25 | Computer Name = Benutzer | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 20.08.2010 14:15:26 | Computer Name = Benutzer | Source = H**P | ID = 15016
Description = 
 
Error - 20.08.2010 14:15:28 | Computer Name = Benutzer | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\ithsgt.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 20.08.2010 14:15:28 | Computer Name = Benutzer | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\lilsgt.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 20.08.2010 14:17:03 | Computer Name = Benutzer | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 20.08.2010 14:17:03 | Computer Name = Benutzer | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 20.08.2010 14:21:33 | Computer Name = Benutzer | Source = Service Control Manager | ID = 7000
Description = 
 
[ TuneUp Events ]
Error - 19.08.2010 08:59:00 | Computer Name = Benutzer | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-08-19 14:59:00', '\device\harddiskvolume2\program
 files (x86)\malwarebytes' anti-malware\mbam.exe','2960',0)
 
Error - 19.08.2010 12:15:33 | Computer Name = Benutzer | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-08-19 18:15:33', '\device\harddiskvolume2\program
 files (x86)\malwarebytes' anti-malware\mbam.exe','4180',0)
 
 
< End of report >

--- --- ---

cosinus · 22.08.2010, 17:58

Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = h**p=127.0.0.1:6522
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O32 - AutoRun File - [2009.08.06 14:50:50 | 000,218,376 | R--- | M] () - I:\AutoStarter.exe -- [ CDFS ]
O32 - AutoRun File - [2009.07.20 15:07:04 | 000,003,496 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009.08.17 12:14:02 | 000,000,000 | ---D | M] - I:\autostarter -- [ CDFS ]
O33 - MountPoints2\{31cbf61c-5b6f-11df-8aac-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{31cbf61c-5b6f-11df-8aac-806e6f6e6963}\Shell\AutoRun\command - "" = L:\autorun.exe -- File not found
O33 - MountPoints2\{379994c6-3a50-11de-ac3f-002185948076}\Shell - "" = AutoRun
O33 - MountPoints2\{379994c6-3a50-11de-ac3f-002185948076}\Shell\AutoRun\command - "" = K:\pushinst.exe -- File not found
O33 - MountPoints2\{70473aeb-2eb3-11df-bcf2-002185948076}\Shell - "" = AutoRun
O33 - MountPoints2\{70473aeb-2eb3-11df-bcf2-002185948076}\Shell\AutoRun\command - "" = K:\pushinst.exe -- File not found
O33 - MountPoints2\{d436eb00-0cdb-11df-9277-001f3f016a7e}\Shell\AutoRun\command - "" = installer.exe
O33 - MountPoints2\{dc8ad5d8-a5c0-11dd-b7ca-002185948076}\Shell - "" = AutoRun
O33 - MountPoints2\{dc8ad5d8-a5c0-11dd-b7ca-002185948076}\Shell\AutoRun\command - "" = I:\AutoStarter.exe -- [2009.08.06 14:50:50 | 000,218,376 | R--- | M] ()
O33 - MountPoints2\{e8dc09f8-d2ec-11dd-a981-002185948076}\Shell - "" = AutoRun
O33 - MountPoints2\{e8dc09f8-d2ec-11dd-a981-002185948076}\Shell\AutoRun\command - "" = K:\pushinst.exe -- File not found
[2010.08.09 18:09:38 | 000,000,000 | ---D | C] -- C:\Windows\1C4551A64743409391E41477CD655043.TMP
@Alternate Data Stream - 477 bytes -> C:\ProgramData\TEMP:05EE1EEF
:Files
C:\Users\Benutzer\Desktop\*.dlc
:Commands
[purity]
[resethosts]
[emptytemp]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Shadowtroop · 23.08.2010, 21:44

Hier ist die Logfile

Zitat:

All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
File move failed. I:\AutoStarter.exe scheduled to be moved on reboot.
File move failed. I:\autorun.inf scheduled to be moved on reboot.
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31cbf61c-5b6f-11df-8aac-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31cbf61c-5b6f-11df-8aac-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31cbf61c-5b6f-11df-8aac-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31cbf61c-5b6f-11df-8aac-806e6f6e6963}\ not found.
File L:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{379994c6-3a50-11de-ac3f-002185948076}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{379994c6-3a50-11de-ac3f-002185948076}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{379994c6-3a50-11de-ac3f-002185948076}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{379994c6-3a50-11de-ac3f-002185948076}\ not found.
File K:\pushinst.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{70473aeb-2eb3-11df-bcf2-002185948076}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70473aeb-2eb3-11df-bcf2-002185948076}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{70473aeb-2eb3-11df-bcf2-002185948076}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70473aeb-2eb3-11df-bcf2-002185948076}\ not found.
File K:\pushinst.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d436eb00-0cdb-11df-9277-001f3f016a7e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d436eb00-0cdb-11df-9277-001f3f016a7e}\ not found.
File installer.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc8ad5d8-a5c0-11dd-b7ca-002185948076}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dc8ad5d8-a5c0-11dd-b7ca-002185948076}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc8ad5d8-a5c0-11dd-b7ca-002185948076}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dc8ad5d8-a5c0-11dd-b7ca-002185948076}\ not found.
File move failed. I:\AutoStarter.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e8dc09f8-d2ec-11dd-a981-002185948076}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e8dc09f8-d2ec-11dd-a981-002185948076}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e8dc09f8-d2ec-11dd-a981-002185948076}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e8dc09f8-d2ec-11dd-a981-002185948076}\ not found.
File K:\pushinst.exe not found.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder moved successfully.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
========== FILES ==========
File\Folder C:\Users\Benutzer\Desktop\*.dlc not found.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41625 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Benutzer
->Temp folder emptied: 4408488 bytes
->Temporary Internet Files folder emptied: 347974283 bytes
->Java cache emptied: 67661681 bytes
->FireFox cache emptied: 41003639 bytes
->Google Chrome cache emptied: 151873374 bytes
->Flash cache emptied: 156099 bytes

User: Mcx1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 274198 bytes
->Flash cache emptied: 41625 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7257066230 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 7.506,00 mb

OTL by OldTimer - Version 3.2.10.0 log created on 08232010_223311

Files\Folders moved on Reboot...
File move failed. I:\AutoStarter.exe scheduled to be moved on reboot.
File move failed. I:\autorun.inf scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
File\Folder C:\Windows\temp\mcafee_dOmOGhMr4zhr0Sc not found!
File\Folder C:\Windows\temp\mcafee_UcVHSWpmNoSF1wR not found!
File\Folder C:\Windows\temp\mcmsc_KhLmxYlytn3IkRR not found!
File\Folder C:\Windows\temp\mcmsc_MoBoCuX6Wenx1R3 not found!
File\Folder C:\Windows\temp\mcmsc_NsVZcGLLcbhwerT not found!
C:\Windows\temp\sqlite_dwhFCjAQ1FYRHbm moved successfully.
C:\Windows\temp\sqlite_Tv5ZNCGbseMrAIy moved successfully.
File\Folder C:\Windows\temp\WFV7BB4.tmp not found!
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MNSWH832\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L06SN8HM\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K1CJCIKS\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GUJ77HGH\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.

