Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.01.2012, 17:20   #1
Javier
 
Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen - Standard

Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen



Hi liebes Troianer Board Forum,

Ich habe ein großes Problem mit meinem PC. Und zwar bekomme ich sobald das Internet aktiviert ist einen schwarzen Bildschirm als auch eine Meldung die sagt mein Windows stark Virenverseucht ist und ich zur reinigugn und wiederherstellung der Daten 50€ in form eines paysavecodes bezahlen soll.
Da diese Meldung aber nur mit Internetverbindung angezeigt wird und es mein Problem schon hier im Forum benannt und benutzerdefiniert gelöst wurde kann es sich nur um eine Abzocke handeln.
Mein Virensystem ist leider veraltet aber wede demnächst mit kaspersky nachrüsten.

In den andren Themen mit dem selben problem wurde gebeten sich OTL herunterzuladen und 2 txt dateien anzuhängen.


ausversehen ein paar mal zu oft gepostet bin bsll aufgeregt wegen dem problem hoffe das is kein problem

Geändert von Javier (18.01.2012 um 17:28 Uhr)

Alt 18.01.2012, 17:21   #2
Javier
 
Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen - Standard

Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen



OTL.txtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 1/18/2012 4:34:10 PM - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\f.schumacher\Desktop
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 64.50% Memory free
6.00 Gb Paging File | 4.77 Gb Available in Paging File | 79.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.86 Gb Total Space | 301.76 Gb Free Space | 66.19% Space Free | Partition Type: NTFS
Drive D: | 9.80 Gb Total Space | 1.19 Gb Free Space | 12.18% Space Free | Partition Type: NTFS
Drive F: | 100.00 Mb Total Space | 71.70 Mb Free Space | 71.70% Space Free | Partition Type: NTFS
Drive G: | 148.95 Gb Total Space | 13.88 Gb Free Space | 9.32% Space Free | Partition Type: NTFS
 
Computer Name: PC-FSCHUMACHER | User Name: f.schumacher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\f.schumacher\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Users\f.schumacher\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
PRC - C:\Program Files\Razer\Imperator\RazerImperatorTray.exe (Razer USA Ltd)
PRC - C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe (Logitech Inc.)
PRC - C:\Windows\KMService.exe ()
PRC - C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Hewlett-Packard)
PRC - C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe ()
PRC - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe ()
PRC - C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\avmwlanstick\FRITZWLanMini.exe (AVM Berlin GmbH)
PRC - C:\Windows\System32\srvany.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\f.schumacher\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll ()
MOD - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\401a9dbeaad6b6ca70c90ae4fbd2e0b8\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b540398c49e7c32ab58666de7f09f645\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\fa45e7d581b80c34cb0d5518491c7387\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\c0afb5fbfbc7a8d670b430672c5fd578\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\af091a68303117ca2166aa13bcbfbbd0\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\fd0f015bc4324d8b9716ae38083a4e4d\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\90223e809b1ff291a7f65509702e2fa1\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a48e483c6b13da563725d72ec518a0bb\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\69adb8f9940fa1330f6f1b706e3dc31e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\2b1af7649e57195b4b85bbf4c5cb7c90\mscorlib.ni.dll ()
MOD - C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 4\ASCv4ExtMenu.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtGui4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtSql4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtScript4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtNetwork4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtCore4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtDeclarative4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll ()
MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Users\f.schumacher\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
MOD - C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe ()
MOD - C:\Windows\System32\OSD.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe ()
MOD - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (OverwolfUpdaterService) --  File not found
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (HP Support Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (AdvancedSystemCareService) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (GameConsoleService) -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (KMService) -- C:\Windows\System32\srvany.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bserd) -- C:\Windows\System32\drivers\ss_bserd.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\system32\DRIVERS\kl1.sys (Kaspersky Lab ZAO)
DRV - (SmartDefragDriver) -- C:\Windows\System32\Drivers\SmartDefragDriver.sys ()
DRV - (Impcd) -- C:\Windows\system32\DRIVERS\Impcd.sys (Intel Corporation)
DRV - (LGVirHid) -- C:\Windows\System32\drivers\LGVirHid.sys (Logitech Inc.)
DRV - (LGBusEnum) -- C:\Windows\System32\drivers\LGBusEnum.sys (Logitech Inc.)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (OxPPort) -- C:\Windows\system32\DRIVERS\OxPPort.sys (OEM)
DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: linkuryfirefoxremoteplugin@linkury.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0.0.479
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}:7.0
FF - prefs.js..extensions.enabledItems: iobit@mybrowserbar.com:4.6
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.6
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@vizzed.com/VizzedRGR: C:\Program Files\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\dealscout@deal-scout.net: C:\Program Files\DealScout\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\11.0.19.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2011/11/09 16:11:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2011/11/09 16:11:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: G:\Program Files (x86)\Mozilla Firefox\components [2012/01/10 20:11:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: G:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/04 16:24:07 | 000,000,000 | ---D | M]
 
