svchost.exe beendet - pc fährt nicht mehr hoch

GermanShark · 06.09.2010, 11:40

Hallo liebe Trojaner Boarder. Ich habe ein Problem mit meinem PC und der Windows Anwendung svchost.exe. Ich besitze AVG Free Antivirus und Avira Antivir (Free). Beide meldeten mir die Anwendung svchost.exe als Virus, ich konnte ihn aber nicht entfernen. Im Task Manager war er mehrere male vertreten. Da ich jung und naiv bin, wollte ich die Anwendung per "Task beenden" schließen, was ich jetzt bereue. Jedenfalls erschien ein 60 sekündiger Download, der den PC dann auch herunterfuhr. Seitdem fährt er hoch und ich habe eine Auwahl an "startmöglichkeiten, sprich abgesicherter oder normaler Modus e.t.c. Dort kann ich nur den "Normalen Modus" wählen. Dann erscheint der Windows Ladebildschirm (der mit den Balken, bei XP), und danach erscheint ein Bluescreen, der mir sagt das Windows aus Sicherheitsgründen beendet werden muss um eine Beschädigung zu verhindern. Die Technische Information, die dort als Code erscheint, gebe ich euch mal.

"STOP: 0x0000007E 0xC0000005 0x89CE4AB 0xB8507B98 0xB8507894"

Die Schritte zum eröffnen eines Threads kann ich natürlich nicht alle durchführen, da er ja nicht hochfahren will.

Habe es mit einer Boot und Life CD versucht, da ich aber keine Erfahrung damit habe, konnten sie mir nicht wirklich helfen.

PS: Hoffe der Thread ist an der richtigen Stelle. Bin neu hier, und weiß nicht so ganz Bescheid^^

Gruß,

GermanShark

Swisstreasure · 06.09.2010, 13:30

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Unbootbares System mit OTLPE Network scannen

Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop.
Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
Lege eine leere CD in Deinen Brenner.
ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
Du kannst nun die Fenster des Brennprogramms schließen.

Starte das unbootbare System neu und boote von der CD, die Du gerade erstellt hast.
Anmerkung: Wenn Du nicht weißt, wie Du Deinen Computer dazu bringst, von CD zu booten, dann folge diesen Schritten hier.
Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
Mache einen Doppelklick auf das OTLPE Icon.
Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
OTLpe sollte nun starten.
Drücke Run Scan, um den Scan zu starten.
Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt gesichert und mit Notepad++ geöffnet.
Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
Bitte poste den Inhalt von C:\OTL.Txt und Extras.Txt in diesen Thread.

Falls Du kein Brennprogramm hast:

ISOBurner
Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen.
Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.

Schritt 2

Festplatte mit TestDisk über OTLPE prüfen lassen

Starte TestDisk auf dem Reatogo X-Desktop per Doppelklick auf dieses Icon:

Berücksichtige, dass Du Dich in diesem Programm über die Pfeiltasten (hoch, runter, links und rechts) bewegst.

Das erste Fenster zeigt Dir die Optionen für das Logfile.
Wähle [No log] und drücke Enter.

TestsDisk wird Dein System scannen und die Laufwerks-Informationen auflisten.
Wenn mehr als ein Laufwerk vorhanden ist, wähle mit den Pfeiltasten das zu prüfende Laufwerk aus.
Stelle sicher, dass [Proceed] markiert ist und drücke auf Enter.

Wähle [Intel] und drücke Enter.

Wähle [Analyse] und drücke Enter.

Wähle [Quick Search] und drücke Enter.

Auf die Frage, ob TestDisk nach Partition, die unter Vista erstellt wurden, gib N für Nein ein und drücke Enter.

Nun wird die gewählte Partition geprüft.
Wenn alles Ok ist, sollte das so aussehen.
Drücke Enter, um das Fenster zu verlassen.

Nun kannst Du entweder über [Quit] das Tool beenden, oder
wähle [Deeper Search] für einen vollständigen Scan.

Nun wird die gewählte Partition tiefergehend geprüft.
Es wird der Fortschritt der Prüfung in % angezeigt.

Wenn alles Ok ist, sollte das so aussehen.
Drücke Enter, um das Fenster zu verlassen.

Nun den Scan-Bereich verlassen, indem Du [Quit] wählst und Enter drückst.

Das Programm verlässt Du ebenfalls, indem Du [Quit] solange wählst und Enter drückst, bis sich das Programmfenster schließt.

