BOOTDss.M erfolgreich entfernt... Hoffe ich.

Cymatrelic · 02.05.2011, 19:49

Und hier die Extras.txt:

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 02.05.2011 20:39:16 - Run 2
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Mike\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 368,10 Gb Total Space | 78,11 Gb Free Space | 21,22% Space Free | Partition Type: NTFS
Drive D: | 115,30 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1" = DirectX 9.0c Extra Files (x86, x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeraCopy_is1" = TeraCopy 2.12
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0FB0306C-11D8-35F2-9AC9-121FA753F9AD}" = Visual C++ 2008 x64 Runtime - (v9.0.30729.5026)
"{0FB0306C-11D8-35F2-9AC9-121FA753F9AD}.vc_x64runtime_30729_5026" = Visual C++ 2008 x64 Runtime - v9.0.30729.5026
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 22
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{542068F1-9AAE-4E1B-8ACA-094FE03728BE}" = Carambis Driver Updater
"{5D8057E7-FF6A-4700-AF1F-4755DEE440CF}" = calibre
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A07F7DC-18DB-0200-0000-000000000000}" = Android Manager WiFi
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{786547F9-59BB-4FA3-B2D8-327FF1F14870}" = Adobe Flash Player 9 ActiveX
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D54640A3-2C2B-4CB1-9666-01E55F54E7F5}" = NCsoft Launcher
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.5026)
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}.vc_x86runtime_30729_5026" = Visual C++ 2008 x86 Runtime - v9.0.30729.5026
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F2C4E6E0-EB78-4824-A212-6DF6AF0E8E82}" = FINAL FANTASY XIV
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"Axife Mouse Recorder DEMO_is1" = Axife Mouse Recorder DEMO 5.01
"EADM" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FlashGet 2.0" = FlashGet 2.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ObjectDock" = ObjectDock
"PlayRF USA 15.00" = PlayRF USA 15.00
"Postal 2_is1" = Portal 2
"PunkBusterSvc" = PunkBuster Services
"Steam App 15620" = Warhammer® 40,000™: Dawn of War® II
"Steam App 56400" = Warhammer® 40,000®: Dawn of War® II – Retribution™
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"TeamViewer 5" = TeamViewer 5
"Two Worlds II" = Two Worlds II
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.9
"Word to PDF Converter" = Word to PDF Converter
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"NCsoft-Aion" = Aion
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 13.04.2011 19:56:43 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Crysis2.exe, Version: 1.0.0.5858,
 Zeitstempel: 0x21544c46  Name des fehlerhaften Moduls: Crysis2.exe, Version: 1.0.0.5858,
 Zeitstempel: 0x21544c46  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00065e83  ID des fehlerhaften
 Prozesses: 0x720  Startzeit der fehlerhaften Anwendung: 0x01cbfa366ede6b27  Pfad der
 fehlerhaften Anwendung: A:\Video\Series\How I met your mother\Crysis 2 DVD9  MULTI
 5-NETSHOW\bin32\Crysis2.exe  Pfad des fehlerhaften Moduls: A:\Video\Series\How I 
met your mother\Crysis 2 DVD9  MULTI 5-NETSHOW\bin32\Crysis2.exe  Berichtskennung:
 ae01577b-6629-11e0-8fe0-00040efae87a
 
Error - 14.04.2011 08:28:59 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ShippingPC-StormGame.exe, Version:
 1.0.7094.0, Zeitstempel: 0x4d35a5ef  Name des fehlerhaften Moduls: ShippingPC-StormGame.exe,
 Version: 1.0.7094.0, Zeitstempel: 0x4d35a5ef  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x00a1645b  ID des fehlerhaften Prozesses: 0x11d0  Startzeit der fehlerhaften Anwendung:
 0x01cbfa99b26a32b2  Pfad der fehlerhaften Anwendung: C:\Games\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe
Pfad
 des fehlerhaften Moduls: C:\Games\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe
Berichtskennung:
 c576027e-6692-11e0-bc64-00040efae87a
 
Error - 14.04.2011 08:43:31 | Computer Name = Mike-PC | Source = MsiInstaller | ID = 1013
Description = 
 
Error - 30.04.2011 14:20:18 | Computer Name = Mike-PC | Source = Application Hang | ID = 1002
Description = Programm avscan.exe, Version 10.0.3.5 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: f0c    Startzeit: 
01cc076332a9e9c4    Endzeit: 16    Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir 
Desktop\avscan.exe    Berichts-ID: 7f0e96f3-7356-11e0-96d9-00040efae87a  
 
Error - 30.04.2011 14:21:31 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.17.12.6658,
 Zeitstempel: 0x4d27ce94  Name des fehlerhaften Moduls: NVSVC64.DLL, Version: 8.17.12.6658,
 Zeitstempel: 0x4d27cbb9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000000000059c4c
ID
 des fehlerhaften Prozesses: 0xab4  Startzeit der fehlerhaften Anwendung: 0x01cc06d4501a2fe3
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\nvvsvc.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\system32\NVSVC64.DLL  Berichtskennung: ab701ee5-7356-11e0-96d9-00040efae87a
 
Error - 30.04.2011 15:17:06 | Computer Name = Mike-PC | Source = MsiInstaller | ID = 1013
Description = 
 