[2010/11/07 21:24:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\f.schumacher\AppData\Roaming\mozilla\Extensions
[2012/01/11 18:25:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\f.schumacher\AppData\Roaming\mozilla\Firefox\Profiles\18kkm9t1.default\extensions
[2012/01/11 18:25:07 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\f.schumacher\AppData\Roaming\mozilla\Firefox\Profiles\18kkm9t1.default\extensions\ffxtlbr@babylon.com
() (No name found) -- C:\USERS\F.SCHUMACHER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\18KKM9T1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - Reg Error: Value error. File not found
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\FRITZWLANMini.exe (AVM Berlin GmbH)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP KEYBOARDx] C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Hewlett-Packard)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Razer Imperator Driver] C:\Program Files\Razer\Imperator\RazerImperatorTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [run] C:\Windows\run.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Firefox helper] C:\Users\f.schumacher\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - Reg Error: Value error. File not found
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC72FCB2-2C56-49A8-BE53-B3CCFC79460D}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D8216CF2-3B6C-4363-859F-9797B8106577}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Value error. File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4e3862ee-eae6-11df-b911-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4e3862ee-eae6-11df-b911-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{5879350e-ffe9-11e0-bfe0-001a4f9c8647}\Shell - "" = AutoRun
O33 - MountPoints2\{5879350e-ffe9-11e0-bfe0-001a4f9c8647}\Shell\AutoRun\command - "" = H:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{5879350e-ffe9-11e0-bfe0-001a4f9c8647}\Shell\dinstall\command - "" = H:\Directx\dxsetup.exe
O33 - MountPoints2\{e99de7a3-c34e-11e0-9fa3-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e99de7a3-c34e-11e0-9fa3-806e6f6e6963}\Shell\AutoRun\command - "" = H:\pushinst.exe
O33 - MountPoints2\{f50dd5f5-e622-11e0-a20a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f50dd5f5-e622-11e0-a20a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/01/18 16:17:05 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\f.schumacher\Desktop\OTL.exe
[2012/01/17 20:25:59 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012/01/17 20:25:59 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012/01/17 20:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012/01/17 20:25:23 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\AppData\Roaming\TuneUp Software
[2012/01/17 20:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2012/01/17 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012/01/17 20:21:05 | 035,944,352 | ---- | C] (TuneUp Software) -- C:\Users\f.schumacher\Desktop\TuneUpUtilities2012_de-DE.exe
[2012/01/17 20:18:49 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/01/17 19:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/01/11 15:13:57 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/11 15:13:56 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/11 15:13:56 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/05 22:17:29 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\Games for Windows - LIVE Demos
[2012/01/05 21:52:08 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\WB Games
[2012/01/05 21:51:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2012/01/05 21:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\WB Games
[2012/01/05 21:24:11 | 000,034,304 | ---- | C] (AMD, Inc.) -- C:\Windows\System32\drivers\AmdLLD.sys
[2012/01/05 21:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2012/01/05 21:21:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012/01/05 21:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/01/05 21:21:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2011/12/29 22:58:45 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Desktop\penis
[2011/12/29 22:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2011/12/29 22:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2011/12/29 22:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011/12/27 14:39:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2011/12/27 14:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Razer
[2011/12/25 13:43:42 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\BioWare
[2011/12/25 13:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
[2011/12/25 13:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare
[2011/12/22 19:44:42 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys
[2011/12/22 19:44:42 | 000,100,224 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bserd.sys
[2011/12/22 19:44:42 | 000,098,432 | ---- | C] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys
[2011/12/22 19:44:42 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys
[2011/12/22 19:44:42 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys
[2011/12/22 19:44:42 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys
[2011/12/22 19:29:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\System32
[2011/12/22 19:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2011/12/21 17:41:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2011/12/21 17:05:09 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\Vindictus EU
[2011/12/21 01:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/12/21 01:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2011/12/21 01:29:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2011/12/20 21:19:44 | 000,000,000 | ---D | C] -- C:\Download
[2011/12/20 21:16:20 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2011/12/20 21:16:20 | 000,000,000 | ---D | C] -- C:\Nexon
[2010/09/03 18:41:43 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/01/18 16:30:01 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/18 16:21:39 | 000,016,768 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 16:21:39 | 000,016,768 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 16:18:19 | 000,700,130 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/18 16:18:19 | 000,654,842 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/18 16:18:19 | 000,148,926 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/18 16:18:19 | 000,121,714 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/18 16:17:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\f.schumacher\Desktop\OTL.exe
[2012/01/18 16:15:12 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/18 16:13:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/18 16:13:22 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/17 20:25:54 | 000,002,157 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012/01/17 20:25:54 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012/01/17 20:06:26 | 035,944,352 | ---- | M] (TuneUp Software) -- C:\Users\f.schumacher\Desktop\TuneUpUtilities2012_de-DE.exe
[2012/01/17 18:49:02 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForf.schumacher.job
[2012/01/16 17:35:58 | 000,348,112 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/15 12:00:00 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\One-Click Tweak.job
[2011/12/29 22:59:34 | 000,137,688 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/12/29 22:59:20 | 000,202,040 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011/12/28 23:12:25 | 000,001,100 | ---- | M] () -- C:\Users\f.schumacher\Desktop\Minecraft.lnk
[2011/12/27 14:46:59 | 000,001,852 | ---- | M] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile0.dat
[2011/12/27 14:46:59 | 000,001,850 | ---- | M] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile1.dat
[2011/12/26 19:26:30 | 000,001,203 | ---- | M] () -- C:\Users\f.schumacher\Desktop\MassEffect - Verknüpfung.lnk
[2011/12/25 13:42:10 | 000,000,785 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect.lnk
[2011/12/22 18:48:36 | 000,001,749 | ---- | M] () -- C:\Users\f.schumacher\Desktop\Launch Vindictus.lnk
[2011/12/21 19:19:43 | 000,000,183 | ---- | M] () -- C:\Users\Public\Desktop\Vindictus EU.url
[2011/12/21 18:22:30 | 000,000,235 | ---- | M] () -- C:\Windows\System32\nxEuUninstall.bat
[2011/12/21 18:22:29 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2011/12/20 21:29:38 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/01/17 20:25:54 | 000,002,157 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012/01/17 20:25:54 | 000,002,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012/01/17 20:25:54 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012/01/10 17:58:57 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForf.schumacher.job
[2012/01/05 21:21:25 | 000,001,340 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011/12/26 19:26:30 | 000,001,203 | ---- | C] () -- C:\Users\f.schumacher\Desktop\MassEffect - Verknüpfung.lnk
[2011/12/25 13:42:10 | 000,000,785 | ---- | C] () -- C:\Users\Public\Desktop\Mass Effect.lnk
[2011/12/22 18:48:36 | 000,001,749 | ---- | C] () -- C:\Users\f.schumacher\Desktop\Launch Vindictus.lnk
[2011/12/21 19:19:43 | 000,000,183 | ---- | C] () -- C:\Users\Public\Desktop\Vindictus EU.url
[2011/12/20 21:29:38 | 000,000,771 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2011/12/20 21:16:20 | 000,000,235 | ---- | C] () -- C:\Windows\System32\nxEuUninstall.bat
[2011/11/05 19:28:59 | 000,017,408 | ---- | C] () -- C:\Users\f.schumacher\AppData\Local\WebpageIcons.db
[2011/11/05 19:28:22 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011/11/05 19:28:22 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011/11/05 11:30:25 | 000,003,670 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/11/04 16:24:13 | 000,000,000 | ---- | C] () -- C:\ProgramData\48382a7ef94ffa4a55badc7cd0dfc43e_c
[2011/10/02 16:54:55 | 000,137,688 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/10/02 16:54:46 | 000,202,040 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011/10/02 16:54:35 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/09/25 03:54:11 | 000,001,852 | ---- | C] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile0.dat
[2011/09/25 03:54:11 | 000,001,850 | ---- | C] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile1.dat
[2011/09/24 22:25:18 | 000,000,548 | ---- | C] () -- C:\Windows\run.exe
[2011/09/16 10:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/09/16 10:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/09/16 10:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/09/16 10:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/09/16 10:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/09/11 10:17:25 | 000,025,944 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011/09/11 10:17:25 | 000,015,672 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/09/07 20:26:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/08/30 23:29:31 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/08/10 13:49:39 | 000,097,312 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2011/08/03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/05/31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2011/05/31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011/03/11 12:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2010/11/08 15:06:29 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/11/08 15:06:29 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2030.DAT
[2010/11/08 14:55:20 | 000,434,176 | ---- | C] () -- C:\Windows\System32\ZSHP1020.EXE
[2010/11/08 09:21:06 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe
[2010/11/08 09:21:06 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2010/09/03 18:41:43 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/09/03 18:41:43 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/09/03 18:41:43 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/09/03 18:41:43 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010/09/03 18:41:43 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/09/03 18:41:43 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/09/03 18:41:42 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/09/03 18:28:36 | 000,700,130 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010/09/03 18:28:36 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010/09/03 18:28:36 | 000,148,926 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010/09/03 18:28:36 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/04/27 17:44:36 | 000,035,384 | ---- | C] () -- C:\Windows\System32\drivers\cqcpu.sys
[2010/04/27 17:44:36 | 000,035,384 | ---- | C] () -- C:\Windows\System32\drivers\cpqdfw.sys
[2010/02/10 02:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,348,112 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,654,842 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,121,714 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 01:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 001,498,564 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/06/18 18:29:04 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/04/15 15:04:38 | 000,104,520 | ---- | C] () -- C:\Windows\System32\OSD.dll
[2009/02/18 16:55:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/02/03 19:52:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
 
