Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   windows security center achtung ihre pc wurde gesperrt (https://www.trojaner-board.de/108890-windows-security-center-achtung-pc-wurde-gesperrt.html)

borsaci 01.02.2012 22:45
windows security center achtung ihre pc wurde gesperrt
 
hallo,


ich habe eine problem ich glaub ich habe mir einen trojaner eingefangen als ich im internet surfte dann erscheinte plötzlich einen weissen bildschirm
und stan dort:windowns security center Aus Sicherheitsgründen wurde Ihr PC gesperrt ich muss 100 Euro zahlen um wieder zu aktieviren

ich hab mir den OTL runtergeladen und habe scannen gedrückt und dan sind 2 dataien erschienen OTL.TXT und Extras.TXT

hier sind die beide dataien

OTL.TXT


OTL logfile created on: 01.02.2012 22:17:14 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kurt\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,97 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 70,70% Memory free
8,97 Gb Paging File | 8,44 Gb Available in Paging File | 94,18% Paging File free
Paging file location(s): c:\pagefile.sys 6144 6144 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,22 Gb Total Space | 103,99 Gb Free Space | 35,96% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 28,81 Gb Free Space | 9,67% Space Free | Partition Type: NTFS
Drive E: | 8,87 Gb Total Space | 8,80 Gb Free Space | 99,19% Space Free | Partition Type: NTFS

Computer Name: KURT-PC | User Name: Kurt | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Kurt\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Programme\Notepad++\NppShell_04.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()


========== Win32 Services (SafeList) ==========

SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_e286960.dll ()
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (S3DSvc32) S3D Service (Win32) -- C:\Programme\iZ3D Driver\Win32\S3DCService.exe (iZ3D Inc.)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe (IDT, Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (KMService) -- C:\Windows\System32\srvany.exe ()


========== Driver Services (SafeList) ==========

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (hpdskflt) -- C:\Windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Company)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (johci) -- C:\Windows\System32\drivers\johci.sys (JMicron Technology Corp.)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (NETwNs32) ___ Intel(R) -- C:\Windows\System32\drivers\NETwNs32.sys (Intel Corporation)
DRV - (vmbus) -- C:\Windows\system32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (iZ3DInjectionDriver) -- C:\Programme\iZ3D Driver\Win32\S3DInjectionDriver.sys ()
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (NETw5s32) Intel(R) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (cpudrv) -- C:\Programme\SystemRequirementsLab\cpudrv.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1029unic.sys (MCCI Corporation)
DRV - (s1029mdm) -- C:\Windows\System32\drivers\s1029mdm.sys (MCCI Corporation)
DRV - (s1029bus) Sony Ericsson Device 1029 driver (WDM) -- C:\Windows\System32\drivers\s1029bus.sys (MCCI Corporation)
DRV - (s1029mdfl) -- C:\Windows\System32\drivers\s1029mdfl.sys (MCCI Corporation)
DRV - (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1029mgmt.sys (MCCI Corporation)
DRV - (s1029obex) -- C:\Windows\System32\drivers\s1029obex.sys (MCCI Corporation)
DRV - (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1029nd5.sys (MCCI Corporation)
DRV - (AVerAF15) -- C:\Windows\System32\drivers\AVerAF15.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/406
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 D2 03 D6 DA 64 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: mail@gutscheinrausch.de:2.6
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=113&systemid=406&sr=0&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Users\Kurt\Desktop\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.06.14 16:38:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.06.14 16:38:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.01 16:31:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.20 10:54:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Kurt\AppData\Roaming\IDM\idmmzcc5