Error - 30.04.2011 15:18:19 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: portal2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4d4c804d  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften Prozesses:
 0xfb8  Startzeit der fehlerhaften Anwendung: 0x01cc076b3821d117  Pfad der fehlerhaften
 Anwendung: C:\Games\Portal 2\portal2.exe  Pfad des fehlerhaften Moduls: unknown  Berichtskennung:
 9acf517a-735e-11e0-96d9-00040efae87a
 
Error - 30.04.2011 15:19:31 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: portal2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4d4c804d  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bdbdf  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0xfb8  Startzeit der fehlerhaften Anwendung: 0x01cc076b3821d117  Pfad der
 fehlerhaften Anwendung: C:\Games\Portal 2\portal2.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: c5a25130-735e-11e0-96d9-00040efae87a
 
Error - 30.04.2011 15:23:57 | Computer Name = Mike-PC | Source = MsiInstaller | ID = 11722
Description = 
 
Error - 30.04.2011 15:27:29 | Computer Name = Mike-PC | Source = MsiInstaller | ID = 1013
Description = 
 
[ System Events ]
Error - 29.04.2011 04:25:50 | Computer Name = Mike-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800705b4 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2515325)
 
Error - 29.04.2011 04:25:50 | Computer Name = Mike-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800705b4 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2522422)
 
Error - 29.04.2011 04:25:50 | Computer Name = Mike-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800705b4 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2492386)
 
Error - 29.04.2011 04:35:32 | Computer Name = Mike-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800705b4 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB982018)
 
Error - 29.04.2011 13:37:04 | Computer Name = Mike-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 29.04.2011 13:37:45 | Computer Name = Mike-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800705b4 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2515325)
 
Error - 29.04.2011 13:37:45 | Computer Name = Mike-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800705b4 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2522422)
 
Error - 29.04.2011 13:37:45 | Computer Name = Mike-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800705b4 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2492386)
 
Error - 29.04.2011 13:47:29 | Computer Name = Mike-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800705b4 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB982018)
 
Error - 29.04.2011 16:31:34 | Computer Name = Mike-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 
 
< End of report >

--- --- ---

So ich hätte noch eine Frage...

Ich habe Dropbox und Skype installiert. Sollte ich alle meine Skype kontakte und die Leute die mit mir eine Dropbox
teilen darauf hinweisen, dass sie einen Systemcheck machen sollten? Oder besteht von einer Infektion für sie eher keine Gefahr...?

kira · 02.05.2011, 22:12

Zitat:

Zitat von Cymatrelic

Sollte ich alle meine Skype kontakte und die Leute die mit mir eine Dropbox
teilen darauf hinweisen, dass sie einen Systemcheck machen sollten?

Es würde nichts schaden!

OTL.txt fehlt noch

Cymatrelic · 02.05.2011, 23:23

Ja ok. Die OTL.txt ist doch schon da, oder? Zum Schluss meines zweiten Posts...

kira · 03.05.2011, 07:11

Zitat:

Zitat von Cymatrelic

Ja ok. Die OTL.txt ist doch schon da, oder? Zum Schluss meines zweiten Posts...

"extra.txt" schon...
wird immer 2 Logfiles erstellt:-> OTL.txt und extra.txt

Cymatrelic · 03.05.2011, 10:18

Ja ich weis und ich hab auch beide gepostet. Scroll von der Extras.txt Datei einfach ein paar zentimeter nach oben und da is die OTL.txt

Aber um sicher zu gehn:

Hier ist sie nochmal:

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 02.05.2011 20:39:16 - Run 2
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Mike\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 368,10 Gb Total Space | 78,11 Gb Free Space | 21,22% Space Free | Partition Type: NTFS
Drive D: | 115,30 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Mike\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Windows\SysWOW64\dgdersvc.exe (Devguru Co., Ltd.)
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
PRC - C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Mike\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\Logitech\SetPoint\x86\GameHook.dll (Logitech, Inc.)
MOD - C:\Programme\Logitech\SetPoint\x86\lgscroll.dll (Logitech, Inc.)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Stardock\ObjectDock\DockShellHook.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (dgdersvc) -- C:\Windows\SysWOW64\dgdersvc.exe (Devguru Co., Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (LVUVC64) Logitech Webcam 200(UVC) -- C:\Windows\SysNative\drivers\LVUVC64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (WmVirHid) -- C:\Windows\SysNative\drivers\WmVirHid.sys (Logitech Inc.)
DRV:64bit: - (WmBEnum) -- C:\Windows\SysNative\drivers\WmBEnum.sys (Logitech Inc.)
DRV:64bit: - (WmXlCore) -- C:\Windows\SysNative\drivers\WmXlCore.sys (Logitech Inc.)
DRV:64bit: - (WmFilter) -- C:\Windows\SysNative\drivers\WmFilter.sys (Logitech Inc.)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH)
DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin)
DRV - (dgderdrv) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {c840e246-6b95-475e-9bd7-caa1c7eca9f2}:3.2.5.2
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.01 19:20:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.23 20:48:59 | 000,000,000 | ---D | M]
 