========== LOP Check ==========
 
[2011/12/14 18:55:51 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\.minecraft
[2011/10/23 12:58:21 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Command & Conquer 3 Kanes Rache
[2011/10/22 15:39:41 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011/10/26 17:47:40 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\DAEMON Tools Lite
[2011/12/17 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\ICQ
[2011/08/16 12:06:27 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\IObit
[2011/10/09 21:59:03 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\LolClient
[2011/10/13 17:08:36 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\PunkBuster
[2011/10/11 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Samsung
[2011/09/24 21:51:44 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Thinstall
[2011/08/11 01:12:46 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\TS3Client
[2012/01/17 20:25:23 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\TuneUp Software
[2011/12/04 15:58:15 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Ubisoft
[2011/08/10 19:18:50 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\wargaming.net
[2010/11/09 11:20:21 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\WildTangent
[2011/09/20 17:09:39 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\WinBatch
[2012/01/15 12:00:00 | 000,000,514 | ---- | M] () -- C:\Windows\Tasks\One-Click Tweak.job
[2011/12/13 18:12:21 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---
__________________


Alt 18.01.2012, 17:22   #3
Javier
 
Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen - Standard

Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen



Extra.txtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 1/18/2012 4:34:10 PM - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\f.schumacher\Desktop
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 64.50% Memory free
6.00 Gb Paging File | 4.77 Gb Available in Paging File | 79.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.86 Gb Total Space | 301.76 Gb Free Space | 66.19% Space Free | Partition Type: NTFS
Drive D: | 9.80 Gb Total Space | 1.19 Gb Free Space | 12.18% Space Free | Partition Type: NTFS
Drive F: | 100.00 Mb Total Space | 71.70 Mb Free Space | 71.70% Space Free | Partition Type: NTFS
Drive G: | 148.95 Gb Total Space | 13.88 Gb Free Space | 9.32% Space Free | Partition Type: NTFS
 
Computer Name: PC-FSCHUMACHER | User Name: f.schumacher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\f.schumacher\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Users\f.schumacher\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
PRC - C:\Program Files\Razer\Imperator\RazerImperatorTray.exe (Razer USA Ltd)
PRC - C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe (Logitech Inc.)
PRC - C:\Windows\KMService.exe ()
PRC - C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Hewlett-Packard)
PRC - C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe ()
PRC - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe ()
PRC - C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\avmwlanstick\FRITZWLanMini.exe (AVM Berlin GmbH)
PRC - C:\Windows\System32\srvany.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\f.schumacher\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll ()
MOD - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\401a9dbeaad6b6ca70c90ae4fbd2e0b8\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b540398c49e7c32ab58666de7f09f645\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\fa45e7d581b80c34cb0d5518491c7387\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\c0afb5fbfbc7a8d670b430672c5fd578\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\af091a68303117ca2166aa13bcbfbbd0\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\fd0f015bc4324d8b9716ae38083a4e4d\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\90223e809b1ff291a7f65509702e2fa1\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a48e483c6b13da563725d72ec518a0bb\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\69adb8f9940fa1330f6f1b706e3dc31e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\2b1af7649e57195b4b85bbf4c5cb7c90\mscorlib.ni.dll ()
MOD - C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 4\ASCv4ExtMenu.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtGui4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtSql4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtScript4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtNetwork4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtCore4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtDeclarative4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll ()
MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Users\f.schumacher\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
MOD - C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe ()
MOD - C:\Windows\System32\OSD.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe ()
MOD - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (OverwolfUpdaterService) --  File not found
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (HP Support Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (AdvancedSystemCareService) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (GameConsoleService) -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (KMService) -- C:\Windows\System32\srvany.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bserd) -- C:\Windows\System32\drivers\ss_bserd.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\system32\DRIVERS\kl1.sys (Kaspersky Lab ZAO)
DRV - (SmartDefragDriver) -- C:\Windows\System32\Drivers\SmartDefragDriver.sys ()
DRV - (Impcd) -- C:\Windows\system32\DRIVERS\Impcd.sys (Intel Corporation)
DRV - (LGVirHid) -- C:\Windows\System32\drivers\LGVirHid.sys (Logitech Inc.)
DRV - (LGBusEnum) -- C:\Windows\System32\drivers\LGBusEnum.sys (Logitech Inc.)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (OxPPort) -- C:\Windows\system32\DRIVERS\OxPPort.sys (OEM)
DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: linkuryfirefoxremoteplugin@linkury.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0.0.479
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}:7.0
FF - prefs.js..extensions.enabledItems: iobit@mybrowserbar.com:4.6
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.6
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@vizzed.com/VizzedRGR: C:\Program Files\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\dealscout@deal-scout.net: C:\Program Files\DealScout\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\11.0.19.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2011/11/09 16:11:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2011/11/09 16:11:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: G:\Program Files (x86)\Mozilla Firefox\components [2012/01/10 20:11:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: G:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/04 16:24:07 | 000,000,000 | ---D | M]
 