Registry entries deleted on Reboot...

cosinus · 24.08.2010, 11:19

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die Textbox.

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Shadowtroop · 25.08.2010, 10:25

Er macht nur eine OTL.txt
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 24.08.2010 19:21:57 - Run 3
OTL by OldTimer - Version 3.2.10.0     Folder = C:\Users\Benutzer\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 291,08 Gb Total Space | 12,16 Gb Free Space | 4,18% Space Free | Partition Type: NTFS
Drive D: | 291,09 Gb Total Space | 113,65 Gb Free Space | 39,04% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 3,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 123,23 Mb Total Space | 22,00 Mb Free Space | 17,85% Space Free | Partition Type: FAT
 
Computer Name: BENUTZER
Current User Name: Benutzer
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Benutzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
PRC - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
PRC - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Benutzer\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll (McAfee, Inc.)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\SysNative\TUProgSt.exe ()
SRV:64bit: - (TuneUp.Defrag) -- C:\Windows\SysNative\TuneUpDefragService.exe ()
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe ()
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll ()
SRV:64bit: - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SearchAnonymizer) -- C:\Users\Benutzer\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (DAUpdaterSvc) -- D:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (BUNAgentSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (McNASvc) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McODS) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
SRV - (McShield) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (McAfee, Inc.)
SRV - (MpfService) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (lilsgt) -- C:\Windows\SysNative\DRIVERS\lilsgt.sys File not found
DRV:64bit: - (ithsgt) -- C:\Windows\SysNative\DRIVERS\ithsgt.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\vmm.sys ()
DRV:64bit: - (RRNetCapMP) -- C:\Windows\SysNative\DRIVERS\rrnetcap.sys ()
DRV:64bit: - (RRNetCap) -- C:\Windows\SysNative\DRIVERS\rrnetcap.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys ()
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys ()
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys ()
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\DRIVERS\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\DRIVERS\lirsgt.sys ()
DRV:64bit: - (Si3531) -- C:\Windows\SysNative\DRIVERS\Si3531.sys ()
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys ()
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys ()
DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys ()
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys ()
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys ()
DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys ()
DRV:64bit: - (MPFP) -- C:\Windows\SysNative\Drivers\Mpfp.sys ()
DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\DRIVERS\VMNetSrv.sys ()
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\DRIVERS\fwlanusb.sys ()
DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys ()
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV:64bit: - (AmdTools64) -- C:\Windows\SysNative\DRIVERS\AmdTools64.sys ()
DRV:64bit: - (SI3112) -- C:\Windows\SysNative\DRIVERS\SI3112.sys ()
DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\DRIVERS\SiWinAcc.sys ()
DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\DRIVERS\SiRemFil.sys ()
DRV - (ithsgt) -- C:\Windows\SysWOW64\drivers\ithsgt.sys ()
DRV - (lilsgt) -- C:\Windows\SysWOW64\drivers\lilsgt.sys ()
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1008&m=aspire_g7200
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1008&m=aspire_g7200
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1008&m=aspire_g7200
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1008&m=aspire_g7200
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1008&m=aspire_g7200
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = h**p://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://w*w.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\100220859\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "h**p://w*w.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "h**p://w*w.google.de/ig?hl=de#restore"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1.1
FF - prefs.js..extensions.enabledItems: {c2db4fe6-8409-45ce-8010-189a7b5cce86}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "h**p://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.6&q="
FF - prefs.js..network.proxy.no_proxies_on: "fritz.box"
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010.06.24 13:02:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.05.09 17:38:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.27 12:14:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.27 12:14:52 | 000,000,000 | ---D | M]
 
[2009.06.19 19:29:01 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Extensions
[2009.05.10 13:59:33 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\extensions
[2009.05.10 13:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.08.12 16:51:26 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions
[2010.04.27 16:16:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.03 19:15:58 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.06.24 14:50:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.02.18 18:19:28 | 000,000,000 | ---D | M] (NCH Toolbar) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}
[2010.06.03 22:38:09 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009.07.15 13:47:50 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\extensions\pennerbar3@pennergame.de
[2010.08.11 19:14:33 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-1.xml
[2010.04.03 17:31:55 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-2.xml
[2010.06.27 02:29:53 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-3.xml
[2010.06.27 14:37:41 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-4.xml
[2010.07.21 19:57:54 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-5.xml
[2010.07.27 12:15:46 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-6.xml
[2010.07.27 21:25:19 | 000,000,950 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin-7.xml
[2010.02.20 10:00:47 | 000,001,055 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\icqplugin.xml
[2010.02.20 10:00:47 | 000,001,834 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\{18416856-C11F-4168-ADCA-A9B6F1B0A03B}.xml
[2010.02.20 10:00:47 | 000,002,152 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\{4361A5E0-1FEE-4E92-84CE-F2A7C0BEDBAE}.xml
[2010.02.20 10:00:47 | 000,002,041 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\Mozilla\Firefox\Profiles\hzbx46ix.default\searchplugins\{C672D396-656E-4C36-BD16-D8EAD9676C9E}.xml
[2010.07.11 00:33:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.07.02 12:41:10 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.09.21 11:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll
[2010.03.12 20:29:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.03.12 20:29:26 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.03.12 20:29:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.03.12 20:29:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.03.12 20:29:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
[2010.01.29 15:39:21 | 000,002,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zwunzi138.xml
[2010.01.30 13:05:58 | 000,002,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zwunzi141.xml
[2010.03.02 21:38:15 | 000,002,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zwunzi143.xml
[2010.03.11 16:21:52 | 000,002,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zwunzi145.xml
[2010.03.16 15:54:11 | 000,002,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zwunzi147.xml
 