[2010.09.25 03:30:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\mozilla\Extensions
[2011.04.27 16:59:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions
[2011.03.22 23:09:17 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.24 16:32:43 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.10.27 15:27:28 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.03.24 16:32:44 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2011.03.24 16:32:43 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\engine@conduit.com
[2011.03.23 20:49:11 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\toolbar@web.de
[2011.04.30 00:52:03 | 000,000,950 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-1.xml
[2011.03.07 09:45:02 | 000,000,950 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-2.xml
[2011.03.23 20:49:41 | 000,000,950 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-3.xml
[2011.05.01 18:02:18 | 000,000,950 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-4.xml
[2011.05.01 21:05:06 | 000,000,656 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-5-1.xml
[2011.02.20 12:21:20 | 000,000,618 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-5.xml
[2011.02.20 12:21:20 | 000,000,168 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin.gif
[2011.02.27 20:21:18 | 000,001,056 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin.xml
[2011.03.23 20:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.11.01 15:58:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.28 20:20:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.18 21:17:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.23 20:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2011.03.23 20:49:00 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@web.de
File not found (No name found) -- 
() (No name found) -- C:\USERS\MIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PAZYB9P1.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant]  File not found
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Download All by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm ()
O8:64bit: - Extra context menu item: &Download by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Mike\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Mike\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.02 20:33:38 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.05.02 20:26:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.05.01 22:12:10 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2011.05.01 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Malwarebytes
[2011.05.01 21:49:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.01 21:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.01 21:49:49 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.01 21:49:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.05.01 21:25:16 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011.05.01 21:13:03 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Avira
[2011.05.01 21:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.05.01 21:11:52 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.05.01 21:11:52 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.05.01 21:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.05.01 18:12:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011.05.01 14:59:46 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\Gas Powered Games
[2011.05.01 13:45:35 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\oblivion
[2011.05.01 12:22:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supreme Commander 2
[2011.05.01 00:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
[2011.04.30 23:57:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
[2011.04.30 23:33:36 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\BioWare
[2011.04.30 23:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age II
[2011.04.30 23:16:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2011.04.30 21:40:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011.04.30 21:17:19 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\SKIDROW
[2011.04.30 21:14:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2011.04.28 08:41:53 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.04.28 08:41:53 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.04.28 08:41:51 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.04.28 08:41:50 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.04.28 08:41:33 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.04.28 08:41:33 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.04.28 08:41:33 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.04.28 08:41:33 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.04.28 08:41:33 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011.04.28 08:41:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011.04.28 08:41:33 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.04.28 08:41:29 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.04.28 08:41:29 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.04.20 22:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.04.19 07:57:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Help
[2011.04.18 15:12:29 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\Divinity 2
[2011.04.16 01:27:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2011.04.16 01:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.04.15 19:00:45 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.04.15 19:00:45 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.04.15 19:00:40 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.04.15 19:00:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.04.15 19:00:40 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.04.15 19:00:36 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011.04.15 19:00:36 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011.04.15 19:00:36 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.04.15 19:00:36 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.04.15 19:00:31 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.04.15 19:00:31 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.04.15 19:00:31 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.04.15 19:00:30 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.04.15 19:00:24 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.04.15 19:00:24 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.04.15 19:00:24 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.04.15 19:00:24 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.04.15 19:00:24 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.04.15 19:00:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.04.15 19:00:24 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.04.15 19:00:24 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.04.15 19:00:23 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.04.15 19:00:23 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.04.15 19:00:23 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.04.15 19:00:23 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.04.15 19:00:23 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.04.15 19:00:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.04.15 18:59:36 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.04.15 18:59:36 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011.04.15 18:59:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.04.15 18:59:26 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.04.15 18:59:25 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.04.15 18:59:25 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.04.15 18:59:25 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.04.15 18:59:25 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011.04.15 18:59:25 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011.04.15 18:59:25 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011.04.15 18:59:22 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011.04.14 14:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011.04.14 01:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.04.12 22:52:31 | 020,471,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011.04.12 22:52:31 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011.04.12 22:52:31 | 012,859,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011.04.12 22:52:31 | 010,078,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011.04.12 22:52:31 | 005,653,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011.04.12 22:52:31 | 003,112,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011.04.12 22:52:31 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011.04.12 22:52:31 | 002,479,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011.04.12 22:52:31 | 001,614,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642090.dll
[2011.04.12 22:52:31 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64hda.dll
[2011.04.12 22:52:31 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642040.dll
[2011.04.12 22:52:31 | 000,155,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011.04.12 22:52:31 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.04.12 22:52:31 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.04.12 22:52:31 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011.04.12 22:52:30 | 018,580,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011.04.12 22:52:30 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011.04.12 22:52:30 | 006,604,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011.04.12 22:52:30 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011.04.12 22:52:30 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011.04.12 22:52:30 | 001,965,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011.04.12 22:52:30 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011.04.12 16:38:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.04.12 15:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.04.12 15:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011.04.12 15:57:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011.04.12 15:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011.04.12 11:36:47 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\Microsoft Games
[2011.04.11 22:13:54 | 000,000,000 | ---D | C] -- C:\ProgramData\KingsIsle Entertainment
[2011.04.10 02:57:15 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\reakktor
[2011.04.10 02:07:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\Reakktor Media
[2010.02.04 00:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.02 20:33:39 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.05.02 20:33:13 | 000,021,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.02 20:33:13 | 000,021,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.02 20:28:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2011.05.02 20:28:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.02 20:27:58 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.01 22:12:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2011.05.01 21:49:52 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.01 20:38:16 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011.04.30 21:41:57 | 000,392,243 | ---- | M] () -- C:\AnalysisLog.sr0
[2011.04.30 21:14:32 | 000,001,553 | ---- | M] () -- C:\Users\Public\Desktop\Portal 2.lnk
[2011.04.27 16:27:00 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.04.27 16:27:00 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.27 16:27:00 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.04.27 10:10:18 | 001,644,374 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.27 10:10:18 | 000,707,908 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.04.27 10:10:18 | 000,661,504 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.27 10:10:18 | 000,153,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.04.27 10:10:18 | 000,125,590 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.20 22:42:57 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.19 19:58:29 | 020,533,281 | ---- | M] () -- C:\Users\Mike\Documents\vlc-1.1.9-win32.exe
[2011.04.18 15:00:14 | 000,439,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.04.14 15:43:43 | 000,000,221 | ---- | M] () -- C:\Users\Mike\Desktop\Dawn of War II - Retribution.url
[2011.04.12 12:50:27 | 000,000,139 | ---- | M] () -- C:\Users\Mike\Documents\aionmemo_c1b89fb0.dat
[2011.04.10 02:03:28 | 001,621,332 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== Files Created - No Company Name ==========
 