[2012.01.24 19:32:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kurt\AppData\Roaming\mozilla\Extensions
[2012.01.24 20:42:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kurt\AppData\Roaming\mozilla\Firefox\Profiles\2cxek9mf.default\extensions
[2012.01.22 08:55:31 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Kurt\AppData\Roaming\mozilla\Firefox\Profiles\2cxek9mf.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2011.01.25 23:42:07 | 000,000,000 | ---D | M] (Gutscheinrausch.de) -- C:\Users\Kurt\AppData\Roaming\mozilla\Firefox\Profiles\2cxek9mf.default\extensions\mail@gutscheinrausch.de
[2010.10.12 17:58:32 | 000,002,059 | ---- | M] () -- C:\Users\Kurt\AppData\Roaming\Mozilla\Firefox\Profiles\2cxek9mf.default\searchplugins\daemon-search.xml
[2012.01.24 19:32:34 | 000,002,519 | ---- | M] () -- C:\Users\Kurt\AppData\Roaming\Mozilla\Firefox\Profiles\2cxek9mf.default\searchplugins\Search_Results.xml
[2010.07.19 10:37:10 | 000,001,589 | ---- | M] () -- C:\Users\Kurt\AppData\Roaming\Mozilla\Firefox\Profiles\2cxek9mf.default\searchplugins\web-search.xml
[2012.01.24 19:32:39 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\KURT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2CXEK9MF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\KURT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2CXEK9MF.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI
() (No name found) -- C:\USERS\KURT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2CXEK9MF.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
[2012.02.01 16:31:20 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.17 16:30:40 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.17 16:30:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.01.17 16:30:40 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.17 16:30:40 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.24 19:32:34 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012.01.17 16:30:40 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.17 16:30:40 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2012.01.25 23:15:53 | 000,000,826 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [FILSHtray] C:\Program Files\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Kurt\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [vasja] C:\Users\Kurt\AppData\Local\Temp\0.16726738343385916.exe (Orb Networks)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47642194-5764-4FD3-86A3-E39D52814580}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B28A0DA-10BF-4254-9B16-96110B2D2FAA}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI3C8A~1\Datamngr\datamngr.dll) -C:\Programme\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI3C8A~1\Datamngr\IEBHO.dll) -C:\Programme\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\backitup.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{28555277-9fc8-11df-8d6b-0021866607e5}\Shell - "" = AutoRun
O33 - MountPoints2\{28555277-9fc8-11df-8d6b-0021866607e5}\Shell\AutoRun\command - "" = H:\Startme.exe
O33 - MountPoints2\{4dfaff12-d958-11df-8681-0021866607e5}\Shell - "" = AutoRun
O33 - MountPoints2\{4dfaff12-d958-11df-8681-0021866607e5}\Shell\AutoRun\command - "" = H:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{58f7290b-9261-11df-aeac-0021866607e5}\Shell - "" = AutoRun
O33 - MountPoints2\{58f7290b-9261-11df-aeac-0021866607e5}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{d050251a-da1b-11e0-a1f9-001eec815664}\Shell - "" = AutoRun
O33 - MountPoints2\{d050251a-da1b-11e0-a1f9-001eec815664}\Shell\AutoRun\command - "" = H:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{d34473c0-942e-11e0-a393-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d34473c0-942e-11e0-a393-806e6f6e6963}\Shell\AutoRun\command - "" = G:\_aomg.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.02.01 22:15:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Kurt\Desktop\OTL.exe
[2012.02.01 12:30:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP
[2012.02.01 12:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2012.01.25 22:34:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.25 22:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.01.25 22:24:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\openIPSW
[2012.01.25 22:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\openIPSW
[2012.01.24 19:33:12 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Local\Ilivid Player
[2012.01.24 19:32:58 | 000,000,000 | ---D | C] -- C:\Program Files\iLivid
[2012.01.24 19:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2012.01.24 19:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012.01.23 17:19:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus
[2012.01.23 17:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2012.01.21 17:46:37 | 000,000,000 | ---D | C] -- C:\Program Files\Cobra 11 - Crash Time
[2012.01.20 11:04:17 | 000,000,000 | ---D | C] -- C:\Users\Kurt\Documents\FILSHtray
[2012.01.20 11:04:17 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Local\FILSH_Media_GmbH
[2012.01.20 11:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FILSHtray
[2012.01.20 11:04:13 | 000,000,000 | ---D | C] -- C:\Program Files\FILSHtray
[2012.01.19 09:07:41 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Local\Chromium
[2012.01.19 08:38:48 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2012.01.19 08:36:18 | 000,000,000 | ---D | C] -- C:\Users\Kurt\Documents\Rockstar Games
[2012.01.19 08:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Rockstar Games
[2012.01.18 18:14:48 | 000,000,000 | ---D | C] -- C:\Users\Kurt\Neuer Ordner
[2012.01.18 11:40:57 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012.01.18 11:40:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2012.01.17 22:49:56 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.01.17 22:49:54 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.01.17 22:49:54 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.01.17 22:49:53 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.01.17 22:49:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.01.17 22:49:51 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.01.17 22:41:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.01.17 17:28:26 | 000,000,000 | ---D | C] -- C:\Users\Kurt\AppData\Local\Akamai