[2010/11/07 21:24:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\f.schumacher\AppData\Roaming\mozilla\Extensions
[2012/01/11 18:25:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\f.schumacher\AppData\Roaming\mozilla\Firefox\Profiles\18kkm9t1.default\extensions
[2012/01/11 18:25:07 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\f.schumacher\AppData\Roaming\mozilla\Firefox\Profiles\18kkm9t1.default\extensions\ffxtlbr@babylon.com
() (No name found) -- C:\USERS\F.SCHUMACHER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\18KKM9T1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - Reg Error: Value error. File not found
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\FRITZWLANMini.exe (AVM Berlin GmbH)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP KEYBOARDx] C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Hewlett-Packard)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Razer Imperator Driver] C:\Program Files\Razer\Imperator\RazerImperatorTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [run] C:\Windows\run.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Firefox helper] C:\Users\f.schumacher\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - Reg Error: Value error. File not found
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC72FCB2-2C56-49A8-BE53-B3CCFC79460D}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D8216CF2-3B6C-4363-859F-9797B8106577}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Value error. File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4e3862ee-eae6-11df-b911-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4e3862ee-eae6-11df-b911-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{5879350e-ffe9-11e0-bfe0-001a4f9c8647}\Shell - "" = AutoRun
O33 - MountPoints2\{5879350e-ffe9-11e0-bfe0-001a4f9c8647}\Shell\AutoRun\command - "" = H:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{5879350e-ffe9-11e0-bfe0-001a4f9c8647}\Shell\dinstall\command - "" = H:\Directx\dxsetup.exe
O33 - MountPoints2\{e99de7a3-c34e-11e0-9fa3-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e99de7a3-c34e-11e0-9fa3-806e6f6e6963}\Shell\AutoRun\command - "" = H:\pushinst.exe
O33 - MountPoints2\{f50dd5f5-e622-11e0-a20a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f50dd5f5-e622-11e0-a20a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/01/18 16:17:05 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\f.schumacher\Desktop\OTL.exe
[2012/01/17 20:25:59 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012/01/17 20:25:59 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012/01/17 20:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012/01/17 20:25:23 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\AppData\Roaming\TuneUp Software
[2012/01/17 20:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2012/01/17 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012/01/17 20:21:05 | 035,944,352 | ---- | C] (TuneUp Software) -- C:\Users\f.schumacher\Desktop\TuneUpUtilities2012_de-DE.exe
[2012/01/17 20:18:49 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/01/17 19:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/01/11 15:13:57 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/11 15:13:56 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/11 15:13:56 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/05 22:17:29 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\Games for Windows - LIVE Demos
[2012/01/05 21:52:08 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\WB Games
[2012/01/05 21:51:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2012/01/05 21:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\WB Games
[2012/01/05 21:24:11 | 000,034,304 | ---- | C] (AMD, Inc.) -- C:\Windows\System32\drivers\AmdLLD.sys
[2012/01/05 21:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2012/01/05 21:21:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012/01/05 21:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/01/05 21:21:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2011/12/29 22:58:45 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Desktop\penis
[2011/12/29 22:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2011/12/29 22:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2011/12/29 22:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011/12/27 14:39:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2011/12/27 14:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Razer
[2011/12/25 13:43:42 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\BioWare
[2011/12/25 13:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
[2011/12/25 13:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare
[2011/12/22 19:44:42 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys
[2011/12/22 19:44:42 | 000,100,224 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bserd.sys
[2011/12/22 19:44:42 | 000,098,432 | ---- | C] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys
[2011/12/22 19:44:42 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys
[2011/12/22 19:44:42 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys
[2011/12/22 19:44:42 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys
[2011/12/22 19:29:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\System32
[2011/12/22 19:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2011/12/21 17:41:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2011/12/21 17:05:09 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\Vindictus EU
[2011/12/21 01:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/12/21 01:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2011/12/21 01:29:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2011/12/20 21:19:44 | 000,000,000 | ---D | C] -- C:\Download
[2011/12/20 21:16:20 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2011/12/20 21:16:20 | 000,000,000 | ---D | C] -- C:\Nexon
[2010/09/03 18:41:43 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/01/18 16:30:01 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/18 16:21:39 | 000,016,768 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 16:21:39 | 000,016,768 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 16:18:19 | 000,700,130 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/18 16:18:19 | 000,654,842 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/18 16:18:19 | 000,148,926 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/18 16:18:19 | 000,121,714 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/18 16:17:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\f.schumacher\Desktop\OTL.exe
[2012/01/18 16:15:12 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/18 16:13:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/18 16:13:22 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/17 20:25:54 | 000,002,157 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012/01/17 20:25:54 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012/01/17 20:06:26 | 035,944,352 | ---- | M] (TuneUp Software) -- C:\Users\f.schumacher\Desktop\TuneUpUtilities2012_de-DE.exe
[2012/01/17 18:49:02 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForf.schumacher.job
[2012/01/16 17:35:58 | 000,348,112 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/15 12:00:00 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\One-Click Tweak.job
[2011/12/29 22:59:34 | 000,137,688 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/12/29 22:59:20 | 000,202,040 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011/12/28 23:12:25 | 000,001,100 | ---- | M] () -- C:\Users\f.schumacher\Desktop\Minecraft.lnk
[2011/12/27 14:46:59 | 000,001,852 | ---- | M] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile0.dat
[2011/12/27 14:46:59 | 000,001,850 | ---- | M] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile1.dat
[2011/12/26 19:26:30 | 000,001,203 | ---- | M] () -- C:\Users\f.schumacher\Desktop\MassEffect - Verknüpfung.lnk
[2011/12/25 13:42:10 | 000,000,785 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect.lnk
[2011/12/22 18:48:36 | 000,001,749 | ---- | M] () -- C:\Users\f.schumacher\Desktop\Launch Vindictus.lnk
[2011/12/21 19:19:43 | 000,000,183 | ---- | M] () -- C:\Users\Public\Desktop\Vindictus EU.url
[2011/12/21 18:22:30 | 000,000,235 | ---- | M] () -- C:\Windows\System32\nxEuUninstall.bat
[2011/12/21 18:22:29 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2011/12/20 21:29:38 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/01/17 20:25:54 | 000,002,157 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012/01/17 20:25:54 | 000,002,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012/01/17 20:25:54 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012/01/10 17:58:57 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForf.schumacher.job
[2012/01/05 21:21:25 | 000,001,340 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011/12/26 19:26:30 | 000,001,203 | ---- | C] () -- C:\Users\f.schumacher\Desktop\MassEffect - Verknüpfung.lnk
[2011/12/25 13:42:10 | 000,000,785 | ---- | C] () -- C:\Users\Public\Desktop\Mass Effect.lnk
[2011/12/22 18:48:36 | 000,001,749 | ---- | C] () -- C:\Users\f.schumacher\Desktop\Launch Vindictus.lnk
[2011/12/21 19:19:43 | 000,000,183 | ---- | C] () -- C:\Users\Public\Desktop\Vindictus EU.url
[2011/12/20 21:29:38 | 000,000,771 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2011/12/20 21:16:20 | 000,000,235 | ---- | C] () -- C:\Windows\System32\nxEuUninstall.bat
[2011/11/05 19:28:59 | 000,017,408 | ---- | C] () -- C:\Users\f.schumacher\AppData\Local\WebpageIcons.db
[2011/11/05 19:28:22 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011/11/05 19:28:22 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011/11/05 11:30:25 | 000,003,670 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/11/04 16:24:13 | 000,000,000 | ---- | C] () -- C:\ProgramData\48382a7ef94ffa4a55badc7cd0dfc43e_c
[2011/10/02 16:54:55 | 000,137,688 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/10/02 16:54:46 | 000,202,040 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011/10/02 16:54:35 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/09/25 03:54:11 | 000,001,852 | ---- | C] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile0.dat
[2011/09/25 03:54:11 | 000,001,850 | ---- | C] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile1.dat
[2011/09/24 22:25:18 | 000,000,548 | ---- | C] () -- C:\Windows\run.exe
[2011/09/16 10:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/09/16 10:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/09/16 10:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/09/16 10:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/09/16 10:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/09/11 10:17:25 | 000,025,944 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011/09/11 10:17:25 | 000,015,672 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/09/07 20:26:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/08/30 23:29:31 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/08/10 13:49:39 | 000,097,312 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2011/08/03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/05/31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2011/05/31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011/03/11 12:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2010/11/08 15:06:29 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/11/08 15:06:29 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2030.DAT
[2010/11/08 14:55:20 | 000,434,176 | ---- | C] () -- C:\Windows\System32\ZSHP1020.EXE
[2010/11/08 09:21:06 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe
[2010/11/08 09:21:06 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2010/09/03 18:41:43 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/09/03 18:41:43 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/09/03 18:41:43 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/09/03 18:41:43 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010/09/03 18:41:43 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/09/03 18:41:43 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/09/03 18:41:42 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/09/03 18:28:36 | 000,700,130 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010/09/03 18:28:36 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010/09/03 18:28:36 | 000,148,926 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010/09/03 18:28:36 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/04/27 17:44:36 | 000,035,384 | ---- | C] () -- C:\Windows\System32\drivers\cqcpu.sys
[2010/04/27 17:44:36 | 000,035,384 | ---- | C] () -- C:\Windows\System32\drivers\cpqdfw.sys
[2010/02/10 02:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,348,112 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,654,842 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,121,714 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 01:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 001,498,564 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/06/18 18:29:04 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/04/15 15:04:38 | 000,104,520 | ---- | C] () -- C:\Windows\System32\OSD.dll
[2009/02/18 16:55:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/02/03 19:52:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
 