[2011.05.02 20:33:39 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.05.01 21:49:52 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.01 20:38:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.04.30 21:41:15 | 000,392,243 | ---- | C] () -- C:\AnalysisLog.sr0
[2011.04.30 21:14:32 | 000,001,553 | ---- | C] () -- C:\Users\Public\Desktop\Portal 2.lnk
[2011.04.20 22:42:57 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.19 19:58:12 | 020,533,281 | ---- | C] () -- C:\Users\Mike\Documents\vlc-1.1.9-win32.exe
[2011.04.14 15:43:43 | 000,000,221 | ---- | C] () -- C:\Users\Mike\Desktop\Dawn of War II - Retribution.url
[2011.04.12 16:59:18 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011.04.01 07:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011.04.01 07:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.04.01 07:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011.03.30 23:04:18 | 000,000,000 | ---- | C] () -- C:\Windows\EngineExe.INI
[2011.03.30 19:27:06 | 000,000,000 | ---- | C] () -- C:\Windows\PanelExe.INI
[2010.12.09 21:38:00 | 000,007,602 | ---- | C] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
[2010.12.05 17:43:59 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.12.05 16:25:21 | 000,000,092 | ---- | C] () -- C:\Users\Mike\AppData\Local\fusioncache.dat
[2010.11.17 01:48:51 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx14_ic.ini
[2010.10.21 21:22:39 | 000,005,632 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.21 16:42:15 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll
[2010.10.18 18:58:31 | 000,005,024 | ---- | C] () -- C:\Windows\SysWow64\FilterData.dat
[2010.10.16 12:45:30 | 001,621,332 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.10.11 09:41:17 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.10.11 09:41:16 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.10.11 09:41:16 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.10.03 14:46:24 | 000,052,836 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2010.10.03 14:46:23 | 001,199,179 | ---- | C] () -- C:\Windows\unins001.exe
[2010.10.03 14:46:23 | 000,394,752 | ---- | C] () -- C:\Windows\SysWow64\cygwinb19.dll
[2010.10.03 14:46:23 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\libpng13.dll
[2010.10.03 14:46:23 | 000,010,125 | ---- | C] () -- C:\Windows\unins001.dat
[2010.10.03 14:45:34 | 001,199,175 | ---- | C] () -- C:\Windows\unins000.exe
[2010.10.03 14:45:34 | 000,008,141 | ---- | C] () -- C:\Windows\unins000.dat
[2010.10.01 20:38:38 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.09.30 14:00:02 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.07.26 15:18:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2010.07.26 15:18:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2010.07.26 15:18:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2010.07.26 15:18:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010.07.26 10:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.06.23 12:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.06.23 12:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.08.16 10:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:D06A4C76

< End of report >

--- --- ---

kira · 03.05.2011, 15:28

Ok...sorry ...

1.
Die alte Java-Versionen verbleiben auf dem PC...aus Sicherheitsgründen müssen entfernt werden,auch in Zukunft darauf achten!
Falls nach einen neuen Systemstart noch existieren, die alten Einträge bitte deinstallieren

Code:

ATTFilter

Java(TM) 6 Update 20

2.
Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Reg Error: Key error. File not found
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
[2011.03.24 16:32:43 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.10.27 15:27:28 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.03.24 16:32:44 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2011.03.24 16:32:43 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\engine@conduit.com
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:D06A4C76

:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

3.
reinige dein System mit Ccleaner:

"Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
Starte dein System neu auf

4.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und extra.txt
Poste die Logfiles in Code-Tags hier in den Thread.

5.

lade Dir SUPERAntiSpyware FREE Edition herunter.
installiere das Programm und update online.
starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

6.
- "Link:-> ESET Online Scanner
>>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.► [Sicherheit] Autorun Funktion für mehr Sicherheit auf allen Laufwerken deaktivieren /Avira Support Forum

-> Führe dann einen Komplett-Systemcheck mit Eset/Nod32 durch

- folgendes bitte anhaken > "Remove found threads" und "Scan archives"
- die Scanergebnis als *.txt Dateien speichern)
- meistens "C:\Programme\Eset\EsetOnlineScanner\log.txt"

Vor dem Scan Einstellungen im Internet Explorer:
- "Extras→ Internetoptionen→ Sicherheit":
- alles auf Standardstufe stellen
- Active X erlauben
- um den Scan zu starten: wenn du danach gefragt wirst (den Text in der Informationsleiste ) - ActiveX-Steuerelement installieren lassen

► Wie ist den aktuellen Zustand des Rechners?