O1 HOSTS File: ([2010.08.23 22:33:35 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~2\mcafee\msk\MCAPBH~1.DLL ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~2\mcafee\msk\mcapbho.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll (Google Germany GmbH)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\100220859\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll (Google Germany GmbH)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Lau File not found
O4:64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Benutzer\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\amd_dc_opt\amd_dc_opt.exe ()
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [BkupTray] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files (x86)\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Programme (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found
O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 [2010.06.06 18:15:38 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2010.06.06 18:15:38 | 000,000,000 | ---D | M]
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI1933~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI1933~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} h**p://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} h**p://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Benutzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.08.06 14:50:50 | 000,218,376 | R--- | M] () - I:\AutoStarter.exe -- [ CDFS ]
O32 - AutoRun File - [2009.07.20 15:07:04 | 000,003,496 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009.08.17 12:14:02 | 000,000,000 | ---D | M] - I:\autostarter -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll ()
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - C:\Program Files (x86)\PixiePack Codec Pack\InstallerHelper.exe
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll ()
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.IV41 - C:\Windows\SysWow64\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010.08.23 22:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.08.23 22:33:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.08.20 20:40:14 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\OTL.exe
[2010.08.19 14:53:27 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Malwarebytes
[2010.08.19 14:53:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.08.19 14:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.08.19 14:53:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.14 01:35:42 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\mvaxgmbeg
[2010.08.14 01:35:42 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\mvaxgmbeg
[2010.08.14 01:35:28 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\Windows Server
[2010.08.10 14:38:31 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\2K Games
[2010.08.09 19:28:19 | 000,088,064 | ---- | C] (KelSat Presents) -- C:\Users\Benutzer\Desktop\Dragon_Age_Origins_V1.0_Plus_8_Trainer_By_KelSat.exe
[2010.08.09 00:40:47 | 000,067,584 | ---- | C] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe
[2010.08.07 01:20:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\fwc
[2010.08.07 01:16:04 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\SeriousBit
[2010.08.04 19:35:02 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Documents\StarCraft II
[2010.08.04 19:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.08.04 19:35:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.07.27 21:16:35 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\Szene
[2010.07.22 00:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gothic III
[2010.07.21 21:38:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010.07.21 21:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010.07.21 21:35:44 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\Data
[2010.07.21 21:02:28 | 684,857,718 | ---- | C] (Humanforce                                                  ) -- C:\Users\Benutzer\Desktop\G3_Questpaket_4_Update1_Vollversion.exe
[2010.07.21 19:56:28 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Documents\gothic3
[2010.07.20 19:13:59 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Flatcast
[2010.07.15 18:58:07 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\Day Of The Tentacle
[2010.07.15 14:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.07.15 14:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010.07.15 14:22:06 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\Apple
[2010.07.15 14:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010.07.15 14:22:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.07.15 02:02:25 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\Axialis
[2010.07.13 01:42:41 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\gosi
[2010.07.13 01:22:24 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\BootSkinVista
[2010.07.13 01:17:23 | 000,567,040 | ---- | C] (Stardock.Net, Inc) -- C:\Windows\SysWow64\wbocx.ocx
[2010.07.13 01:17:23 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\Windows\SysWow64\wbhelp2.dll
[2010.07.11 12:37:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock
[2010.07.11 12:36:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2C0895CF-C7CF-4FF0-B3B8-C0518C9E3418}
[2010.07.11 00:41:26 | 000,029,000 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2010.07.11 00:41:25 | 000,017,224 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2010.07.11 00:41:14 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\TuneUp Software
[2010.07.11 00:40:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2009
[2010.07.11 00:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010.07.11 00:39:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
[2010.07.02 14:00:47 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Documents\CAPCOM
[2010.07.02 12:45:33 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\skypePM
[2010.07.02 12:41:21 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Skype
[2010.07.02 12:40:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.07.02 12:40:52 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.07.02 12:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.06.30 20:22:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Futuremark Shared
[2010.06.27 14:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2010.06.27 14:38:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2010.06.20 16:10:50 | 000,864,535 | ---- | C] (w*w.sicheats.com) -- C:\Users\Benutzer\Desktop\Mass Effect 2 Trainer +9 v1.2.exe
[2010.06.19 14:16:23 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\log
[2010.06.19 13:37:33 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\Cryptload
[2010.06.19 13:36:45 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\Dokumente
[2010.06.19 13:34:38 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\DLCs
[2010.06.19 13:33:53 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\Präsentationen
[2010.06.13 13:38:45 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\src
[2010.06.12 11:34:31 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\Aspyr
[2010.06.08 21:24:07 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Real
[2010.06.08 21:07:57 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\GrabPro
[2010.06.08 21:07:54 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Roaming\Orbit
[2010.06.06 18:14:11 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\2
[2010.06.06 16:38:46 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\Adobe PhotoShop 4
[2010.05.29 18:00:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PixiePack Codec Pack
[2010.05.29 17:57:43 | 000,000,000 | ---D | C] -- C:\ProgramData\RapidSolution
[2010.05.29 17:57:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RapidSolution
[2010.05.29 17:55:58 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\AppData\Local\RapidSolution
[2010.05.29 17:28:59 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\.mediathek
[2010.05.27 17:53:18 | 000,013,312 | ---- | C] (Loghain) -- C:\Users\Benutzer\Desktop\giveme2entitlements.exe
[2010.05.27 17:39:12 | 016,405,736 | ---- | C] (BioWare) -- C:\Users\Benutzer\Desktop\MassEffect2.exe
[2010.05.27 17:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAMN NFO Viewer
[2010.05.26 21:44:33 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\settings
[2010.05.26 21:43:40 | 000,143,360 | ---- | C] (h**p://cryptload.info) -- C:\Users\Benutzer\Desktop\RouterClient.exe
[2010.05.26 21:43:40 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\tools
[2010.05.26 21:43:38 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\router
[2010.05.26 21:43:36 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\plugins
[2010.05.26 21:43:35 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\ocr
[2010.05.26 21:43:35 | 000,000,000 | ---D | C] -- C:\Users\Benutzer\Desktop\lang
[2010.05.26 21:43:34 | 007,758,840 | ---- | C] (h**p://cryptload.info) -- C:\Users\Benutzer\Desktop\CryptLoad.exe
[2008.07.22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[1 C:\Users\Benutzer\AppData\Local\*.tmp files -> C:\Users\Benutzer\AppData\Local\*.tmp -> ]
 