[2012.01.17 16:51:54 | 002,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.01.17 16:51:53 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012.01.17 16:51:53 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012.01.17 16:51:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.01.17 16:51:30 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.17 16:51:29 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012.01.17 16:51:28 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.17 16:51:28 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.01.17 16:51:28 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012.01.17 16:50:08 | 003,912,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.01.17 16:50:07 | 003,967,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.01.17 16:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.01.17 16:19:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.01.17 16:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.01.17 16:08:38 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011.02.08 12:01:54 | 002,779,195 | ---- | C] (TeamViewer GmbH) -- C:\Users\Kurt\AppData\Roaming\TeamViewer.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.02.01 22:16:01 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Kurt\Desktop\OTL.exe
[2012.02.01 22:05:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.01 22:05:37 | 2389,929,984 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.01 22:03:36 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.01 20:51:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.01 15:58:25 | 000,698,970 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.01 15:58:25 | 000,654,248 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.01 15:58:25 | 000,149,134 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.01 15:58:25 | 000,122,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.01 12:54:04 | 000,000,600 | ---- | M] () -- C:\Users\Kurt\AppData\Roaming\winscp.rnd
[2012.02.01 12:30:19 | 000,001,799 | ---- | M] () -- C:\Users\Kurt\Desktop\WinSCP.lnk
[2012.02.01 09:00:38 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.01 09:00:38 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.31 13:44:05 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012.01.25 22:34:23 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.25 17:59:51 | 000,000,472 | ---- | M] () -- C:\Volume (E) - Verknüpfung.lnk
[2012.01.24 20:39:40 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.01.24 08:23:49 | 000,410,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.01.21 16:08:40 | 000,138,160 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.01.21 16:08:19 | 000,271,200 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012.01.21 16:08:19 | 000,271,200 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.02.01 12:30:19 | 000,001,799 | ---- | C] () -- C:\Users\Kurt\Desktop\WinSCP.lnk
[2012.01.25 22:34:23 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.25 17:59:51 | 000,000,472 | ---- | C] () -- C:\Volume (E) - Verknüpfung.lnk
[2012.01.20 10:54:37 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011.09.14 18:42:03 | 000,000,600 | ---- | C] () -- C:\Users\Kurt\AppData\Roaming\winscp.rnd
[2011.09.11 23:24:25 | 000,140,380 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.09.02 17:23:06 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.06.27 11:00:54 | 000,190,464 | ---- | C] () -- C:\Windows\System32\PCGW32.DLL
[2011.06.23 09:05:15 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.06.23 09:04:06 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.06.15 08:18:16 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.04.14 02:40:42 | 000,024,064 | ---- | C] () -- C:\Windows\System32\ssb3ml3.dll
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.02.10 23:13:42 | 000,007,665 | ---- | C] () -- C:\Users\Kurt\AppData\Local\resmon.resmoncfg
[2011.02.08 12:01:59 | 000,000,000 | ---- | C] () -- C:\Users\Kurt\AppData\Roaming\chrtmp
[2011.02.07 19:27:48 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2010.10.16 22:55:10 | 000,008,192 | ---- | C] () -- C:\Users\Kurt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.18 13:46:57 | 000,138,160 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.18 13:46:57 | 000,022,328 | ---- | C] () -- C:\Users\Kurt\AppData\Roaming\PnkBstrK.sys
[2010.07.18 13:46:22 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.07.18 13:46:21 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.07.18 13:46:20 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2010.07.18 12:10:46 | 000,000,350 | ---- | C] () -- C:\Windows\System32\AP6RMHV.BIN
[2010.07.18 12:10:46 | 000,000,308 | ---- | C] () -- C:\Windows\System32\AP6RMKV.BIN
[2010.07.18 12:10:46 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJH.BIN
[2010.07.18 12:10:46 | 000,000,238 | ---- | C] () -- C:\Windows\System32\AP6RMFP.BIN
[2010.07.18 12:10:46 | 000,000,189 | ---- | C] () -- C:\Windows\System32\AP6RMKS.BIN
[2010.07.18 12:10:46 | 000,000,126 | ---- | C] () -- C:\Windows\System32\AP6RMHR.BIN
[2010.06.29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010.06.07 16:47:34 | 000,258,142 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2010.03.10 16:31:46 | 000,274,432 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2010.03.10 16:31:46 | 000,106,496 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2010.03.10 16:31:46 | 000,090,112 | ---- | C] () -- C:\Windows\System32\SaSegFlt.dll
[2010.03.10 16:31:44 | 000,061,440 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll
[2009.07.14 09:47:43 | 000,698,970 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,149,134 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,410,928 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,654,248 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,122,080 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:09 | 001,332,736 | ---- | C] () -- C:\Windows\System32\hpotiop1.dll
[2009.07.14 01:55:09 | 000,585,216 | ---- | C] () -- C:\Windows\System32\hpotscld.dll
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2004.07.08 20:44:07 | 000,011,376 | R--- | C] () -- C:\Windows\System32\drivers\SECDRV.SYS