Cymatrelic · 03.05.2011, 18:34

Hehe kein problem

Also 1. is erledigt.

Hier die OTL Datei von 2.:

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
Prefs.js: engine@conduit.com:3.2.5.2 removed from extensions.enabledItems
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\lib folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\searchplugin folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\META-INF folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\lib folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\defaults folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\components folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\engine@conduit.com folder moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
ADS C:\ProgramData\TEMP:D06A4C76 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Mike
->Temp folder emptied: 1331413 bytes
->Temporary Internet Files folder emptied: 67032 bytes
->FireFox cache emptied: 169697661 bytes
->Flash cache emptied: 1631 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 9731260559 bytes
 
Total Files Cleaned = 9.444,00 mb
 
 
OTL by OldTimer - Version 3.2.22.3 log created on 05032011_172041

Files\Folders moved on Reboot...
C:\Users\Mike\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Ok 3. auch erledigt.

Zu 4:

Hier die OTL.txt:

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 03.05.2011 17:36:27 - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Mike\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 368,10 Gb Total Space | 84,02 Gb Free Space | 22,82% Space Free | Partition Type: NTFS
 
Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Mike\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Windows\SysWOW64\dgdersvc.exe (Devguru Co., Ltd.)
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
PRC - C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Mike\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\Logitech\SetPoint\x86\GameHook.dll (Logitech, Inc.)
MOD - C:\Programme\Logitech\SetPoint\x86\lgscroll.dll (Logitech, Inc.)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Stardock\ObjectDock\DockShellHook.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (dgdersvc) -- C:\Windows\SysWOW64\dgdersvc.exe (Devguru Co., Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (LVUVC64) Logitech Webcam 200(UVC) -- C:\Windows\SysNative\drivers\LVUVC64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (WmVirHid) -- C:\Windows\SysNative\drivers\WmVirHid.sys (Logitech Inc.)
DRV:64bit: - (WmBEnum) -- C:\Windows\SysNative\drivers\WmBEnum.sys (Logitech Inc.)
DRV:64bit: - (WmXlCore) -- C:\Windows\SysNative\drivers\WmXlCore.sys (Logitech Inc.)
DRV:64bit: - (WmFilter) -- C:\Windows\SysNative\drivers\WmFilter.sys (Logitech Inc.)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH)
DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin)
DRV - (dgderdrv) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.03 00:19:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.03 13:17:51 | 000,000,000 | ---D | M]
 