========== Files - Modified Within 90 Days ==========
 
[2010.08.24 19:19:55 | 004,194,304 | -HS- | M] () -- C:\Users\Benutzer\ntuser.dat
[2010.08.24 19:00:01 | 000,000,534 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2010.08.24 18:31:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.24 17:34:41 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.24 17:34:41 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.24 16:49:38 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1D071076-F2AF-41E4-B583-9EA0DFF434F7}.job
[2010.08.24 11:37:40 | 000,069,089 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2010.08.24 11:35:11 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.24 11:34:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010.08.24 11:34:41 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.24 11:34:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.24 02:47:26 | 000,524,288 | -HS- | M] () -- C:\Users\Benutzer\ntuser.dat{283ba2f3-2246-11df-9ec0-001f3f016a7e}.TMContainer00000000000000000001.regtrans-ms
[2010.08.24 02:47:26 | 000,065,536 | -HS- | M] () -- C:\Users\Benutzer\ntuser.dat{283ba2f3-2246-11df-9ec0-001f3f016a7e}.TM.blf
[2010.08.24 02:47:23 | 003,352,709 | -H-- | M] () -- C:\Users\Benutzer\AppData\Local\IconCache.db
[2010.08.20 20:37:48 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Benutzer\Desktop\OTL.exe
[2010.08.19 14:53:16 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.14 17:44:27 | 000,001,356 | ---- | M] () -- C:\Users\Benutzer\AppData\Local\d3d9caps.dat
[2010.08.14 09:36:13 | 001,474,308 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.14 09:36:13 | 000,640,648 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.08.14 09:36:13 | 000,605,240 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.14 09:36:13 | 000,131,728 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.08.14 09:36:13 | 000,108,572 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.08.14 01:32:19 | 000,072,192 | ---- | M] () -- C:\Users\Benutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.12 03:33:39 | 000,374,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.09 18:11:30 | 000,000,701 | ---- | M] () -- C:\Users\Benutzer\Desktop\DAOriginsLauncher - Verknüpfung.lnk
[2010.08.09 18:09:27 | 000,000,701 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age Origins.lnk
[2010.08.09 13:26:31 | 000,032,816 | ---- | M] () -- C:\Users\Benutzer\Desktop\Dragon.Age.Origins.GERMAN-GWAREZ_4349_-vd08l1lgwtec.dlc
[2010.08.09 13:18:56 | 508,944,720 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.08.09 01:01:20 | 000,006,128 | ---- | M] () -- C:\Users\Benutzer\Desktop\-c45ef05182624425a4b9e86cb922aac5.dlc-
[2010.08.09 00:40:49 | 000,012,693 | ---- | M] () -- C:\Windows\scunin.dat
[2010.08.09 00:40:47 | 000,067,584 | ---- | M] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe
[2010.08.09 00:40:47 | 000,000,967 | ---- | M] () -- C:\Windows\ScUnin.pif
[2010.08.06 23:38:09 | 000,003,184 | ---- | M] () -- C:\Users\Benutzer\Desktop\StarCraft.Brood.War.GERMAN-GWAREZ_2024_-xz9al1lk0icx3.dlc
[2010.08.05 14:08:24 | 000,000,691 | ---- | M] () -- C:\Users\Benutzer\Desktop\StarCraft II - Verknüpfung.lnk
[2010.08.04 14:40:56 | 000,010,205 | ---- | M] () -- C:\Users\Benutzer\Desktop\Rapid.docx
[2010.08.04 14:35:57 | 000,027,460 | ---- | M] () -- C:\Users\Benutzer\Desktop\Starcraft.II.Wings.of.Liberty.GERMAN-0x0007_5249_-lbquf6lisb7d8.dlc
[2010.07.28 22:39:08 | 000,009,941 | ---- | M] () -- C:\Users\Benutzer\Desktop\hallo.docx
[2010.07.22 14:07:06 | 000,008,224 | ---- | M] () -- C:\Windows\SysNative\GDIPFONTCACHEV1.DAT
[2010.07.22 14:06:00 | 000,100,864 | ---- | M] () -- C:\Users\Benutzer\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.22 03:05:54 | 000,000,219 | ---- | M] () -- C:\Windows\win.ini
[2010.07.21 21:38:24 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.07.21 19:55:58 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III starten.lnk
[2010.07.21 19:18:42 | 000,000,026 | ---- | M] () -- C:\Users\Benutzer\Desktop\mds.ini
[2010.07.20 19:15:00 | 000,001,222 | ---- | M] () -- C:\Windows\unins000.dat
[2010.07.20 19:14:57 | 000,695,578 | ---- | M] () -- C:\Windows\unins000.exe
[2010.07.17 15:00:36 | 001,265,224 | ---- | M] () -- C:\Program.RPT
[2010.07.17 00:15:17 | 001,995,264 | ---- | M] () -- C:\Users\Benutzer\Desktop\ehthumbs_vista.db
[2010.07.15 14:23:55 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.07.15 00:59:59 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2010.07.13 17:58:12 | 000,146,944 | ---- | M] () -- C:\Users\Benutzer\Desktop\WM Endrunde 2010.xls
[2010.07.13 01:38:36 | 000,119,673 | ---- | M] () -- C:\Users\Benutzer\Desktop\Umbrella_Corporation_Dock_Icon_by_SilentBang.png
[2010.07.13 01:31:09 | 000,319,440 | ---- | M] () -- C:\Users\Benutzer\Desktop\30565.jpg
[2010.07.13 01:24:46 | 000,076,597 | ---- | M] () -- C:\Users\Benutzer\Desktop\umbrella_corp_by_kevfilth.jpg
[2010.07.13 01:18:38 | 023,834,624 | ---- | M] () -- C:\Windows\SysNative\imageres.dll
[2010.07.13 01:17:23 | 000,001,167 | ---- | M] () -- C:\Users\Benutzer\Desktop\LogonStudio Vista.lnk
[2010.07.13 01:00:23 | 000,011,985 | ---- | M] () -- C:\Users\Benutzer\Desktop\ResidentEvil.bootskin
[2010.07.11 01:17:02 | 000,000,796 | ---- | M] () -- C:\Users\Benutzer\Desktop\Launcher - Verknüpfung.lnk
[2010.07.11 00:41:33 | 000,842,056 | ---- | M] () -- C:\Windows\SysNative\TUProgSt.exe
[2010.07.11 00:41:15 | 000,506,696 | ---- | M] () -- C:\Windows\SysNative\TuneUpDefragService.exe
[2010.07.11 00:41:11 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.07.11 00:41:10 | 000,001,669 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2009.lnk
[2010.07.06 19:50:58 | 000,010,000 | ---- | M] () -- C:\Users\Benutzer\Documents\rftlp77.docx
[2010.07.02 12:45:34 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.07.02 12:40:54 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.07.02 10:13:03 | 000,001,773 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010.07.02 10:13:03 | 000,001,771 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010.06.30 20:23:07 | 000,466,456 | ---- | M] () -- C:\Windows\SysNative\wrap_oal.dll
[2010.06.30 20:23:07 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.06.30 20:23:07 | 000,122,904 | ---- | M] () -- C:\Windows\SysNative\OpenAL32.dll
[2010.06.30 20:23:07 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.06.26 08:28:41 | 000,243,712 | ---- | M] () -- C:\Windows\SysNative\occache.dll