========== LOP Check ==========
 
[2011/12/14 18:55:51 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\.minecraft
[2011/10/23 12:58:21 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Command & Conquer 3 Kanes Rache
[2011/10/22 15:39:41 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011/10/26 17:47:40 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\DAEMON Tools Lite
[2011/12/17 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\ICQ
[2011/08/16 12:06:27 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\IObit
[2011/10/09 21:59:03 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\LolClient
[2011/10/13 17:08:36 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\PunkBuster
[2011/10/11 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Samsung
[2011/09/24 21:51:44 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Thinstall
[2011/08/11 01:12:46 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\TS3Client
[2012/01/17 20:25:23 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\TuneUp Software
[2011/12/04 15:58:15 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Ubisoft
[2011/08/10 19:18:50 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\wargaming.net
[2010/11/09 11:20:21 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\WildTangent
[2011/09/20 17:09:39 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\WinBatch
[2012/01/15 12:00:00 | 000,000,514 | ---- | M] () -- C:\Windows\Tasks\One-Click Tweak.job
[2011/12/13 18:12:21 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 1/18/2012 4:34:10 PM - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\f.schumacher\Desktop
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 64.50% Memory free
6.00 Gb Paging File | 4.77 Gb Available in Paging File | 79.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.86 Gb Total Space | 301.76 Gb Free Space | 66.19% Space Free | Partition Type: NTFS
Drive D: | 9.80 Gb Total Space | 1.19 Gb Free Space | 12.18% Space Free | Partition Type: NTFS
Drive F: | 100.00 Mb Total Space | 71.70 Mb Free Space | 71.70% Space Free | Partition Type: NTFS
Drive G: | 148.95 Gb Total Space | 13.88 Gb Free Space | 9.32% Space Free | Partition Type: NTFS
 
Computer Name: PC-FSCHUMACHER | User Name: f.schumacher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- G:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{10CCF16B-F1C9-4B24-9570-B4CCEE42392D}" = LightScribe System Software
"{1A6D6B28-888F-4512-910E-89FB2E189FEA}" = Vizzed Retro Game Room
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1BFF0EA4-DFD8-8E28-90D4-8E435C7E0AAB}" = Catalyst Control Center InstallProxy
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.0
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{32A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{57520FA0-A73E-4165-BCA2-D71000018301}" = Batman: Arkham City™
"{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{60F641EA-DFFB-4419-A1A7-4FF575BA87BE}" = HP Setup
"{69A13D2F-A08F-619A-1D42-94CB96F3635A}" = ATI Catalyst Install Manager
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A1E1A376-49D4-4960-8599-D5D26A4C2E7B}" = Razer Imperator
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{A9094B7E-7221-4FDD-8F22-340003F4BDC2}" = Overwolf
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AE613868-24C7-4f1f-A9C6-7B3B718ABDA5}" = IObit Toolbar v4.9
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}" = HP MAINSTREAM KEYBOARD
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D9292112-253F-438D-B1AB-432E5A1FE1B5}" = Razer Imperator Firmware Updater
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced PC Tweaker_is1" = Advanced PC Tweaker v4.2
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CABAL Online_is1" = CABAL Online
"Game Booster_is1" = Game Booster
"GFWL_{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"Google Chrome" = Google Chrome
"Gothic" = Gothic
"HP Keyboard_is1" = HP Desktop Keyboard
"HP Remote Solution" = HP Remote Solution
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"My HP Game Console" = HP Game Console
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PDF Complete" = PDF Complete Special Edition
"PunkBusterSvc" = PunkBuster Services
"Smart Defrag 2_is1" = Smart Defrag 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Two Worlds II" = Two Worlds II
"Vindictus EU" = Vindictus EU
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT087361" = FATE
"WT087380" = John Deere Drive Green
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087420" = Agatha Christie - Death on the Nile
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087480" = Insaniquarium Deluxe
"WT087485" = Jewel Quest II
"WT087490" = Jewel Quest Solitaire
"WT087501" = Plants vs. Zombies
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087519" = Wedding Dash
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NCsoft-Aion" = Aion
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---
__________________

Alt 18.01.2012, 17:24   #4
Javier
 
Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen - Standard

Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen



Extra.txt :OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 1/18/2012 4:34:10 PM - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\f.schumacher\Desktop
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 64.50% Memory free
6.00 Gb Paging File | 4.77 Gb Available in Paging File | 79.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.86 Gb Total Space | 301.76 Gb Free Space | 66.19% Space Free | Partition Type: NTFS
Drive D: | 9.80 Gb Total Space | 1.19 Gb Free Space | 12.18% Space Free | Partition Type: NTFS
Drive F: | 100.00 Mb Total Space | 71.70 Mb Free Space | 71.70% Space Free | Partition Type: NTFS
Drive G: | 148.95 Gb Total Space | 13.88 Gb Free Space | 9.32% Space Free | Partition Type: NTFS
 