[2010.09.25 03:30:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\mozilla\Extensions
[2011.05.03 17:20:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions
[2011.03.22 23:09:17 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.23 20:49:11 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Users\Mike\AppData\Roaming\mozilla\Firefox\Profiles\pazyb9p1.default\extensions\toolbar@web.de
[2011.04.30 00:52:03 | 000,000,950 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-1.xml
[2011.03.07 09:45:02 | 000,000,950 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-2.xml
[2011.03.23 20:49:41 | 000,000,950 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-3.xml
[2011.05.01 18:02:18 | 000,000,950 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-4.xml
[2011.05.01 21:05:06 | 000,000,656 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-5-1.xml
[2011.02.20 12:21:20 | 000,000,618 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin-5.xml
[2011.02.20 12:21:20 | 000,000,168 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin.gif
[2011.02.20 12:21:20 | 000,000,618 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin.src
[2011.02.27 20:21:18 | 000,001,056 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\pazyb9p1.default\searchplugins\icqplugin.xml
[2011.03.23 20:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.09.28 20:20:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.18 21:17:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.23 20:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2011.03.23 20:49:00 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@web.de
File not found (No name found) -- 
() (No name found) -- C:\USERS\MIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PAZYB9P1.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant]  File not found
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Download All by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm ()
O8:64bit: - Extra context menu item: &Download by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Mike\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files (x86)\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Mike\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{182e6dd1-cee6-11df-9951-0007611fcf01}\Shell - "" = AutoRun
O33 - MountPoints2\{182e6dd1-cee6-11df-9951-0007611fcf01}\Shell\AutoRun\command - "" = E:\INSTALLER.EXE
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.03 13:17:50 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.05.03 13:17:18 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ControlMK
[2011.05.03 13:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ControlMK
[2011.05.03 13:17:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ControlMK
[2011.05.03 13:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oblivion Mod Manager
[2011.05.03 00:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NSR-Stage 1
[2011.05.03 00:58:17 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.05.03 00:58:17 | 000,133,632 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011.05.03 00:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011.05.03 00:47:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supreme Commander 2
[2011.05.03 00:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2011.05.02 20:33:38 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.05.02 20:26:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.05.01 22:12:10 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2011.05.01 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Malwarebytes
[2011.05.01 21:49:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.01 21:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.01 21:49:49 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.01 21:49:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.05.01 21:25:16 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011.05.01 21:13:03 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Avira
[2011.05.01 21:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.05.01 21:11:52 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.05.01 21:11:52 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.05.01 21:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.05.01 18:12:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011.05.01 14:59:46 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\Gas Powered Games
[2011.05.01 13:45:35 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\oblivion
[2011.05.01 00:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
[2011.04.30 23:57:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
[2011.04.30 23:33:36 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\BioWare
[2011.04.30 23:16:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2011.04.30 21:40:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011.04.30 21:17:19 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\SKIDROW
[2011.04.30 21:14:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2011.04.28 08:41:53 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.04.28 08:41:53 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.04.28 08:41:51 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.04.28 08:41:50 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.04.28 08:41:33 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.04.28 08:41:33 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.04.28 08:41:33 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.04.28 08:41:33 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.04.28 08:41:33 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011.04.28 08:41:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011.04.28 08:41:33 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.04.28 08:41:29 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.04.28 08:41:29 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.04.20 22:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.04.19 07:57:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Help
[2011.04.18 15:12:29 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\Divinity 2
[2011.04.16 01:27:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2011.04.16 01:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.04.15 19:00:45 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.04.15 19:00:45 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.04.15 19:00:40 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.04.15 19:00:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.04.15 19:00:40 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.04.15 19:00:36 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011.04.15 19:00:36 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011.04.15 19:00:36 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.04.15 19:00:36 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.04.15 19:00:31 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.04.15 19:00:31 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.04.15 19:00:31 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.04.15 19:00:30 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.04.15 19:00:24 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.04.15 19:00:24 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.04.15 19:00:24 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.04.15 19:00:24 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.04.15 19:00:24 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.04.15 19:00:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.04.15 19:00:24 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.04.15 19:00:24 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.04.15 19:00:23 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.04.15 19:00:23 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.04.15 19:00:23 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.04.15 19:00:23 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.04.15 19:00:23 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.04.15 19:00:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.04.15 18:59:36 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.04.15 18:59:36 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011.04.15 18:59:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.04.15 18:59:26 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.04.15 18:59:25 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.04.15 18:59:25 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.04.15 18:59:25 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.04.15 18:59:25 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011.04.15 18:59:25 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011.04.15 18:59:25 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011.04.15 18:59:22 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011.04.14 14:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011.04.14 01:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.04.12 22:52:31 | 020,471,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011.04.12 22:52:31 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011.04.12 22:52:31 | 012,859,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011.04.12 22:52:31 | 010,078,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011.04.12 22:52:31 | 005,653,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011.04.12 22:52:31 | 003,112,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011.04.12 22:52:31 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011.04.12 22:52:31 | 002,479,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011.04.12 22:52:31 | 001,614,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642090.dll
[2011.04.12 22:52:31 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64hda.dll
[2011.04.12 22:52:31 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642040.dll
[2011.04.12 22:52:31 | 000,155,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011.04.12 22:52:31 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.04.12 22:52:31 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.04.12 22:52:31 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011.04.12 22:52:30 | 018,580,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011.04.12 22:52:30 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011.04.12 22:52:30 | 006,604,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011.04.12 22:52:30 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011.04.12 22:52:30 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011.04.12 22:52:30 | 001,965,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011.04.12 22:52:30 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011.04.12 16:38:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.04.12 15:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.04.12 15:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011.04.12 15:57:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011.04.12 15:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011.04.12 11:36:47 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\Microsoft Games
[2011.04.11 22:13:54 | 000,000,000 | ---D | C] -- C:\ProgramData\KingsIsle Entertainment
[2011.04.10 02:57:15 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\reakktor
[2011.04.10 02:07:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\Reakktor Media
[2010.02.04 00:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.03 17:36:48 | 000,021,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.03 17:36:48 | 000,021,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.03 17:31:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.03 17:31:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2011.05.03 17:31:35 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.03 13:46:37 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini
[2011.05.03 00:58:17 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.05.03 00:58:17 | 000,133,632 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011.05.01 22:12:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2011.05.01 20:38:16 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011.04.30 21:41:57 | 000,392,243 | ---- | M] () -- C:\AnalysisLog.sr0
[2011.04.27 16:27:00 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.04.27 16:27:00 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.27 16:27:00 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.04.27 10:10:18 | 001,644,374 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.27 10:10:18 | 000,707,908 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.04.27 10:10:18 | 000,661,504 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.27 10:10:18 | 000,153,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.04.27 10:10:18 | 000,125,590 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.19 19:58:29 | 020,533,281 | ---- | M] () -- C:\Users\Mike\Documents\vlc-1.1.9-win32.exe
[2011.04.18 15:00:14 | 000,439,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.04.12 12:50:27 | 000,000,139 | ---- | M] () -- C:\Users\Mike\Documents\aionmemo_c1b89fb0.dat
[2011.04.10 02:03:28 | 001,621,332 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== Files Created - No Company Name ==========
 