[2010.06.26 08:26:43 | 000,706,048 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll
[2010.06.26 08:26:05 | 001,538,560 | ---- | M] () -- C:\Windows\SysNative\inetcpl.cpl
[2010.06.26 08:25:54 | 002,335,744 | ---- | M] () -- C:\Windows\SysNative\iertutil.dll
[2010.06.26 08:25:54 | 000,219,136 | ---- | M] () -- C:\Windows\SysNative\ieui.dll
[2010.06.26 08:25:54 | 000,132,096 | ---- | M] () -- C:\Windows\SysNative\iesysprep.dll
[2010.06.26 08:25:54 | 000,077,312 | ---- | M] () -- C:\Windows\SysNative\iesetup.dll
[2010.06.26 08:25:53 | 000,252,416 | ---- | M] () -- C:\Windows\SysNative\iepeers.dll
[2010.06.26 08:25:53 | 000,072,192 | ---- | M] () -- C:\Windows\SysNative\iernonce.dll
[2010.06.26 06:47:47 | 000,162,816 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe
[2010.06.26 06:47:29 | 000,070,656 | ---- | M] () -- C:\Windows\SysNative\ie4uinit.exe
[2010.06.26 06:46:54 | 000,012,288 | ---- | M] () -- C:\Windows\SysNative\msfeedssync.exe
[2010.06.21 19:44:49 | 000,000,742 | ---- | M] () -- C:\Users\Benutzer\Desktop\FarCry2 - Verknüpfung.lnk
[2010.06.20 16:10:50 | 000,864,535 | ---- | M] (w*w.sicheats.com) -- C:\Users\Benutzer\Desktop\Mass Effect 2 Trainer +9 v1.2.exe
[2010.06.20 13:00:27 | 002,349,056 | ---- | M] () -- C:\Users\Benutzer\Desktop\Entstehung des Waldes bio refa.ppt
[2010.06.20 11:26:55 | 000,000,807 | ---- | M] () -- C:\Users\Benutzer\Desktop\Mass Effect 2.lnk
[2010.06.19 14:13:06 | 000,002,584 | ---- | M] () -- C:\Users\Benutzer\Desktop\ME2DLCs.dlc
[2010.06.19 14:12:31 | 000,004,740 | ---- | M] () -- C:\Users\Benutzer\Desktop\ME2DLC.dlc
[2010.06.18 19:17:49 | 000,050,688 | ---- | M] () -- C:\Windows\SysNative\rtutils.dll
[2010.06.17 20:47:06 | 022,475,937 | ---- | M] () -- C:\Users\Benutzer\Desktop\55.wmv
[2010.06.17 17:15:09 | 000,002,707 | ---- | M] () -- C:\Users\Benutzer\Desktop\Microsoft Office PowerPoint 2007.lnk
[2010.06.08 19:47:14 | 004,690,832 | ---- | M] () -- C:\Windows\SysNative\ntoskrnl.exe
[2010.06.02 04:55:30 | 000,518,488 | ---- | M] () -- C:\Windows\SysNative\XAudio2_7.dll
[2010.06.02 04:55:30 | 000,176,984 | ---- | M] () -- C:\Windows\SysNative\xactengine3_7.dll
[2010.06.02 04:55:30 | 000,077,656 | ---- | M] () -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010.05.31 15:15:25 | 000,030,549 | ---- | M] () -- C:\Users\Benutzer\Documents\zustellungscode.rtf
[1 C:\Users\Benutzer\AppData\Local\*.tmp files -> C:\Users\Benutzer\AppData\Local\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.19 14:53:16 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.19 14:53:13 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010.08.11 20:18:04 | 001,420,176 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.08.11 20:17:59 | 000,462,848 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2010.08.11 20:17:59 | 000,174,592 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2010.08.11 20:17:56 | 002,749,952 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2010.08.11 20:17:53 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\rtutils.dll
[2010.08.11 20:17:48 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2010.08.11 20:17:35 | 009,250,816 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2010.08.11 20:17:33 | 012,473,344 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2010.08.11 20:17:32 | 002,335,744 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2010.08.11 20:17:28 | 001,487,360 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2010.08.11 20:17:27 | 001,147,904 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2010.08.11 20:17:26 | 000,706,048 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2010.08.11 20:17:26 | 000,459,776 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2010.08.11 20:17:25 | 000,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2010.08.11 20:17:24 | 001,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2010.08.11 20:17:24 | 000,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2010.08.11 20:17:24 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll
[2010.08.11 20:17:24 | 000,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll
[2010.08.11 20:17:23 | 000,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll
[2010.08.11 20:17:23 | 000,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2010.08.11 20:17:22 | 001,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl
[2010.08.11 20:17:21 | 000,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2010.08.11 20:17:21 | 000,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll
[2010.08.11 20:17:20 | 000,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll
[2010.08.11 20:17:18 | 000,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe
[2010.08.11 20:17:18 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe
[2010.08.11 20:17:17 | 001,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2010.08.11 20:17:14 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll
[2010.08.11 20:17:09 | 000,343,040 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2010.08.10 14:37:36 | 000,518,488 | ---- | C] () -- C:\Windows\SysNative\XAudio2_7.dll
[2010.08.10 14:37:36 | 000,077,656 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010.08.10 14:37:34 | 000,176,984 | ---- | C] () -- C:\Windows\SysNative\xactengine3_7.dll
[2010.08.10 14:37:31 | 002,526,056 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010.08.10 14:37:29 | 001,907,552 | ---- | C] () -- C:\Windows\SysNative\d3dcsx_43.dll
[2010.08.10 14:37:26 | 000,276,832 | ---- | C] () -- C:\Windows\SysNative\d3dx11_43.dll
[2010.08.10 14:37:24 | 000,511,328 | ---- | C] () -- C:\Windows\SysNative\d3dx10_43.dll
[2010.08.10 14:37:21 | 002,401,112 | ---- | C] () -- C:\Windows\SysNative\D3DX9_43.dll
[2010.08.10 14:37:17 | 000,530,776 | ---- | C] () -- C:\Windows\SysNative\XAudio2_6.dll
[2010.08.10 14:37:17 | 000,078,680 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010.08.10 14:37:14 | 000,176,984 | ---- | C] () -- C:\Windows\SysNative\xactengine3_6.dll
[2010.08.10 14:37:11 | 000,024,920 | ---- | C] () -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010.08.09 18:11:30 | 000,000,701 | ---- | C] () -- C:\Users\Benutzer\Desktop\DAOriginsLauncher - Verknüpfung.lnk
[2010.08.09 18:09:27 | 000,000,701 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age Origins.lnk