GermanShark · 07.09.2010, 10:14

So, erstmal danke für die schnelle Hilfe

Dann fange ich mal mit dem OTL log an:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 9/7/2010 11:44:06 AM - Run 
OTLPE by OldTimer - Version 3.1.40.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97.65 Gb Total Space | 30.49 Gb Free Space | 31.22% Space Free | Partition Type: NTFS
Drive D: | 200.43 Gb Total Space | 13.55 Gb Free Space | 6.76% Space Free | Partition Type: NTFS
Drive E: | 982.72 Mb Total Space | 917.78 Mb Free Space | 93.39% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010/08/10 14:07:00 | 000,304,528 | ---- | M] (Protection Technology) [Auto] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2010/07/21 04:47:18 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Programme\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/16 06:52:51 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Programme\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/10 15:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/06 05:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010/04/01 07:33:15 | 000,267,432 | ---- | M] (Avira GmbH) [Auto] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/18 07:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/24 04:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/07 18:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2008/11/03 19:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/25 05:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/04/02 08:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2003/04/02 08:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2010/08/31 14:21:18 | 000,281,760 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/08/31 14:21:18 | 000,025,888 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/08/25 07:33:49 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/08/10 14:07:00 | 002,915,944 | ---- | M] (Protection Technology) [Kernel | System] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2010/07/20 08:33:33 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/07/16 06:52:54 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/16 06:52:27 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/30 07:37:00 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010/06/30 03:27:40 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/06/07 19:57:00 | 010,531,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010/03/18 05:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/03/18 05:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/03/18 05:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2010/03/01 04:05:19 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 08:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/09/11 06:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009/09/11 06:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009/09/11 06:47:42 | 000,031,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2009/09/11 06:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009/09/11 06:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2009/05/11 06:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/01/13 07:10:08 | 005,015,040 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/10/30 09:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/04/13 18:10:32 | 000,096,512 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 16:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2005/08/10 08:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/05/16 09:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 53.100.66.60:3128
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Timo_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com?o=15446&l=dis
IE - HKU\Timo_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Timo_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\Timo_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKU\Timo_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKU\Timo_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Timo_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\Timo_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6092
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010/07/25 09:18:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010/08/20 07:11:26 | 000,000,000 | ---D | M]
 