========== LOP Check ==========

[2010.07.18 12:45:09 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\DAEMON Tools Lite
[2011.02.08 14:16:06 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\DAEMON Tools Pro
[2011.09.20 08:11:56 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\DMCache
[2010.07.20 23:21:48 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.09.18 17:33:46 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\FileZilla
[2010.07.19 09:34:53 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\gnupg
[2011.06.27 11:00:50 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\iZ3D Driver
[2011.08.11 16:13:16 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\LaunchPad
[2011.02.01 17:31:12 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\Leadertech
[2011.01.22 15:36:07 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\Nokia
[2011.09.03 18:40:36 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\Notepad++
[2010.09.19 01:54:12 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\PC Suite
[2011.06.11 16:52:49 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\PunkBuster
[2012.01.25 23:52:11 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\redsn0w
[2011.06.12 14:47:16 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\SuperHideIP
[2011.02.08 12:01:55 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\TeamViewer
[2011.06.14 16:00:08 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\TuneUp Software
[2011.06.15 08:31:41 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\WinBatch
[2011.09.01 15:52:08 | 000,000,000 | ---D | M] -- C:\Users\Kurt\AppData\Roaming\Xilisoft
[2012.01.29 14:25:07 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


ich hoffe ihr konnt mir helfen

borsaci 01.02.2012 23:35
Extras.TXTOTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 01.02.2012 22:17:14 - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Kurt\Desktop
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,97 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 70,70% Memory free
8,97 Gb Paging File | 8,44 Gb Available in Paging File | 94,18% Paging File free
Paging file location(s): c:\pagefile.sys 6144 6144 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,22 Gb Total Space | 103,99 Gb Free Space | 35,96% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 28,81 Gb Free Space | 9,67% Space Free | Partition Type: NTFS
Drive E: | 8,87 Gb Total Space | 8,80 Gb Free Space | 99,19% Space Free | Partition Type: NTFS
 