[2010.08.09 13:26:31 | 000,032,816 | ---- | C] () -- C:\Users\Benutzer\Desktop\Dragon.Age.Origins.GERMAN-GWAREZ_4349_-vd08l1lgwtec.dlc
[2010.08.09 01:01:20 | 000,006,128 | ---- | C] () -- C:\Users\Benutzer\Desktop\-c45ef05182624425a4b9e86cb922aac5.dlc-
[2010.08.09 00:40:49 | 000,012,693 | ---- | C] () -- C:\Windows\scunin.dat
[2010.08.09 00:40:47 | 000,000,967 | ---- | C] () -- C:\Windows\ScUnin.pif
[2010.08.07 01:15:54 | 000,015,867 | ---- | C] () -- C:\Windows\SysNative\Empty.ico
[2010.08.06 23:38:06 | 000,003,184 | ---- | C] () -- C:\Users\Benutzer\Desktop\StarCraft.Brood.War.GERMAN-GWAREZ_2024_-xz9al1lk0icx3.dlc
[2010.08.05 14:08:24 | 000,000,691 | ---- | C] () -- C:\Users\Benutzer\Desktop\StarCraft II - Verknüpfung.lnk
[2010.08.04 14:40:55 | 000,010,205 | ---- | C] () -- C:\Users\Benutzer\Desktop\Rapid.docx
[2010.08.04 14:35:56 | 000,027,460 | ---- | C] () -- C:\Users\Benutzer\Desktop\Starcraft.II.Wings.of.Liberty.GERMAN-0x0007_5249_-lbquf6lisb7d8.dlc
[2010.08.04 14:33:00 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll
[2010.07.28 22:39:07 | 000,009,941 | ---- | C] () -- C:\Users\Benutzer\Desktop\hallo.docx
[2010.07.21 21:43:19 | 000,270,208 | ---- | C] () -- C:\Windows\SysNative\MpSigStub.exe
[2010.07.21 21:38:24 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.07.21 19:55:58 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III starten.lnk
[2010.07.21 19:18:42 | 000,000,026 | ---- | C] () -- C:\Users\Benutzer\Desktop\mds.ini
[2010.07.20 19:13:59 | 000,695,578 | ---- | C] () -- C:\Windows\unins000.exe
[2010.07.20 19:13:59 | 000,001,222 | ---- | C] () -- C:\Windows\unins000.dat
[2010.07.20 17:13:50 | 000,001,800 | ---- | C] () -- C:\Users\Benutzer\Desktop\G3_Armor_Helm_Myrtana_01_A.xshmat
[2010.07.15 14:23:55 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.07.13 01:38:35 | 000,119,673 | ---- | C] () -- C:\Users\Benutzer\Desktop\Umbrella_Corporation_Dock_Icon_by_SilentBang.png
[2010.07.13 01:31:08 | 000,319,440 | ---- | C] () -- C:\Users\Benutzer\Desktop\30565.jpg
[2010.07.13 01:24:46 | 000,076,597 | ---- | C] () -- C:\Users\Benutzer\Desktop\umbrella_corp_by_kevfilth.jpg
[2010.07.13 01:18:38 | 023,834,624 | ---- | C] () -- C:\Windows\SysNative\imageres.dll
[2010.07.13 01:17:23 | 000,001,167 | ---- | C] () -- C:\Users\Benutzer\Desktop\LogonStudio Vista.lnk
[2010.07.13 01:00:23 | 000,011,985 | ---- | C] () -- C:\Users\Benutzer\Desktop\ResidentEvil.bootskin
[2010.07.11 01:17:02 | 000,000,796 | ---- | C] () -- C:\Users\Benutzer\Desktop\Launcher - Verknüpfung.lnk
[2010.07.11 00:59:53 | 000,561,985 | ---- | C] () -- C:\Users\Benutzer\Desktop\Umbrella_Corporation2.jpg
[2010.07.11 00:59:53 | 000,075,126 | ---- | C] () -- C:\Users\Benutzer\Desktop\Umbrella_Corporation.jpg
[2010.07.11 00:59:53 | 000,012,335 | ---- | C] () -- C:\Users\Benutzer\Desktop\umbrella.bootskin
[2010.07.11 00:42:07 | 000,000,534 | ---- | C] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2010.07.11 00:41:33 | 000,842,056 | ---- | C] () -- C:\Windows\SysNative\TUProgSt.exe
[2010.07.11 00:41:26 | 000,035,144 | ---- | C] () -- C:\Windows\SysNative\uxtuneup.dll
[2010.07.11 00:41:26 | 000,020,808 | ---- | C] () -- C:\Windows\SysNative\authuitu.dll
[2010.07.11 00:41:15 | 000,506,696 | ---- | C] () -- C:\Windows\SysNative\TuneUpDefragService.exe
[2010.07.11 00:41:11 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.07.11 00:41:10 | 000,001,669 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2009.lnk
[2010.07.06 19:50:57 | 000,010,000 | ---- | C] () -- C:\Users\Benutzer\Documents\rftlp77.docx
[2010.07.02 12:45:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.07.02 12:40:54 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.06.30 20:23:07 | 000,466,456 | ---- | C] () -- C:\Windows\SysNative\wrap_oal.dll
[2010.06.30 20:23:07 | 000,122,904 | ---- | C] () -- C:\Windows\SysNative\OpenAL32.dll
[2010.06.27 14:38:53 | 000,001,773 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010.06.27 14:38:53 | 000,001,771 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010.06.26 10:27:33 | 000,101,376 | ---- | C] () -- C:\Windows\SysNative\MSNP.ax
[2010.06.26 10:27:32 | 000,227,328 | ---- | C] () -- C:\Windows\SysNative\mpg2splt.ax
[2010.06.26 10:27:26 | 000,375,808 | ---- | C] () -- C:\Windows\SysNative\psisdecd.dll
[2010.06.26 10:27:25 | 000,558,592 | ---- | C] () -- C:\Windows\SysNative\EncDec.dll
[2010.06.26 10:27:25 | 000,289,792 | ---- | C] () -- C:\Windows\SysNative\psisrndr.ax
[2010.06.26 10:27:00 | 001,942,856 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll
[2010.06.26 10:27:00 | 000,444,752 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll
[2010.06.26 10:27:00 | 000,320,352 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe
[2010.06.26 10:27:00 | 000,109,912 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010.06.26 10:27:00 | 000,048,960 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll
[2010.06.24 13:09:22 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll
[2010.06.24 13:09:19 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2010.06.21 19:44:49 | 000,000,742 | ---- | C] () -- C:\Users\Benutzer\Desktop\FarCry2 - Verknüpfung.lnk
[2010.06.20 12:54:21 | 002,349,056 | ---- | C] () -- C:\Users\Benutzer\Desktop\Entstehung des Waldes bio refa.ppt
[2010.06.20 11:26:55 | 000,000,807 | ---- | C] () -- C:\Users\Benutzer\Desktop\Mass Effect 2.lnk
[2010.06.19 14:13:02 | 000,002,584 | ---- | C] () -- C:\Users\Benutzer\Desktop\ME2DLCs.dlc
[2010.06.19 14:12:27 | 000,004,740 | ---- | C] () -- C:\Users\Benutzer\Desktop\ME2DLC.dlc
[2010.06.17 20:45:59 | 022,475,937 | ---- | C] () -- C:\Users\Benutzer\Desktop\55.wmv
[2010.06.17 17:15:09 | 000,002,707 | ---- | C] () -- C:\Users\Benutzer\Desktop\Microsoft Office PowerPoint 2007.lnk
[2010.06.11 16:21:41 | 000,146,944 | ---- | C] () -- C:\Users\Benutzer\Desktop\WM Endrunde 2010.xls
[2010.06.10 13:21:47 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2010.06.10 13:21:44 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2010.06.10 13:20:52 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll
[2010.06.10 13:20:45 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll
[2010.06.07 20:25:03 | 000,817,664 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2010.06.07 18:47:57 | 000,612,864 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2010.06.06 13:44:05 | 000,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2010.06.06 13:44:05 | 000,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2010.06.06 13:39:31 | 000,088,064 | ---- | C] () -- C:\Windows\SysNative\admparse.dll