[2010/09/04 15:34:29 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010/07/04 09:45:12 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/11 21:24:05 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/06/11 21:24:05 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/06/11 21:24:05 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/06/11 21:24:05 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/06/11 21:24:05 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010/07/30 16:39:51 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Timo_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKU\Timo_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BrMfcWnd] C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EvtMgr6] D:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [GrooveMonitor] D:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [LGODDFU] C:\Programme\lg_fwupdate\fwupdate.exe (BitLeader)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Programme\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PPort11reminder] C:\Programme\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl8] C:\Programme\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SearchSettings] C:\Programme\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [tyynnhcp] C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\prtcwbims\kswbcydshdw.exe (Security Suites Corporation)
O4 - HKLM..\Run: [UCam_Menu] C:\Programme\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Programme\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Programme\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Programme\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Programme\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\Timo_ON_C..\Run: [cleansweep.exe] C:\cleansweep.exe\cleansweep.exe (Sd2                             )
O4 - HKU\Timo_ON_C..\Run: [COM+ Manager] C:\Dokumente und Einstellungen\Timo\.COMMgr\complmgr.exe File not found
O4 - HKU\Timo_ON_C..\Run: [RGSC] D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\Timo_ON_C..\Run: [tyynnhcp] C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\prtcwbims\kswbcydshdw.exe (Security Suites Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Timo_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277806513187 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1277822964828 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll - c:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/29 04:07:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/09/07 11:40:23 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService\Recent
[2010/09/04 15:58:04 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Timo\Recent
[2010/09/04 15:47:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\prtcwbims
[2010/09/04 15:45:29 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Timo\.COMMgr
[2010/09/04 15:45:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\9860BEF696C2004481F91D532581A9E4
[2010/09/04 04:53:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Desktop\RCT
[2010/09/03 13:30:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Games for Windows - LIVE Demos
[2010/09/03 13:22:11 | 000,018,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/09/03 13:21:50 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2010/08/30 13:46:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Desktop\Anno 1701
[2010/08/28 14:07:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Desktop\Share
[2010/08/28 11:49:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\RCT3
[2010/08/28 11:49:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Atari
[2010/08/28 11:24:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\AskToolbar
[2010/08/28 10:30:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Rockstar Games
[2010/08/28 10:24:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\Rockstar Games
[2010/08/28 10:06:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2010/08/28 10:06:06 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Games for Windows - LIVE
[2010/08/28 08:38:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\The Lord of the Rings - Conquest
[2010/08/28 08:38:04 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\SecuROM
[2010/08/25 07:33:49 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/08/25 07:33:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\DAEMON Tools Lite
[2010/08/25 06:45:21 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010/08/25 02:35:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\GTA San Andreas User Files
[2010/08/25 02:11:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Google
[2010/08/24 10:32:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Google
[2010/08/24 10:30:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\Temp
[2010/08/24 10:30:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Google
[2010/08/24 10:30:24 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2010/08/24 10:30:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\Google
[2010/08/24 07:31:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\GetRightToGo
[2010/08/22 14:56:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Stronghold Legends
[2010/08/22 05:08:14 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Blizzard Entertainment.Trash
[2010/08/22 05:05:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\StarCraft II
[2010/08/22 05:05:11 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Blizzard Entertainment
[2010/08/21 08:58:17 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2010/08/20 17:09:29 | 000,447,752 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2010/08/20 17:09:28 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft WSE
[2010/08/20 10:51:27 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Brother
[2010/08/18 13:53:59 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com
[2010/08/18 13:53:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\BitTorrent
[2010/08/18 13:51:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Search Settings
[2010/08/18 13:50:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Dealio
[2010/08/18 13:47:11 | 000,000,000 | ---D | C] -- C:\Programme\Search Settings
[2010/08/18 13:47:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config\systemprofile\Anwendungsdaten\Application Updater
[2010/08/18 13:47:03 | 000,000,000 | ---D | C] -- C:\Programme\Dealio Toolbar
[2010/08/18 13:47:03 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater
[2010/08/18 13:46:43 | 000,200,704 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\vbalExpBar6.ocx
[2010/08/18 13:46:41 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL
[2010/08/18 13:46:41 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\SSubTmr6.dll
[2010/08/18 13:46:41 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetfr.DLL
[2010/08/18 13:46:40 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL
[2010/08/18 13:46:40 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL
[2010/08/18 13:46:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\FreeBurner
[2010/08/18 12:56:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Electronic Arts
[2010/08/18 12:49:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\GS Spiele-Verwaltung
[2010/08/18 12:48:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\FileMaker
[2010/08/15 17:26:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Avira
[2010/08/15 17:20:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/08/15 17:20:00 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/08/15 17:20:00 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/08/15 17:20:00 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/08/15 17:20:00 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/08/15 17:03:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\PriceGong
[2010/08/15 11:20:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Games
[2010/08/15 09:52:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Imperium Romanum
[2010/08/15 09:43:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\7032E73F68A048F98100E70E79169BAE.TMP
[2010/08/15 09:40:33 | 000,073,728 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\System32\ISUSPM.cpl
[2010/08/15 09:25:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\COMPUTERBILD-Abzockschutz
[2010/08/15 09:15:37 | 000,000,000 | ---D | C] -- C:\Programme\COMPUTERBILD-Abzockschutz
[2010/08/15 05:59:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\vlc
[2010/08/14 18:23:02 | 000,000,000 | ---D | C] -- C:\Programme\vghd
[2010/08/14 16:05:38 | 000,244,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MsFlxGrd.ocx
[2010/08/14 16:05:27 | 000,126,976 | ---- | C] (Oceanview Software Limited) -- C:\WINDOWS\System32\ovsBooleanControls.ocx
[2010/08/14 14:50:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\DivX
[2010/08/14 14:47:37 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010/08/14 13:12:36 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DirectX
[2010/08/13 13:47:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\TS3Client
[2010/08/13 09:50:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Soldat
[2010/08/13 09:39:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\BTroopers
[2010/08/12 12:27:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Publish Providers
[2010/08/12 12:26:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\Sony
[2010/08/12 12:26:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Sony
[2010/08/11 08:39:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\2K Games
[2010/08/11 08:38:45 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010/08/11 08:38:45 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010/08/11 08:38:44 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010/08/11 08:38:42 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010/08/11 08:38:40 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010/08/11 08:38:38 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010/08/11 08:38:38 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010/08/11 08:38:37 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010/08/11 08:38:35 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010/08/11 08:38:35 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010/08/11 08:38:33 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010/08/11 08:38:32 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010/08/10 15:33:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Pro Cycling Manager 2008 - Demo
[2010/08/10 15:33:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Pro Cycling Manager 2008 - Demo
[2010/08/10 15:17:44 | 004,292,608 | R--- | C] (GSC Game World) -- C:\WINDOWS\unasetup.exe