Computer Name: PC-FSCHUMACHER | User Name: f.schumacher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\f.schumacher\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
PRC - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Users\f.schumacher\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
PRC - C:\Program Files\Razer\Imperator\RazerImperatorTray.exe (Razer USA Ltd)
PRC - C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe (Logitech Inc.)
PRC - C:\Windows\KMService.exe ()
PRC - C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Hewlett-Packard)
PRC - C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe ()
PRC - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe ()
PRC - C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\avmwlanstick\FRITZWLanMini.exe (AVM Berlin GmbH)
PRC - C:\Windows\System32\srvany.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\f.schumacher\AppData\Local\Temp\feb59f87-baa7-4a0a-902c-c33cfc0feb21\CliSecureRT.dll ()
MOD - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\401a9dbeaad6b6ca70c90ae4fbd2e0b8\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b540398c49e7c32ab58666de7f09f645\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\fa45e7d581b80c34cb0d5518491c7387\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\c0afb5fbfbc7a8d670b430672c5fd578\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\af091a68303117ca2166aa13bcbfbbd0\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\fd0f015bc4324d8b9716ae38083a4e4d\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\90223e809b1ff291a7f65509702e2fa1\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a48e483c6b13da563725d72ec518a0bb\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\69adb8f9940fa1330f6f1b706e3dc31e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\2b1af7649e57195b4b85bbf4c5cb7c90\mscorlib.ni.dll ()
MOD - C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 4\ASCv4ExtMenu.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtGui4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtSql4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtScript4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtNetwork4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtCore4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtDeclarative4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll ()
MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Users\f.schumacher\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
MOD - C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe ()
MOD - C:\Windows\System32\OSD.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe ()
MOD - C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (OverwolfUpdaterService) --  File not found
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (HP Support Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (AdvancedSystemCareService) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (GameConsoleService) -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (KMService) -- C:\Windows\System32\srvany.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bserd) -- C:\Windows\System32\drivers\ss_bserd.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\system32\DRIVERS\kl1.sys (Kaspersky Lab ZAO)
DRV - (SmartDefragDriver) -- C:\Windows\System32\Drivers\SmartDefragDriver.sys ()
DRV - (Impcd) -- C:\Windows\system32\DRIVERS\Impcd.sys (Intel Corporation)
DRV - (LGVirHid) -- C:\Windows\System32\drivers\LGVirHid.sys (Logitech Inc.)
DRV - (LGBusEnum) -- C:\Windows\System32\drivers\LGBusEnum.sys (Logitech Inc.)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (OxPPort) -- C:\Windows\system32\DRIVERS\OxPPort.sys (OEM)
DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: linkuryfirefoxremoteplugin@linkury.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0.0.479
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}:7.0
FF - prefs.js..extensions.enabledItems: iobit@mybrowserbar.com:4.6
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.6
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@vizzed.com/VizzedRGR: C:\Program Files\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\dealscout@deal-scout.net: C:\Program Files\DealScout\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\11.0.19.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2011/11/09 16:11:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2011/11/09 16:11:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: G:\Program Files (x86)\Mozilla Firefox\components [2012/01/10 20:11:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: G:\Program Files (x86)\Mozilla Firefox\plugins [2011/11/04 16:24:07 | 000,000,000 | ---D | M]
 