Computer Name: KURT-PC | User Name: Kurt | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 26
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1" = iZ3D Driver Remove
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray Version 0.10
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iPhone Explorer 2.1.4.1
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2
"{9736585B-7804-4E42-865A-A458C4CEC6C7}_is1" = iPhone Tunnel Suite 2.7 BETA
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D47087E7-AA15-4D1D-8C0A-60F7E446D597}" = PSP ISO Compressor
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F69D86A9-3B11-49C0-8E4F-3B6B9F1EC531}_is1" = openIPSW version 2.8
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"284D9B4A58796481EC5A61D01DCC5E654761629C" = ENE CIR Receiver Driver
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Age of Mythology Expansion Pack 1.0" = Age of Mythology Gold
"Akamai" = Akamai NetSession Interface Service
"AVerMedia TV Tuner Card" = AVerMedia TV Tuner Card 1.0.0.4
"Call of Juarez The Cartel_is1" = Call of Juarez The Cartel
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup.divx.com" = DivX-Setup
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"FileZilla Client" = FileZilla Client 3.5.1
"Freecorder4.1" = Freecorder
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"JDownloader" = JDownloader
"Mafia II_is1" = Mafia II
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"Notepad++" = Notepad++
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"VLC media player" = VLC media player 1.1.11
"Windows Searchqu Toolbar" = Windows iLivid Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"winscp3_is1" = WinSCP 4.3.6
"Xilisoft Video Converter Ultimate 6" = Xilisoft Video Converter Ultimate 6
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 13.07.2011 05:34:07 | Computer Name = Kurt-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows
 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 13.07.2011 05:35:29 | Computer Name = Kurt-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\sony
 ericsson\sony ericsson pc companion\Drivers\DPInst64.exe".  Die abhängige Assemblierung
 "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 14.07.2011 04:10:41 | Computer Name = Kurt-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows
 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 14.07.2011 04:12:03 | Computer Name = Kurt-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\sony
 ericsson\sony ericsson pc companion\Drivers\DPInst64.exe".  Die abhängige Assemblierung
 "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 15.07.2011 04:16:34 | Computer Name = Kurt-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows
 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 15.07.2011 04:17:22 | Computer Name = Kurt-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\sony
 ericsson\sony ericsson pc companion\Drivers\DPInst64.exe".  Die abhängige Assemblierung
 "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 16.07.2011 09:48:23 | Computer Name = Kurt-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows
 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 16.07.2011 09:49:13 | Computer Name = Kurt-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\sony
 ericsson\sony ericsson pc companion\Drivers\DPInst64.exe".  Die abhängige Assemblierung
 "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 16.07.2011 14:33:39 | Computer Name = Kurt-PC | Source =  | ID = 0
Description =
 
Error - 16.07.2011 14:33:39 | Computer Name = Kurt-PC | Source =  | ID = 0
Description =
 
[ System Events ]
Error - 01.02.2012 16:50:09 | Computer Name = Kurt-PC | Source = DCOM | ID = 10005
Description =
 
Error - 01.02.2012 16:50:10 | Computer Name = Kurt-PC | Source = DCOM | ID = 10005
Description =
 
Error - 01.02.2012 16:50:10 | Computer Name = Kurt-PC | Source = DCOM | ID = 10005
Description =
 
Error - 01.02.2012 17:03:48 | Computer Name = Kurt-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.    Funktion: %%835    Fehlercode:
0x80004005    Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 01.02.2012 17:05:26 | Computer Name = Kurt-PC | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
  festgestellt.
 
Error - 01.02.2012 17:05:59 | Computer Name = Kurt-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  discache  iZ3DInjectionDriver  MpFilter  spldr  sptd  Wanarpv6
 
Error - 01.02.2012 17:06:04 | Computer Name = Kurt-PC | Source = DCOM | ID = 10005
Description =
 
Error - 01.02.2012 17:06:11 | Computer Name = Kurt-PC | Source = DCOM | ID = 10005
Description =
 
Error - 01.02.2012 17:06:12 | Computer Name = Kurt-PC | Source = DCOM | ID = 10005
Description =
 
Error - 01.02.2012 17:06:12 | Computer Name = Kurt-PC | Source = DCOM | ID = 10005
Description =
 
 
< End of report >
--- --- ---

borsaci 02.02.2012 00:32
hat sich erledigt mit Malwarebytes Anti-Malware

kann geclosed werden


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:05 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131