[2010/08/10 14:07:00 | 002,915,944 | ---- | C] (Protection Technology) -- C:\WINDOWS\System32\drivers\appdrv01.sys
[2010/08/10 14:07:00 | 000,304,528 | ---- | C] (Protection Technology) -- C:\WINDOWS\System32\appdrvrem01.exe
[2010/08/09 13:15:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/08/09 11:26:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Glory of the Roman Empire
[2010/08/09 10:06:17 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010/08/09 10:06:17 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010/08/09 10:06:17 | 000,000,000 | ---D | C] -- C:\Programme\OpenAL
[68 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010/09/07 11:40:52 | 000,262,144 | -H-- | M] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2010/09/04 15:58:34 | 005,242,880 | -H-- | M] () -- C:\Dokumente und Einstellungen\Timo\NTUSER.DAT
[2010/09/04 15:58:34 | 000,262,144 | -H-- | M] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2010/09/04 15:58:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/04 15:58:27 | 002,555,472 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010/09/04 15:58:16 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/04 15:58:03 | 005,842,654 | -H-- | M] () -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010/09/04 15:54:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2010/09/04 15:44:25 | 000,023,552 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Alte im Wald.doc
[2010/09/04 15:38:25 | 000,024,576 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Jagd nach dem Schatz(verbessert).doc
[2010/09/04 15:38:08 | 000,024,576 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Insel Bunga Bong1.doc
[2010/09/04 15:35:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/04 15:01:00 | 000,000,224 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/09/04 14:22:55 | 000,002,261 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Skype.lnk
[2010/09/04 12:05:44 | 064,281,946 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/09/04 11:43:34 | 000,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/09/04 10:35:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/04 09:49:43 | 000,105,776 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010/09/04 09:23:04 | 000,001,657 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\RollerCoaster Tycoon® 3.lnk
[2010/09/04 08:38:00 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/04 03:53:08 | 000,000,361 | ---- | M] () -- C:\WINDOWS\lgfwup.ini
[2010/09/04 02:41:53 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/01 11:38:44 | 000,023,797 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Ebay_Fellfratze.docx
[2010/09/01 11:36:20 | 000,011,266 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\.recently-used.xbel
[2010/08/31 14:21:18 | 000,281,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010/08/31 14:21:18 | 000,025,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010/08/31 14:16:39 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini
[2010/08/28 11:25:09 | 000,077,156 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/08/28 10:09:32 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010/08/25 07:33:49 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/08/24 16:45:17 | 692,753,611 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\GtaSa.rar
[2010/08/24 11:08:31 | 000,010,919 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\London, Aufgabe 1.docx
[2010/08/22 17:20:46 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\chrtmp
[2010/08/22 17:12:13 | 000,349,792 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/20 16:33:57 | 1716,912,127 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\rld-sim3.iso
[2010/08/17 15:03:46 | 000,000,523 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\hamachi.lnk
[2010/08/17 10:31:18 | 000,063,777 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Stundenplan G10a.pptx
[2010/08/15 09:34:08 | 000,009,641 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Telefonliste G10a.xlsx
[2010/08/14 18:24:37 | 000,000,003 | ---- | M] () -- C:\WINDOWS\treeskp.sys
[2010/08/14 18:24:37 | 000,000,003 | ---- | M] () -- C:\WINDOWS\sbacknt.bin
[2010/08/14 18:23:03 | 000,152,904 | ---- | M] () -- C:\WINDOWS\System32\vghd.scr
[2010/08/13 09:52:12 | 000,000,000 | R--- | M] () -- C:\logwmemory.bin
[2010/08/13 07:04:24 | 000,215,128 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010/08/12 12:27:04 | 000,002,556 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Vegas Pro registrieren.htm
[2010/08/11 15:47:57 | 001,100,806 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/11 15:47:57 | 000,491,998 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010/08/11 15:47:57 | 000,472,368 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/11 15:47:57 | 000,090,512 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010/08/11 15:47:57 | 000,075,462 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/11 11:14:17 | 000,010,001 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\TS_Adresse.docx
[2010/08/10 15:17:46 | 000,053,248 | ---- | M] () -- C:\WINDOWS\System32\unrar.dll
[2010/08/10 14:07:00 | 002,915,944 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\appdrv01.sys
[2010/08/10 14:07:00 | 000,304,528 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\appdrvrem01.exe
[2010/08/09 10:53:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\galaxy.ini
[2010/08/09 10:06:17 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010/08/09 10:06:17 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[68 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010/09/04 15:44:23 | 000,023,552 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Alte im Wald.doc
[2010/09/04 15:38:23 | 000,024,576 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Jagd nach dem Schatz(verbessert).doc
[2010/09/04 15:38:02 | 000,024,576 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Insel Bunga Bong1.doc
[2010/09/04 04:49:30 | 000,001,657 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\RollerCoaster Tycoon® 3.lnk
[2010/09/01 11:37:56 | 000,023,797 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Ebay_Fellfratze.docx
[2010/09/01 11:36:20 | 000,011,266 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\.recently-used.xbel
[2010/08/31 14:20:25 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010/08/31 14:20:25 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010/08/28 17:14:54 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/25 06:45:21 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010/08/24 16:28:59 | 692,753,611 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\GtaSa.rar
[2010/08/24 10:30:49 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/24 10:30:48 | 000,001,080 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/24 10:26:21 | 000,010,919 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\London, Aufgabe 1.docx
[2010/08/22 17:20:46 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\chrtmp
[2010/08/20 16:55:47 | 1716,912,127 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\rld-sim3.iso
[2010/08/18 13:54:02 | 000,000,224 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/18 13:46:43 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2010/08/18 13:46:40 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/08/17 15:03:46 | 000,000,523 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\hamachi.lnk
[2010/08/16 08:32:50 | 000,063,777 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Stundenplan G10a.pptx
[2010/08/15 12:03:46 | 007,613,716 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Sherlock Holmes v. Arsene Lupin Lösung.pdf
[2010/08/15 09:34:07 | 000,009,641 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Telefonliste G10a.xlsx
[2010/08/14 18:23:07 | 000,000,003 | ---- | C] () -- C:\WINDOWS\treeskp.sys
[2010/08/14 18:23:07 | 000,000,003 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2010/08/14 18:23:03 | 000,152,904 | ---- | C] () -- C:\WINDOWS\System32\vghd.scr
[2010/08/13 09:52:12 | 000,000,000 | R--- | C] () -- C:\logwmemory.bin
[2010/08/12 12:27:04 | 000,002,556 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Vegas Pro registrieren.htm
[2010/08/12 11:23:15 | 000,002,261 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Skype.lnk
[2010/08/11 11:13:48 | 000,010,001 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\TS_Adresse.docx
[2010/08/10 15:17:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/08/10 14:57:51 | 000,215,128 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010/08/09 10:06:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\galaxy.ini
[2010/08/02 23:15:24 | 002,555,472 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010/07/30 15:18:41 | 000,018,981 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\f1graphics.cfg
[2010/07/24 14:17:42 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/07/18 14:27:18 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\CmiInstallResAll.dll
[2010/07/18 14:27:17 | 000,000,335 | ---- | C] () -- C:\WINDOWS\cm106.ini
[2010/07/10 09:03:14 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/07/06 04:52:20 | 000,011,264 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/05 14:19:11 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2010/07/03 12:23:21 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/07/03 12:23:04 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010/07/03 12:20:44 | 000,031,864 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/06/30 06:29:10 | 000,000,361 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2010/06/29 09:08:05 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/06/29 08:41:57 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010/06/29 04:11:44 | 005,242,880 | -H-- | C] () -- C:\Dokumente und Einstellungen\Timo\NTUSER.DAT
[2010/06/29 04:11:44 | 000,024,576 | -H-- | C] () -- C:\Dokumente und Einstellungen\Timo\ntuser.dat.LOG
[2010/06/29 04:11:44 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Timo\ntuser.ini
[2010/06/29 04:11:20 | 000,262,144 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2010/06/29 04:11:20 | 000,262,144 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2010/06/29 04:11:20 | 000,073,728 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.dat.LOG
[2010/06/29 04:11:20 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.dat.LOG
[2010/06/29 04:11:20 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.ini
[2010/06/29 04:11:20 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.ini
[2010/04/02 11:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2003/04/02 08:00:00 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
 