[2010/11/07 21:24:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\f.schumacher\AppData\Roaming\mozilla\Extensions
[2012/01/11 18:25:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\f.schumacher\AppData\Roaming\mozilla\Firefox\Profiles\18kkm9t1.default\extensions
[2012/01/11 18:25:07 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\f.schumacher\AppData\Roaming\mozilla\Firefox\Profiles\18kkm9t1.default\extensions\ffxtlbr@babylon.com
() (No name found) -- C:\USERS\F.SCHUMACHER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\18KKM9T1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - Reg Error: Value error. File not found
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\FRITZWLANMini.exe (AVM Berlin GmbH)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP KEYBOARDx] C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE (Hewlett-Packard)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Razer Imperator Driver] C:\Program Files\Razer\Imperator\RazerImperatorTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [run] C:\Windows\run.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Firefox helper] C:\Users\f.schumacher\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - Reg Error: Value error. File not found
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC72FCB2-2C56-49A8-BE53-B3CCFC79460D}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D8216CF2-3B6C-4363-859F-9797B8106577}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Value error. File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4e3862ee-eae6-11df-b911-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4e3862ee-eae6-11df-b911-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{5879350e-ffe9-11e0-bfe0-001a4f9c8647}\Shell - "" = AutoRun
O33 - MountPoints2\{5879350e-ffe9-11e0-bfe0-001a4f9c8647}\Shell\AutoRun\command - "" = H:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{5879350e-ffe9-11e0-bfe0-001a4f9c8647}\Shell\dinstall\command - "" = H:\Directx\dxsetup.exe
O33 - MountPoints2\{e99de7a3-c34e-11e0-9fa3-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e99de7a3-c34e-11e0-9fa3-806e6f6e6963}\Shell\AutoRun\command - "" = H:\pushinst.exe
O33 - MountPoints2\{f50dd5f5-e622-11e0-a20a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f50dd5f5-e622-11e0-a20a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/01/18 16:17:05 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\f.schumacher\Desktop\OTL.exe
[2012/01/17 20:25:59 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012/01/17 20:25:59 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012/01/17 20:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012/01/17 20:25:23 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\AppData\Roaming\TuneUp Software
[2012/01/17 20:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2012/01/17 20:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012/01/17 20:21:05 | 035,944,352 | ---- | C] (TuneUp Software) -- C:\Users\f.schumacher\Desktop\TuneUpUtilities2012_de-DE.exe
[2012/01/17 20:18:49 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/01/17 19:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/01/11 15:13:57 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/11 15:13:56 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/11 15:13:56 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/05 22:17:29 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\Games for Windows - LIVE Demos
[2012/01/05 21:52:08 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\WB Games
[2012/01/05 21:51:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2012/01/05 21:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\WB Games
[2012/01/05 21:24:11 | 000,034,304 | ---- | C] (AMD, Inc.) -- C:\Windows\System32\drivers\AmdLLD.sys
[2012/01/05 21:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2012/01/05 21:21:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012/01/05 21:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/01/05 21:21:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2011/12/29 22:58:45 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Desktop\penis
[2011/12/29 22:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2011/12/29 22:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2011/12/29 22:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011/12/27 14:39:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2011/12/27 14:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Razer
[2011/12/25 13:43:42 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\BioWare
[2011/12/25 13:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
[2011/12/25 13:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare
[2011/12/22 19:44:42 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys
[2011/12/22 19:44:42 | 000,100,224 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bserd.sys
[2011/12/22 19:44:42 | 000,098,432 | ---- | C] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys
[2011/12/22 19:44:42 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys
[2011/12/22 19:44:42 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys
[2011/12/22 19:44:42 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys
[2011/12/22 19:29:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\System32
[2011/12/22 19:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2011/12/21 17:41:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2011/12/21 17:05:09 | 000,000,000 | ---D | C] -- C:\Users\f.schumacher\Documents\Vindictus EU
[2011/12/21 01:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/12/21 01:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2011/12/21 01:29:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2011/12/20 21:19:44 | 000,000,000 | ---D | C] -- C:\Download
[2011/12/20 21:16:20 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2011/12/20 21:16:20 | 000,000,000 | ---D | C] -- C:\Nexon
[2010/09/03 18:41:43 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/01/18 16:30:01 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/18 16:21:39 | 000,016,768 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 16:21:39 | 000,016,768 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 16:18:19 | 000,700,130 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/18 16:18:19 | 000,654,842 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/18 16:18:19 | 000,148,926 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/18 16:18:19 | 000,121,714 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/18 16:17:07 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\f.schumacher\Desktop\OTL.exe
[2012/01/18 16:15:12 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/18 16:13:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/18 16:13:22 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/17 20:25:54 | 000,002,157 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012/01/17 20:25:54 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012/01/17 20:06:26 | 035,944,352 | ---- | M] (TuneUp Software) -- C:\Users\f.schumacher\Desktop\TuneUpUtilities2012_de-DE.exe
[2012/01/17 18:49:02 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForf.schumacher.job
[2012/01/16 17:35:58 | 000,348,112 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/15 12:00:00 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\One-Click Tweak.job
[2011/12/29 22:59:34 | 000,137,688 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/12/29 22:59:20 | 000,202,040 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011/12/28 23:12:25 | 000,001,100 | ---- | M] () -- C:\Users\f.schumacher\Desktop\Minecraft.lnk
[2011/12/27 14:46:59 | 000,001,852 | ---- | M] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile0.dat
[2011/12/27 14:46:59 | 000,001,850 | ---- | M] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile1.dat
[2011/12/26 19:26:30 | 000,001,203 | ---- | M] () -- C:\Users\f.schumacher\Desktop\MassEffect - Verknüpfung.lnk
[2011/12/25 13:42:10 | 000,000,785 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect.lnk
[2011/12/22 18:48:36 | 000,001,749 | ---- | M] () -- C:\Users\f.schumacher\Desktop\Launch Vindictus.lnk
[2011/12/21 19:19:43 | 000,000,183 | ---- | M] () -- C:\Users\Public\Desktop\Vindictus EU.url
[2011/12/21 18:22:30 | 000,000,235 | ---- | M] () -- C:\Windows\System32\nxEuUninstall.bat
[2011/12/21 18:22:29 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2011/12/20 21:29:38 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/01/17 20:25:54 | 000,002,157 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012/01/17 20:25:54 | 000,002,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012/01/17 20:25:54 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012/01/10 17:58:57 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForf.schumacher.job
[2012/01/05 21:21:25 | 000,001,340 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011/12/26 19:26:30 | 000,001,203 | ---- | C] () -- C:\Users\f.schumacher\Desktop\MassEffect - Verknüpfung.lnk
[2011/12/25 13:42:10 | 000,000,785 | ---- | C] () -- C:\Users\Public\Desktop\Mass Effect.lnk
[2011/12/22 18:48:36 | 000,001,749 | ---- | C] () -- C:\Users\f.schumacher\Desktop\Launch Vindictus.lnk
[2011/12/21 19:19:43 | 000,000,183 | ---- | C] () -- C:\Users\Public\Desktop\Vindictus EU.url
[2011/12/20 21:29:38 | 000,000,771 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2011/12/20 21:16:20 | 000,000,235 | ---- | C] () -- C:\Windows\System32\nxEuUninstall.bat
[2011/11/05 19:28:59 | 000,017,408 | ---- | C] () -- C:\Users\f.schumacher\AppData\Local\WebpageIcons.db
[2011/11/05 19:28:22 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011/11/05 19:28:22 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011/11/05 11:30:25 | 000,003,670 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/11/04 16:24:13 | 000,000,000 | ---- | C] () -- C:\ProgramData\48382a7ef94ffa4a55badc7cd0dfc43e_c
[2011/10/02 16:54:55 | 000,137,688 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/10/02 16:54:46 | 000,202,040 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011/10/02 16:54:35 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/09/25 03:54:11 | 000,001,852 | ---- | C] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile0.dat
[2011/09/25 03:54:11 | 000,001,850 | ---- | C] () -- C:\Users\f.schumacher\AppData\Roaming\ImperatorProfile1.dat
[2011/09/24 22:25:18 | 000,000,548 | ---- | C] () -- C:\Windows\run.exe
[2011/09/16 10:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/09/16 10:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/09/16 10:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/09/16 10:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/09/16 10:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/09/11 10:17:25 | 000,025,944 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011/09/11 10:17:25 | 000,015,672 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/09/07 20:26:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/08/30 23:29:31 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/08/10 13:49:39 | 000,097,312 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2011/08/03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/05/31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2011/05/31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011/03/11 12:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2010/11/08 15:06:29 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/11/08 15:06:29 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2030.DAT
[2010/11/08 14:55:20 | 000,434,176 | ---- | C] () -- C:\Windows\System32\ZSHP1020.EXE
[2010/11/08 09:21:06 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe
[2010/11/08 09:21:06 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2010/09/03 18:41:43 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/09/03 18:41:43 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/09/03 18:41:43 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/09/03 18:41:43 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010/09/03 18:41:43 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/09/03 18:41:43 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/09/03 18:41:42 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/09/03 18:28:36 | 000,700,130 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010/09/03 18:28:36 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010/09/03 18:28:36 | 000,148,926 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010/09/03 18:28:36 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010/04/27 17:44:36 | 000,035,384 | ---- | C] () -- C:\Windows\System32\drivers\cqcpu.sys
[2010/04/27 17:44:36 | 000,035,384 | ---- | C] () -- C:\Windows\System32\drivers\cpqdfw.sys
[2010/02/10 02:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,348,112 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,654,842 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,121,714 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 01:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 001,498,564 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/06/18 18:29:04 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/04/15 15:04:38 | 000,104,520 | ---- | C] () -- C:\Windows\System32\OSD.dll
[2009/02/18 16:55:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/02/03 19:52:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
 