[2010.06.06 13:39:30 | 000,161,792 | ---- | C] () -- C:\Windows\SysNative\advpack.dll
[2010.06.06 13:39:30 | 000,085,504 | ---- | C] () -- C:\Windows\SysNative\icardie.dll
[2010.06.06 13:39:30 | 000,022,528 | ---- | C] () -- C:\Windows\SysNative\corpol.dll
[2010.06.06 13:39:29 | 000,223,232 | ---- | C] () -- C:\Windows\SysNative\msls31.dll
[2010.06.06 13:39:29 | 000,157,696 | ---- | C] () -- C:\Windows\SysNative\ieakeng.dll
[2010.06.06 13:39:28 | 000,077,824 | ---- | C] () -- C:\Windows\SysNative\tdc.ocx
[2010.06.06 13:39:27 | 000,125,952 | ---- | C] () -- C:\Windows\SysNative\inseng.dll
[2010.06.06 13:39:27 | 000,076,288 | ---- | C] () -- C:\Windows\SysNative\wextract.exe
[2010.06.06 13:39:27 | 000,055,808 | ---- | C] () -- C:\Windows\SysNative\licmgr10.dll
[2010.06.06 13:39:27 | 000,052,736 | ---- | C] () -- C:\Windows\SysNative\imgutil.dll
[2010.06.06 13:39:26 | 000,063,488 | ---- | C] () -- C:\Windows\SysNative\pngfilt.dll
[2010.06.06 13:39:25 | 000,481,280 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2010.06.06 13:39:24 | 000,508,416 | ---- | C] () -- C:\Windows\SysNative\dxtmsft.dll
[2010.06.06 13:39:23 | 000,318,464 | ---- | C] () -- C:\Windows\SysNative\dxtrans.dll
[2010.06.06 13:39:23 | 000,096,768 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2010.06.06 13:39:22 | 000,304,640 | ---- | C] () -- C:\Windows\SysNative\webcheck.dll
[2010.06.06 13:39:22 | 000,271,872 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2010.06.06 13:39:22 | 000,241,664 | ---- | C] () -- C:\Windows\SysNative\msrating.dll
[2010.06.06 13:39:22 | 000,163,840 | ---- | C] () -- C:\Windows\SysNative\ieakui.dll
[2010.06.06 13:39:21 | 000,278,528 | ---- | C] () -- C:\Windows\SysNative\WinFXDocObj.exe
[2010.06.06 13:39:21 | 000,131,584 | ---- | C] () -- C:\Windows\SysNative\PDMSetup.exe
[2010.06.06 13:39:21 | 000,129,024 | ---- | C] () -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2010.06.06 13:39:21 | 000,128,512 | ---- | C] () -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2010.06.06 13:39:21 | 000,125,440 | ---- | C] () -- C:\Windows\SysNative\SetDepNx.exe
[2010.06.06 13:39:21 | 000,041,984 | ---- | C] () -- C:\Windows\SysNative\mshta.exe
[2010.06.06 13:39:20 | 000,108,032 | ---- | C] () -- C:\Windows\SysNative\url.dll
[2010.06.06 13:39:20 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\mshtmler.dll
[2010.06.06 13:39:19 | 000,479,744 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2010.06.06 13:39:18 | 003,698,584 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dat
[2010.06.06 13:39:18 | 000,193,536 | ---- | C] () -- C:\Windows\SysNative\iexpress.exe
[2010.05.26 22:38:21 | 001,995,264 | ---- | C] () -- C:\Users\Benutzer\Desktop\ehthumbs_vista.db
[2010.05.01 01:40:43 | 000,000,096 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\fusioncache.dat
[2010.04.30 16:35:31 | 001,479,426 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.04.04 18:37:32 | 000,412,420 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistMSI70F4.txt
[2010.04.04 18:37:32 | 000,011,426 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistUI70F4.txt
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.03.09 22:21:14 | 000,003,403 | ---- | C] () -- C:\Windows\messer.ini
[2010.03.09 16:05:09 | 000,422,578 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistMSI0CDE.txt
[2010.03.09 16:05:09 | 000,011,440 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistUI0CDE.txt
[2010.03.08 22:55:13 | 000,000,784 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2010.01.28 16:37:44 | 000,001,356 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\d3d9caps.dat
[2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.07 19:25:32 | 000,162,432 | ---- | C] () -- C:\Windows\SysWow64\drivers\ithsgt.sys
[2009.11.07 19:25:32 | 000,012,032 | ---- | C] () -- C:\Windows\SysWow64\drivers\lilsgt.sys
[2009.08.04 22:45:13 | 000,000,000 | ---- | C] () -- C:\Windows\zSpy.INI
[2009.06.29 18:21:12 | 000,419,930 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistMSI3D59.txt
[2009.06.29 18:21:12 | 000,011,410 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_vcredistUI3D59.txt
[2009.06.11 22:06:51 | 000,613,652 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_NET_Framework35_LangPack_MSI6BA9.txt
[2009.06.11 22:06:39 | 000,077,308 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx35install_lp.txt
[2009.06.11 22:06:39 | 000,000,002 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx35error_lp.txt
[2009.06.11 22:05:35 | 001,881,352 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_NET_Framework35_x64_MSI6AB1.txt
[2009.06.11 21:50:43 | 000,232,410 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2009.06.11 21:50:38 | 000,228,168 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx35install.txt
[2009.06.11 21:50:38 | 000,000,002 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx35error.txt
[2009.05.15 22:00:39 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009.05.07 16:20:37 | 000,069,382 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_depcheckdotnetfx30.txt
[2009.05.07 16:20:29 | 000,056,334 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx3install.txt
[2009.05.07 16:20:29 | 000,006,666 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\uxeventlog.txt
[2009.05.07 16:20:29 | 000,000,710 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\dd_dotnetfx3error.txt
[2009.03.02 11:33:32 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008.12.26 23:55:07 | 000,072,192 | ---- | C] () -- C:\Users\Benutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.29 16:10:59 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2008.10.29 16:10:59 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2008.08.23 04:35:49 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIOFM4.dll
[2008.08.23 04:35:49 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIBUN5.dll
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 04:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2004.07.29 01:19:46 | 000,175,104 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2002.08.13 17:04:12 | 000,217,088 | R--- | C] () -- C:\Users\Benutzer\AppData\Roaming\MafiaSetup.exe
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC_MMX.dll
[1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
 