========== LOP Check ==========
 
[2010/08/18 13:47:05 | 000,000,000 | ---D | M] -- C:\WINDOWS\System32\config\systemprofile\Anwendungsdaten\Application Updater
[2010/09/04 15:46:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\9860BEF696C2004481F91D532581A9E4
[2010/08/28 11:49:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Atari
[2010/07/25 09:24:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Bierbuden Autoupdate
[2010/08/28 09:29:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\BitTorrent
[2010/08/15 09:25:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\COMPUTERBILD-Abzockschutz
[2010/08/25 16:36:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\DAEMON Tools Lite
[2010/08/18 13:50:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Dealio
[2010/07/07 11:56:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010/08/20 16:54:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\FreeBurner
[2010/08/30 12:36:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\GetRightToGo
[2010/08/14 13:55:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Glory of the Roman Empire
[2010/08/18 12:49:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\GS Spiele-Verwaltung
[2010/09/01 11:36:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\gtk-2.0
[2010/08/29 08:49:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\ICQ
[2010/08/15 09:52:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Imperium Romanum
[2010/07/09 03:41:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\inkscape
[2010/07/09 17:12:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Leadertech
[2010/07/30 14:13:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Meine Die Schlacht um Mittelerde-Dateien
[2010/07/28 13:33:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Meine Die Schlacht um Mittelerde™ II-Dateien
[2010/07/15 14:41:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Notepad++
[2010/06/29 08:42:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\OpenOffice.org
[2010/07/19 05:38:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Petroglyph
[2010/08/28 11:25:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\PriceGong
[2010/08/13 09:37:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Pro Cycling Manager 2008 - Demo
[2010/08/12 12:27:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Publish Providers
[2010/08/18 13:51:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Search Settings
[2010/07/05 12:39:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Sierra
[2010/07/05 11:33:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Sierra Entertainment
[2010/08/13 09:50:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Soldat
[2010/08/12 12:27:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Sony
[2010/07/11 06:19:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Tropico 3
[2010/08/14 11:56:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\TS3Client
[2010/09/04 15:01:00 | 000,000,224 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\svchost.exe:SummaryInformation
< End of report >

--- --- ---

Den Extras log hau ich hinterher, das klappt grad mit dem senden nicht so.