[2011.05.03 13:43:38 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.05.01 20:38:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.04.30 21:41:15 | 000,392,243 | ---- | C] () -- C:\AnalysisLog.sr0
[2011.04.19 19:58:12 | 020,533,281 | ---- | C] () -- C:\Users\Mike\Documents\vlc-1.1.9-win32.exe
[2011.04.12 16:59:18 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011.04.01 07:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011.04.01 07:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.04.01 07:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011.03.30 23:04:18 | 000,000,000 | ---- | C] () -- C:\Windows\EngineExe.INI
[2011.03.30 19:27:06 | 000,000,000 | ---- | C] () -- C:\Windows\PanelExe.INI
[2010.12.09 21:38:00 | 000,007,602 | ---- | C] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
[2010.12.05 17:43:59 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.12.05 16:25:21 | 000,000,092 | ---- | C] () -- C:\Users\Mike\AppData\Local\fusioncache.dat
[2010.11.17 01:48:51 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx14_ic.ini
[2010.10.21 21:22:39 | 000,005,632 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.21 16:42:15 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll
[2010.10.18 18:58:31 | 000,005,024 | ---- | C] () -- C:\Windows\SysWow64\FilterData.dat
[2010.10.16 12:45:30 | 001,621,332 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.10.11 09:41:17 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.10.11 09:41:16 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.10.11 09:41:16 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.10.03 14:46:24 | 000,052,836 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2010.10.03 14:46:23 | 001,199,179 | ---- | C] () -- C:\Windows\unins001.exe
[2010.10.03 14:46:23 | 000,394,752 | ---- | C] () -- C:\Windows\SysWow64\cygwinb19.dll
[2010.10.03 14:46:23 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\libpng13.dll
[2010.10.03 14:46:23 | 000,010,125 | ---- | C] () -- C:\Windows\unins001.dat
[2010.10.03 14:45:34 | 001,199,175 | ---- | C] () -- C:\Windows\unins000.exe
[2010.10.03 14:45:34 | 000,008,141 | ---- | C] () -- C:\Windows\unins000.dat
[2010.10.01 20:38:38 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.09.30 14:00:02 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.07.26 15:18:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2010.07.26 15:18:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2010.07.26 15:18:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2010.07.26 15:18:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010.07.26 10:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.06.23 12:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.06.23 12:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.08.16 10:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI

< End of report >

--- --- ---

Und hier die Extras.txt:

OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 03.05.2011 17:36:27 - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Mike\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 368,10 Gb Total Space | 84,02 Gb Free Space | 22,82% Space Free | Partition Type: NTFS
 
Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1" = DirectX 9.0c Extra Files (x86, x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeraCopy_is1" = TeraCopy 2.12
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0FB0306C-11D8-35F2-9AC9-121FA753F9AD}" = Visual C++ 2008 x64 Runtime - (v9.0.30729.5026)
"{0FB0306C-11D8-35F2-9AC9-121FA753F9AD}.vc_x64runtime_30729_5026" = Visual C++ 2008 x64 Runtime - v9.0.30729.5026
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 22
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{542068F1-9AAE-4E1B-8ACA-094FE03728BE}" = Carambis Driver Updater
"{5D8057E7-FF6A-4700-AF1F-4755DEE440CF}" = calibre
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A07F7DC-18DB-0200-0000-000000000000}" = Android Manager WiFi
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{786547F9-59BB-4FA3-B2D8-327FF1F14870}" = Adobe Flash Player 9 ActiveX
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D54640A3-2C2B-4CB1-9666-01E55F54E7F5}" = NCsoft Launcher
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.5026)
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}.vc_x86runtime_30729_5026" = Visual C++ 2008 x86 Runtime - v9.0.30729.5026
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F2C4E6E0-EB78-4824-A212-6DF6AF0E8E82}" = FINAL FANTASY XIV
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"Axife Mouse Recorder DEMO_is1" = Axife Mouse Recorder DEMO 5.01
"ControlMK" = ControlMK 0.232
"EADM" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FlashGet 2.0" = FlashGet 2.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ObjectDock" = ObjectDock
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.9
"OpenAL" = OpenAL
"PlayRF USA 15.00" = PlayRF USA 15.00
"Postal 2_is1" = Portal 2
"PunkBusterSvc" = PunkBuster Services
"Steam App 15620" = Warhammer® 40,000™: Dawn of War® II
"Steam App 56400" = Warhammer® 40,000®: Dawn of War® II – Retribution™
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"TeamViewer 5" = TeamViewer 5
"Two Worlds II" = Two Worlds II
"Unofficial Oblivion Patch_is1" = Unofficial Oblivion Patch v3.2.0
"Unofficial Shivering Isles Patch_is1" = Unofficial Shivering Isles Patch v1.4.0
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.9
"Word to PDF Converter" = Word to PDF Converter
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"NCsoft-Aion" = Aion
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 01.05.2011 08:49:05 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Name des fehlerhaften Moduls: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001e232  ID des fehlerhaften
 Prozesses: 0x1140  Startzeit der fehlerhaften Anwendung: 0x01cc07fe1d9314c5  Pfad der
 fehlerhaften Anwendung: C:\Games\Oblivion\Oblivion.exe  Pfad des fehlerhaften Moduls:
 C:\Games\Oblivion\Oblivion.exe  Berichtskennung: 655fd7f3-73f1-11e0-96d9-00040efae87a
 
Error - 01.05.2011 08:49:35 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Name des fehlerhaften Moduls: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001e232  ID des fehlerhaften
 Prozesses: 0x10ec  Startzeit der fehlerhaften Anwendung: 0x01cc07fe33e36209  Pfad der
 fehlerhaften Anwendung: C:\Games\Oblivion\Oblivion.exe  Pfad des fehlerhaften Moduls:
 C:\Games\Oblivion\Oblivion.exe  Berichtskennung: 7723fc5b-73f1-11e0-96d9-00040efae87a
 