========== LOP Check ==========
 
[2010.02.22 21:29:36 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Acer Arcade Live
[2009.12.07 19:44:06 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Ankh
[2010.02.07 17:39:00 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Ankh - Heart of Osiris
[2010.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Audacity
[2010.01.30 19:51:35 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Audio Record Edit Toolbox
[2010.01.29 15:42:59 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Audio Recorder for Free
[2010.03.16 20:40:18 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Bioshock
[2010.02.25 22:37:09 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Bioshock(11)
[2010.04.05 15:40:54 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Bioshock2
[2010.04.23 10:49:05 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\com.oskoui-oskoui.avatar
[2010.05.09 17:51:45 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\DAEMON Tools Pro
[2009.01.08 18:55:53 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\eSobi
[2010.04.20 17:09:17 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\FDRLab
[2010.01.29 13:24:45 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\FileZilla
[2010.07.20 19:14:59 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Flatcast
[2009.08.18 18:37:08 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Games
[2010.06.08 21:07:57 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\GrabPro
[2010.04.20 16:50:10 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\gtk-2.0
[2010.08.24 15:59:34 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\ICQ
[2009.06.11 22:11:47 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2009.06.15 21:15:08 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Meine Die Schlacht um Mittelerde-Dateien
[2009.01.23 18:29:18 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2010.08.19 18:12:44 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\mvaxgmbeg
[2009.08.19 16:49:31 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\My Battle for Middle-earth™ II Files
[2010.02.20 10:00:41 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\OCS
[2010.02.20 10:00:48 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Opera
[2010.06.10 20:51:35 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Orbit
[2009.01.30 19:32:57 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Petroglyph
[2010.02.22 21:29:29 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\PowerCinema
[2009.05.08 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\ScummVM
[2010.08.07 01:16:04 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\SeriousBit
[2009.06.29 18:59:32 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Sony
[2009.07.07 01:10:06 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Stardock
[2010.07.19 16:19:16 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\TeamViewer
[2009.07.06 16:01:34 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\The Creative Assembly
[2010.07.11 00:41:14 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\TuneUp Software
[2010.03.12 15:04:11 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Ubisoft
[2010.08.24 19:00:01 | 000,000,534 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job
[2010.07.15 00:59:59 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2009.06.01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2010.08.24 02:47:29 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.08.24 16:49:38 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1D071076-F2AF-41E4-B583-9EA0DFF434F7}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.02.22 21:29:36 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Acer Arcade Live
[2010.01.22 14:35:21 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Adobe
[2009.12.07 19:44:06 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Ankh
[2010.02.07 17:39:00 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Ankh - Heart of Osiris
[2008.12.26 23:42:44 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\ATI
[2010.03.09 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Audacity
[2010.01.30 19:51:35 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Audio Record Edit Toolbox
[2010.01.29 15:42:59 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Audio Recorder for Free
[2010.03.16 20:40:18 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Bioshock
[2010.02.25 22:37:09 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Bioshock(11)
[2010.04.05 15:40:54 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Bioshock2
[2010.04.23 10:49:05 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\com.oskoui-oskoui.avatar
[2009.03.18 11:49:50 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\CyberLink
[2010.05.09 17:51:45 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\DAEMON Tools Pro
[2009.01.08 18:55:53 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\eSobi
[2010.04.20 17:09:17 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\FDRLab
[2010.01.29 13:24:45 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\FileZilla
[2010.07.20 19:14:59 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Flatcast
[2009.08.18 18:37:08 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Games
[2009.05.06 17:34:50 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Google
[2010.06.08 21:07:57 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\GrabPro
[2010.04.20 16:50:10 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\gtk-2.0
[2010.08.24 15:59:34 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\ICQ
[2008.12.26 23:42:09 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Identities
[2009.01.30 17:36:27 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\InstallShield
[2009.10.17 15:56:56 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\InstallShield Installation Information
[2008.12.26 23:42:42 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Macromedia
[2010.08.19 14:53:27 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Malwarebytes
[2006.11.02 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Media Center Programs
[2009.06.11 22:11:47 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2009.06.15 21:15:08 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Meine Die Schlacht um Mittelerde-Dateien
[2009.01.23 18:29:18 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2010.08.04 16:44:26 | 000,000,000 | --SD | M] -- C:\Users\Benutzer\AppData\Roaming\Microsoft
[2009.08.16 18:49:37 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Microsoft Games
[2009.06.19 19:29:01 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Mozilla
[2010.08.19 18:12:44 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\mvaxgmbeg
[2009.08.19 16:49:31 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\My Battle for Middle-earth™ II Files
[2010.02.09 22:54:44 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\NCH Software
[2010.02.20 10:00:41 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\OCS
[2010.02.20 10:00:48 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Opera
[2010.06.10 20:51:35 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Orbit
[2009.01.30 19:32:57 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Petroglyph
[2010.02.22 21:29:29 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\PowerCinema
[2010.06.08 21:24:07 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Real
[2009.05.08 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\ScummVM
[2009.03.08 00:31:24 | 000,000,000 | RH-D | M] -- C:\Users\Benutzer\AppData\Roaming\SecuROM
[2010.08.07 01:16:04 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\SeriousBit
[2010.07.20 22:26:08 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Skype
[2010.07.20 22:25:51 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\skypePM
[2009.06.29 18:59:32 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Sony
[2009.07.07 01:10:06 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Stardock
[2010.07.19 16:19:16 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\TeamViewer
[2009.07.06 16:01:34 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\The Creative Assembly
[2010.07.11 00:41:14 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\TuneUp Software
[2010.03.12 15:04:11 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\Ubisoft
[2010.08.14 01:34:16 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\vlc
[2009.05.21 23:33:38 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2002.08.13 17:04:12 | 000,217,088 | R--- | M] () -- C:\Users\Benutzer\AppData\Roaming\MafiaSetup.exe
[2009.10.17 15:56:38 | 000,393,216 | ---- | M] (Acresso Software Inc.) -- C:\Users\Benutzer\AppData\Roaming\InstallShield Installation Information\{2C067478-457E-4066-8844-804FC5E686F0}\setup.exe
[2010.03.09 15:13:09 | 000,010,134 | R--- | M] () -- C:\Users\Benutzer\AppData\Roaming\Microsoft\Installer\{3D6A24EA-A543-6C84-351E-D7646E7AB86E}\ARPPRODUCTICON.exe
[2009.06.06 23:24:05 | 000,010,134 | R--- | M] () -- C:\Users\Benutzer\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010.02.20 10:00:41 | 000,106,496 | ---- | M] (OCS) -- C:\Users\Benutzer\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
[2010.02.20 10:00:41 | 000,040,960 | ---- | M] () -- C:\Users\Benutzer\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.01.21 04:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SysWOW64\netlogon.dll
[2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SysWOW64\netlogon.dll
[2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SysWOW64\scecli.dll
[2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SysWOW64\scecli.dll
[2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 04:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\SysWOW64\user32.dll
[2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\SysWOW64\user32.dll
[2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
[2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=F3F5549E69AE8509342E67E4F972CA1C -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
[2008.01.21 04:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\d15e0adcf011f7a00bde2023e8b74a00\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SysWOW64\winlogon.exe
[2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SysWOW64\winlogon.exe
[2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >

--- --- ---

cosinus · 25.08.2010, 11:46

Zitat:

(KelSat Presents) -- C:\Users\Benutzer\Desktop\Dragon_Age_Origins_V1.0_Plus_8_Trainer_By_KelSat.exe

Was soll das denn sein?

Shadowtroop · 25.08.2010, 18:09

Das ist ein Programm für Dragon Age Origins hat mal ein Freund von mir mal installiert, hat aber nichts weiter zu sagen.

cosinus · 25.08.2010, 18:42

Nagut...
Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

19.08.2010, 18:52	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Security Suit Alert Was ist mit OTL? __________________ Logfiles bitte immer in CODE-Tags posten

25.08.2010, 18:42	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Security Suit Alert Nagut... Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! __________________ Logfiles bitte immer in CODE-Tags posten

Security Suit Alert

Plagegeister aller Art und deren Bekämpfung: Security Suit Alert