GermanShark · 07.09.2010, 10:17

So, war ihm der Text wohl zu lang

Hier der extras log:
OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 9/7/2010 11:44:06 AM - Run 
OTLPE by OldTimer - Version 3.1.40.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97.65 Gb Total Space | 30.49 Gb Free Space | 31.22% Space Free | Partition Type: NTFS
Drive D: | 200.43 Gb Total Space | 13.55 Gb Free Space | 6.76% Space Free | Partition Type: NTFS
Drive E: | 982.72 Mb Total Space | 917.78 Mb Free Space | 93.39% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\CyberLink\PowerDVD8\PowerDVD8.exe" = C:\Programme\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0 -- (CyberLink Corp.)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\AVG\AVG9\avgemc.exe" = C:\Programme\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG9\avgupd.exe" = C:\Programme\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG9\avgnsx.exe" = C:\Programme\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\CyberLink\PowerDVD8\PowerDVD8.exe" = C:\Programme\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0 -- (CyberLink Corp.)
"C:\Programme\GIGABYTE\@BIOS\gwflash.exe" = C:\Programme\GIGABYTE\@BIOS\gwflash.exe:*:Enabled:@BIOS Application -- File not found
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"D:\Programme\GP4.exe" = D:\Programme\GP4.exe:*:Disabled:GP4 -- File not found
"D:\Programme\Steam\Steam.exe" = D:\Programme\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\Programme\GP4\GP4.exe" = D:\Programme\GP4\GP4.exe:*:Disabled:GP4 -- ()
"D:\Programme\The Games Company\Empire Earth Ultimate Edition\Empire Earth I\Empire Earth.exe" = D:\Programme\The Games Company\Empire Earth Ultimate Edition\Empire Earth I\Empire Earth.exe:*:Disabled:Empire Earth -- ()
"D:\Programme\Cyanide\Radsport Manager\CYM2003.EXE" = D:\Programme\Cyanide\Radsport Manager\CYM2003.EXE:*:Disabled:CyclingManager -- File not found
"D:\Programme\Microsoft Games\Age of Empires III\age3.exe" = D:\Programme\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires III -- (Ensemble Studios)
"D:\Programme\The Games Company\Empire Earth Ultimate Edition\Empire Earth I ZdE\EE-AOC.exe" = D:\Programme\The Games Company\Empire Earth Ultimate Edition\Empire Earth I ZdE\EE-AOC.exe:*:Disabled:EE-AOC -- ()
"D:\Programme\iTunes\iTunes.exe" = D:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"D:\Programme\Python\pythonw.exe" = D:\Programme\Python\pythonw.exe:*:Enabled:pythonw -- ()
"D:\Programme\Teamspeak2_RC2\server_windows.exe" = D:\Programme\Teamspeak2_RC2\server_windows.exe:*:Enabled:Server -- File not found
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Programme\Steam\steamapps\britishshark17\race 07\Race_Steam.exe" = D:\Programme\Steam\steamapps\britishshark17\race 07\Race_Steam.exe:*:Enabled:RACE 07 -- (SimBin)
"D:\Programme\GTR2\GTR2.exe" = D:\Programme\GTR2\GTR2.exe:*:Disabled:GTR2 - FIA GT Racing Game -- (10tacle Studios AG)
"C:\Dokumente und Einstellungen\Timo\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Dokumente und Einstellungen\Timo\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)  -- ()
"C:\Dokumente und Einstellungen\Timo\Desktop\XIII\system\XIII.exe" = C:\Dokumente und Einstellungen\Timo\Desktop\XIII\system\XIII.exe:*:Disabled:XIII -- File not found
"D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic.exe" = D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic.exe:*:Enabled:WORLD IN CONFLICT -- (Massive Entertainment)
"D:\Programme\EA GAMES\Battlefield 2 Demo\BF2.exe" = D:\Programme\EA GAMES\Battlefield 2 Demo\BF2.exe:*:Enabled:Battlefield 2 -- ()
"D:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat" = D:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat:*:Enabled:Die Schlacht um Mittelerde™ II -- (Electronic Arts Inc.)
"D:\Programme\Steam\steamapps\common\lead and gold gangs of the wild west\lag_win32_public_dev.exe" = D:\Programme\Steam\steamapps\common\lead and gold gangs of the wild west\lag_win32_public_dev.exe:*:Enabled:Lead and Gold - Gangs of the Wild West -- ()
"D:\Programme\Qtracker\qtracker.exe" = D:\Programme\Qtracker\qtracker.exe:*:Enabled:Qtracker -- (Ronald E. Mercer)
"D:\Programme\Firefly Studios\Stronghold 2\Stronghold2.exe" = D:\Programme\Firefly Studios\Stronghold 2\Stronghold2.exe:*:Disabled:Stronghold 2 -- (Firefly Studios)
"D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_ds.exe" = D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_ds.exe:*:Disabled:WORLD IN CONFLICT - Dedizierter Server -- ()
"D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_online.exe" = D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_online.exe:*:Disabled:WORLD IN CONFLICT - Nur Online -- (Massive Entertainment)
"D:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Programme\Microsoft Office\Office12\GROOVE.EXE" = D:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = D:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Programme\Cyanide\Radsportmanager Pro 2005-2006\Cym2005.exe" = D:\Programme\Cyanide\Radsportmanager Pro 2005-2006\Cym2005.exe:*:Enabled:Pro Cycling Manager -- ()
"D:\Programme\Cyanide\GameCenter\GameCenter.exe" = D:\Programme\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter -- (Cyanide)
"D:\Programme\JoWooD\SpellForce\spellforce.exe" = D:\Programme\JoWooD\SpellForce\spellforce.exe:*:Disabled:spellforce -- ()
"D:\Programme\Alien Arena 7_33\crx.exe" = D:\Programme\Alien Arena 7_33\crx.exe:*:Disabled:crx -- File not found
"D:\Programme\Cyanide\[Demo] Tour de France saison 2008 - Der Offizielle Radsport Manager\Autorun\Exe\Autorun.exe" = D:\Programme\Cyanide\[Demo] Tour de France saison 2008 - Der Offizielle Radsport Manager\Autorun\Exe\Autorun.exe:*:Enabled:[Demo] Tour de France saison 2008 - Der Offizielle Radsport Manager - AutoRun -- ()
"C:\Dokumente und Einstellungen\Timo\Desktop\VGigant\VGigant.exe" = C:\Dokumente und Einstellungen\Timo\Desktop\VGigant\VGigant.exe:*:Disabled:MFC-Anwendung default -- File not found
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Programme\Cyanide\[Demo] Tour de France saison 2008 - Der Offizielle Radsport Manager\PCMDemo.exe" = D:\Programme\Cyanide\[Demo] Tour de France saison 2008 - Der Offizielle Radsport Manager\PCMDemo.exe:*:Disabled:pcm -- (Cyanide)
"D:\Programme\Soldat\Soldat.exe" = D:\Programme\Soldat\Soldat.exe:*:Disabled:hxxp://soldat.pl -- File not found
"D:\Programme\UrbanTerror\ioUrbanTerror.exe" = D:\Programme\UrbanTerror\ioUrbanTerror.exe:*:Enabled:ioUrbanTerror -- ()