Error - 01.05.2011 08:51:37 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Name des fehlerhaften Moduls: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000c9a80  ID des fehlerhaften
 Prozesses: 0x1150  Startzeit der fehlerhaften Anwendung: 0x01cc07fe7a9382c1  Pfad der
 fehlerhaften Anwendung: C:\Games\Oblivion\Oblivion.exe  Pfad des fehlerhaften Moduls:
 C:\Games\Oblivion\Oblivion.exe  Berichtskennung: bffb9907-73f1-11e0-96d9-00040efae87a
 
Error - 01.05.2011 08:58:55 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Name des fehlerhaften Moduls: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001e232  ID des fehlerhaften
 Prozesses: 0x119c  Startzeit der fehlerhaften Anwendung: 0x01cc07fea2558d79  Pfad der
 fehlerhaften Anwendung: C:\Games\Oblivion\Oblivion.exe  Pfad des fehlerhaften Moduls:
 C:\Games\Oblivion\Oblivion.exe  Berichtskennung: c5124a44-73f2-11e0-96d9-00040efae87a
 
Error - 01.05.2011 08:59:21 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Name des fehlerhaften Moduls: Oblivion.exe, Version: 1.2.0.416,
 Zeitstempel: 0x462392c7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001e232  ID des fehlerhaften
 Prozesses: 0x11f0  Startzeit der fehlerhaften Anwendung: 0x01cc07ff902b736d  Pfad der
 fehlerhaften Anwendung: C:\Games\Oblivion\Oblivion.exe  Pfad des fehlerhaften Moduls:
 C:\Games\Oblivion\Oblivion.exe  Berichtskennung: d44ea8e0-73f2-11e0-96d9-00040efae87a
 
Error - 01.05.2011 09:12:41 | Computer Name = Mike-PC | Source = Application Hang | ID = 1002
Description = Programm SupremeCommander2.exe, Version 0.0.0.0 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 114c    Startzeit: 01cc07ffa49dcd36    Endzeit: 15    Anwendungspfad:
 C:\Program Files (x86)\Supreme Commander 2\bin\SupremeCommander2.exe    Berichts-ID:
   
 
Error - 01.05.2011 09:13:06 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WzPreviewer32.exe, Version: 1.0.8287.0,
 Zeitstempel: 0x4bc8619f  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
 Zeitstempel: 0x4cc7ab86  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000cea27  ID des fehlerhaften
 Prozesses: 0xe9c  Startzeit der fehlerhaften Anwendung: 0x01cc07e31c831480  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\WinZip\WzPreviewer32.exe  Pfad des
 fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: c0004888-73f4-11e0-96d9-00040efae87a
 
Error - 01.05.2011 12:02:58 | Computer Name = Mike-PC | Source = Application Hang | ID = 1002
Description = Programm MassEffect2.exe, Version 1.0.1593.2 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 12fc    Startzeit: 01cc0819181192fb    Endzeit: 23    Anwendungspfad:
 C:\Games\Mass Effect 2\Binaries\MassEffect2.exe    Berichts-ID:   
 
Error - 01.05.2011 14:20:56 | Computer Name = Mike-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1515
Description = Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung 
dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
 
Error - 01.05.2011 14:20:56 | Computer Name = Mike-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1511
Description = Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem
 temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen,
 gehen bei der Abmeldung verloren.
 
[ System Events ]
Error - 01.05.2011 14:21:16 | Computer Name = Mike-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 01.05.2011 14:21:16 | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 01.05.2011 14:21:16 | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 01.05.2011 14:21:17 | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 01.05.2011 14:21:17 | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 01.05.2011 14:21:17 | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 01.05.2011 14:21:17 | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 01.05.2011 14:21:17 | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 01.05.2011 14:21:17 | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 01.05.2011 14:21:38 | Computer Name = Mike-PC | Source = DCOM | ID = 10005
Description = 
 
 
< End of report >

--- --- ---

Zu 5:

Hier ist die LogDatei von SuperAntiSpyware:

Code:

ATTFilter

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 05/03/2011 at 06:35 PM

Application Version : 4.51.1000

Core Rules Database Version : 6979
Trace Rules Database Version: 4791

Scan type       : Complete Scan
Total Scan Time : 00:50:17

Memory items scanned      : 568
Memory threats detected   : 0
Registry items scanned    : 15685
Registry threats detected : 0
File items scanned        : 134031
File threats detected     : 0

6. ist auch erledigt

Also der Zustand meines PCs scheint wieder ganz beim Alten zu sein. Alles läuft soweit gut und ich bin auf keine Probleme gestoßen.
Ich weis nicht genau wie ich testen kann ob alles ok läuft, aber das übliche zeug wie Internet, programme installieren/deinstallieren,
Spiele laufen lassen, Dokumente bearbeiten, PC hoch- und runterfahren usw. usw. funktioniert alles.
Ich habe seit einigen Wochen keine externe Festplatte oder USB-Stick oder sonstige Speichermedien an meinen PC gehängt, also gibts da denk ich auch keine Probleme.
Ich habe nur 2 verschiedene Festplatten mit mehreren Partitionen drauf eingebaut. Ich hoffe, dass sich auf der einen Festplatte jetzt nix mehr versteckt

BOOTDss.M erfolgreich entfernt... Hoffe ich.

Plagegeister aller Art und deren Bekämpfung: BOOTDss.M erfolgreich entfernt... Hoffe ich.