========== LOP Check ==========
 
[2011/12/14 18:55:51 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\.minecraft
[2011/10/23 12:58:21 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Command & Conquer 3 Kanes Rache
[2011/10/22 15:39:41 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011/10/26 17:47:40 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\DAEMON Tools Lite
[2011/12/17 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\ICQ
[2011/08/16 12:06:27 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\IObit
[2011/10/09 21:59:03 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\LolClient
[2011/10/13 17:08:36 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\PunkBuster
[2011/10/11 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Samsung
[2011/09/24 21:51:44 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Thinstall
[2011/08/11 01:12:46 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\TS3Client
[2012/01/17 20:25:23 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\TuneUp Software
[2011/12/04 15:58:15 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\Ubisoft
[2011/08/10 19:18:50 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\wargaming.net
[2010/11/09 11:20:21 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\WildTangent
[2011/09/20 17:09:39 | 000,000,000 | ---D | M] -- C:\Users\f.schumacher\AppData\Roaming\WinBatch
[2012/01/15 12:00:00 | 000,000,514 | ---- | M] () -- C:\Windows\Tasks\One-Click Tweak.job
[2011/12/13 18:12:21 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 1/18/2012 4:34:10 PM - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\f.schumacher\Desktop
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 64.50% Memory free
6.00 Gb Paging File | 4.77 Gb Available in Paging File | 79.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.86 Gb Total Space | 301.76 Gb Free Space | 66.19% Space Free | Partition Type: NTFS
Drive D: | 9.80 Gb Total Space | 1.19 Gb Free Space | 12.18% Space Free | Partition Type: NTFS
Drive F: | 100.00 Mb Total Space | 71.70 Mb Free Space | 71.70% Space Free | Partition Type: NTFS
Drive G: | 148.95 Gb Total Space | 13.88 Gb Free Space | 9.32% Space Free | Partition Type: NTFS
 
Computer Name: PC-FSCHUMACHER | User Name: f.schumacher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- G:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{10CCF16B-F1C9-4B24-9570-B4CCEE42392D}" = LightScribe System Software
"{1A6D6B28-888F-4512-910E-89FB2E189FEA}" = Vizzed Retro Game Room
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1BFF0EA4-DFD8-8E28-90D4-8E435C7E0AAB}" = Catalyst Control Center InstallProxy
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.0
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{32A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{57520FA0-A73E-4165-BCA2-D71000018301}" = Batman: Arkham City™
"{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{60F641EA-DFFB-4419-A1A7-4FF575BA87BE}" = HP Setup
"{69A13D2F-A08F-619A-1D42-94CB96F3635A}" = ATI Catalyst Install Manager
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A1E1A376-49D4-4960-8599-D5D26A4C2E7B}" = Razer Imperator
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{A9094B7E-7221-4FDD-8F22-340003F4BDC2}" = Overwolf
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AE613868-24C7-4f1f-A9C6-7B3B718ABDA5}" = IObit Toolbar v4.9
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}" = HP MAINSTREAM KEYBOARD
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D9292112-253F-438D-B1AB-432E5A1FE1B5}" = Razer Imperator Firmware Updater
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced PC Tweaker_is1" = Advanced PC Tweaker v4.2
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CABAL Online_is1" = CABAL Online
"Game Booster_is1" = Game Booster
"GFWL_{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"Google Chrome" = Google Chrome
"Gothic" = Gothic
"HP Keyboard_is1" = HP Desktop Keyboard
"HP Remote Solution" = HP Remote Solution
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"My HP Game Console" = HP Game Console
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PDF Complete" = PDF Complete Special Edition
"PunkBusterSvc" = PunkBuster Services
"Smart Defrag 2_is1" = Smart Defrag 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Two Worlds II" = Two Worlds II
"Vindictus EU" = Vindictus EU
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT087361" = FATE
"WT087380" = John Deere Drive Green
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087420" = Agatha Christie - Death on the Nile
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087480" = Insaniquarium Deluxe
"WT087485" = Jewel Quest II
"WT087490" = Jewel Quest Solitaire
"WT087501" = Plants vs. Zombies
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087519" = Wedding Dash
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NCsoft-Aion" = Aion
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---

Antwort

Themen zu Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen
abzocke, aktiviert, angezeigt, bildschirm, board, dateien, daten, forum, gelöst, gen, großes, interne, internet, internetverbindung, kaspersky, meldung, problem, schwarzer bikdschirm, schwarzer bildschirm, stark, system, themen, troianer, verbindung, verseucht, windows, windows 7




Ähnliche Themen: Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen


  1. Schwarzer bildschirm beim start von windows kurz und links oben ein schwarzer kasten der ladet-keine rechte die anwendungen zu benutzen
    Plagegeister aller Art und deren Bekämpfung - 29.07.2014 (5)
  2. BSI Maleware mit Aufforderung zum Bezahlen - wie bereinigen ?
    Plagegeister aller Art und deren Bekämpfung - 05.08.2013 (19)
  3. Schwarzer Bildschirm Fenster mit Deutschlandfahne und Aufforderung 100euro bezahlen
    Log-Analyse und Auswertung - 23.05.2012 (1)
  4. Windowssystem blockiert - bezahlen und runterladen - schwarzer Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 30.03.2012 (11)
  5. schwarzer bildschirm mit roter schrift und einer zahlungs aufforderung von 50 euro
    Plagegeister aller Art und deren Bekämpfung - 20.03.2012 (9)
  6. Aufforderung von Zahlung 50 Euro, schwarzer Bildschirm
    Log-Analyse und Auswertung - 18.02.2012 (20)
  7. Virus schwarzer Bildschirm 50 Euro bezahlen
    Plagegeister aller Art und deren Bekämpfung - 13.02.2012 (12)
  8. Windows gesperrt ..aufforderung 50 € bezahlen
    Plagegeister aller Art und deren Bekämpfung - 08.02.2012 (5)
  9. 50 Euro Bezahlen / Schwarzer Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 27.01.2012 (10)
  10. Schwarzer Bildschirm, 50 Euro bezahlen
    Plagegeister aller Art und deren Bekämpfung - 25.01.2012 (12)
  11. Schwarzer Bildschirm bei Windows 7 Starter Edition und Aufforderung "bezahlen und runterladen"
    Plagegeister aller Art und deren Bekämpfung - 17.01.2012 (4)
  12. Schwarzer Bildschirm bei win7 start mit Feld "Bezahlen und runterladen"
    Log-Analyse und Auswertung - 12.01.2012 (11)
  13. Bundestrojaner, schwarzer Bildschirm und die Aufforderung Geld zu bezahlen...
    Log-Analyse und Auswertung - 04.01.2012 (15)
  14. Schwarzer Bildschirm mit Meldung Windows ist Blockiert und Link zum bezahlen
    Plagegeister aller Art und deren Bekämpfung - 03.01.2012 (1)
  15. schwarzer bildschirm u aufforderung geld zu bezahlen!
    Plagegeister aller Art und deren Bekämpfung - 02.01.2012 (2)
  16. Schwarzer Bildschrim mit der Aufforderung 50,-€ zu bezahlen
    Plagegeister aller Art und deren Bekämpfung - 22.12.2011 (27)
  17. Schwarzer bildschirm aufforderung zu kostenpflichtigem update
    Plagegeister aller Art und deren Bekämpfung - 12.12.2011 (1)

Zum Thema Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen - Hi liebes Troianer Board Forum, Ich habe ein großes Problem mit meinem PC. Und zwar bekomme ich sobald das Internet aktiviert ist einen schwarzen Bildschirm als auch eine Meldung die - Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen...
Archiv
Du betrachtest: Windows 7 Schwarzer Bildschirm und die aufforderung 50€ zu bezahlen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.