"D:\Programme\BitTorrent\BitTorrent.exe" = D:\Programme\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"D:\Programme\1C Company\13th Century - Death or Glory\engine.exe" = D:\Programme\1C Company\13th Century - Death or Glory\engine.exe:*:Disabled:engine -- File not found
"D:\Programme\Steam\steamapps\common\mafia ii - public demo\launcher.exe" = D:\Programme\Steam\steamapps\common\mafia ii - public demo\launcher.exe:*:Enabled:Mafia II - Demo -- ()
"C:\Dokumente und Einstellungen\Timo\Desktop\Downloads\StarCraft_2_EU_de-DE.exe" = C:\Dokumente und Einstellungen\Timo\Desktop\Downloads\StarCraft_2_EU_de-DE.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\StarCraft II\StarCraft II.exe" = D:\Programme\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"D:\Programme\StarCraft II\Versions\Base15405\SC2.exe" = D:\Programme\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II -- (Blizzard Entertainment, Inc.)
"D:\Programme\Microprose\Grand Prix 3\GP3.ICD" = D:\Programme\Microprose\Grand Prix 3\GP3.ICD:*:Disabled:GP3 -- ()
"D:\Programme\Firefly Studios\Stronghold Legends\StrongholdLegends.exe" = D:\Programme\Firefly Studios\Stronghold Legends\StrongholdLegends.exe:*:Enabled:Stronghold Legends -- (Firefly Studios)
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"D:\Programme\THQ\MotoGP 2007\motogp.exe" = D:\Programme\THQ\MotoGP 2007\motogp.exe:*:Disabled:motogp -- ()
"D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.)
"D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- ()
"D:\Programme\Rockstar Games\Grand Theft Auto IV\GTAIV.exe" = D:\Programme\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Take-Two Interactive Software, Inc.)
"D:\Programme\Anno 1701\Anno1701.exe" = D:\Programme\Anno 1701\Anno1701.exe:*:Disabled:Anno 1701 -- (Related Designs Software GmbH)
"D:\Programme\Steam\steamapps\britishshark17\gtr evolution - demo\GtrEvo_Demo_Steam.exe" = D:\Programme\Steam\steamapps\britishshark17\gtr evolution - demo\GtrEvo_Demo_Steam.exe:*:Enabled:GTR Evolution Demo -- (SimBin)
"D:\Programme\Steam\steamapps\britishshark17\gtr evolution - demo\Config.exe" = D:\Programme\Steam\steamapps\britishshark17\gtr evolution - demo\Config.exe:*:Enabled:GTR Evolution Demo -- (Simbin Development Team AB)
"D:\Programme\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe" = D:\Programme\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{22CA391A-0589-403F-98AF-8030513E7C3A}" = Castle Strike
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = LG CyberLink PowerDVD
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{38634E89-07CE-4236-A3B2-D006D4D4E6CB}_is1" = GS Spiele-Verwaltung
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{628C3D50-F524-4C49-A958-672CE7953756}" = Der Herr der Ringe® - Die Eroberung™
"{63686BEF-04CA-461C-B364-53BBC322F7BF}" = Sherlock Holmes jagt Arsene Lupin
"{6592FDEC-2C1A-413A-9985-25FEC2F0848D}" = Star Wars Empire at War Forces of Corruption
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-365CN
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{896B238F-7CFE-4952-82EB-96E63E8E67B6}" = COMPUTERBILD-Abzockschutz
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.0.7.2
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}" = Battlefield 2(TM) Demo
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{912CE296-3D73-4A9D-B3FB-70A5CF7A8568}" = Empire Earth Ultimate Edition
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"{BF1EC9C0-9C10-11DF-BBC7-005056C00008}" = Google Earth
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C7D27207-0F86-4B6F-859C-21800A2C592E}" = Grand Prix 4
"{C878CD69-85DB-426B-81A3-E71175AAEB91}" = Dealio Toolbar v4.0.2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D560A981-FEB3-42F0-A61A-13E9528E0C51}_is1" = GTR 2 1.0.0.0
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4961DB6-A3F3-11D3-BE67-0000B4A81FC5}" = Grand Prix 3
"{E7394A0F-3F80-45B1-87FC-ABCD51893246}" = Python 2.6.4
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null 
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"An Act of War" = An Act of War v1.1
"AVG9Uninstall" = AVG Free 9.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent
"C&C - Zero Hour - Full Uncut Patch Final v.2.5" = C&C - Zero Hour - Full Uncut Patch Final v.2.5
"CCleaner" = CCleaner
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"ClearProg" = ClearProg 1.6.1 Beta 3
"Cossacks : The Art Of War" = Cossacks - The Art Of War
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Easy Burner_is1" = Free Easy Burner V 4.1
"Free Studio_is1" = Free Studio version 4.7
"Free Video to Sony PSP Converter_is1" = Free Video to Sony PSP Converter version 2.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"GameCenter" = GameCenter
"Glory of the Roman Empire" = Die Römer
"Hamachi" = Hamachi 1.0.1.5
"Hardcopy(C__Programme_Hardcopy)" = Hardcopy (C:\Programme\Hardcopy)
"Heilige-Lieder.de Songtextquiz_is1" = Heilige-Lieder.de Songtextquiz 1.30
"ie8" = Windows Internet Explorer 8
"Imperium Romanum" = Imperium Romanum 1.04 Gold Edition
"Inkscape" = Inkscape 0.47
"Install Creator" = Install Creator
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = LG CyberLink PowerDVD
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MotoGP 2007_is1" = MotoGP 2007 v1.1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"Popscene: Track 2" = Popscene: Track 2
"PPDB Final Giant 2005" = PPDB Final Giant 2005
"Pro Cycling Manager" = Radsportmanager Pro 2005-2006
"Pro Cycling Manager 2008 - Demo_is1" = [Demo] Tour de France saison 2008 - Der Offizielle Radsport Man
"Qtracker" = Qtracker
"RACE 07 Offline_1.0_is1" = RACE 07 Offline
"Reach" = Reach
"Roller coaster 3 pack all pathed_is1" = Roller coaster 3
"SopCast" = SopCast 3.2.9
"SP6" = Logitech SetPoint 6.1
"SpellForce" = SpellForce
"StarCraft II" = StarCraft II
"Steam App 42120" = Lead and Gold - Gangs of the Wild West
"Steam App 50280" = Mafia II - Demo
"Steam App 8600" = RACE 07
"Steam App 8610" = RACE 07 Dedicated Server
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TEW2005" = TEW2005
"Tropico3" = Tropico 3 1.00
"Uninstall_is1" = Uninstall 1.0.0.1
"Urban Terror_is1" = Urban Terror 4.1
"VLC media player" = VLC media player 1.1.2
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.9
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wrestling MPire 2008 (Career Edition)" = Wrestling MPire 2008 (Career Edition)
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"wxPython2.8-unicode-py26_is1" = wxPython 2.8.9.1 (unicode) for Python 2.6
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Timo_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Stronghold Crusader Maps" = Stronghold Crusader Maps
 
< End of report >

--- --- ---

Test Disk hat nichts mysteriöses vermeldet, soweit ich das erkennen konnte.

Dann kommt es wohl auf die logs an, und darauf was du erkennst

Gruß,

GermanShark

Swisstreasure · 07.09.2010, 10:59

Ok da sehe ich einige Sachen. Melde mich am Abend. Muss dringend weg.

GermanShark · 07.09.2010, 11:12

Alles klar Chef, bis heute Abend

Swisstreasure · 07.09.2010, 15:57

Schritt 1

Fixen mit OTL

Starte die OTLPE.exe.
Vista und Windows 7 User: Rechtsklick auf die OTLPE.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
IE - HKU\Timo_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com?o=15446&l=dis
IE - HKU\Timo_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Timo_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [tyynnhcp] C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\prtcwbims\kswbcydshdw.exe (Security Suites Corporation)
O4 - HKU\Timo_ON_C..\Run: [tyynnhcp] C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\prtcwbims\kswbcydshdw.exe (Security Suites Corporation)
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
[2010/09/04 15:47:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\prtcwbims
[2010/09/04 15:45:29 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Timo\.COMMgr
[2010/09/04 15:45:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\9860BEF696C2004481F91D532581A9E4
[2010/08/28 11:24:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\AskToolbar
[2010/08/18 13:51:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Search Settings
[2010/08/18 13:53:59 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com
[2010/08/18 13:51:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Search Settings
[2010/08/18 13:50:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Dealio
[2010/08/18 13:47:11 | 000,000,000 | ---D | C] -- C:\Programme\Search Settings
[2010/08/18 13:47:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config\systemprofile\Anwendungsdaten\Application Updater
[2010/08/18 13:47:03 | 000,000,000 | ---D | C] -- C:\Programme\Dealio Toolbar
[2010/08/18 13:47:03 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater
[2010/08/18 13:54:02 | 000,000,224 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/18 13:47:05 | 000,000,000 | ---D | M] -- C:\WINDOWS\System32\config\systemprofile\Anwendungsdaten\Application Updater
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\svchost.exe:SummaryInformation
:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

Schritt 2

Kannst Du wieder starten?

GermanShark · 08.09.2010, 20:22

So, gerade fertig mit fixen, kann zwar nicht normal starten, aber immerhin schon die "Startmethode wählen", also Abgesicherter Modus etc.

Wichtig: Bin nächste Woche auf Klassenfahrt, da kannste anderen leuten helfen, werde versuchen viel am Wochende zu schaffen^^

Code:

ATTFilter

========== OTL ==========
HKU\Timo_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\Timo_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
File C:\Programme\Search Settings\SearchSettings.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.
File C:\Programme\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\Timo_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tyynnhcp not found.
File C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\prtcwbims\kswbcydshdw.exe not found.
Registry value HKEY_USERS\Timo_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\tyynnhcp not found.
File C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\prtcwbims\kswbcydshdw.exe not found.
File move failed. X:\AUTORUN.INF scheduled to be moved on reboot.
Folder C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\prtcwbims\ not found.
Folder C:\Dokumente und Einstellungen\Timo\.COMMgr\ not found.
Folder C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\9860BEF696C2004481F91D532581A9E4\ not found.
Folder C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\AskToolbar\ not found.
Folder C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Search Settings\ not found.
Folder C:\Programme\Ask.com\ not found.
Folder C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Search Settings\ not found.
Folder C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Dealio\ not found.
Folder C:\Programme\Search Settings\ not found.
Folder C:\WINDOWS\System32\config\systemprofile\Anwendungsdaten\Application Updater\ not found.
Folder C:\Programme\Dealio Toolbar\ not found.
Folder C:\Programme\Application Updater\ not found.
File C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job not found.
Folder C:\WINDOWS\System32\config\systemprofile\Anwendungsdaten\Application Updater\ not found.
Unable to delete ADS C:\WINDOWS\System32\svchost.exe:SummaryInformation .
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Timo
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
 
Total Files Cleaned = 0.00 mb
 
 
OTLPE by OldTimer - Version 3.1.40.0 log created on 09092010_000538

Files\Folders moved on Reboot...
File move failed. X:\AUTORUN.INF scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Swisstreasure · 08.09.2010, 20:24

Und geht der abgesicherte Modus? Falls ja dann versuche mit Malwarebytes Anti-Malware im abgeicherten Modus zu scannen.

Falls dies nicht klappt dann versuche es so:

Drucke dir die Anleitung gegebenfalls aus

Downloade Dir bitte OTH ( by Oldtimer ) und speichere die Datei auf dem Desktop.
Firefox User: Mit Rechtsklick auf OTH und "speichern als" downloaden.

Starte OTH.scr mit Doppelklick.
Klicke nun auf den Kill All Process Button.
Nun klicke auf den Internet Explorer Button.
Navigiere nun bitte mit dem IE hier in deinen Thread.
Downloade dir Malwarebytes.
Speichere die Datei auf dem Desktop.
Nun klicke in OTH auf Start Misc Program Button.
Navigiere in diesem Explorer auf deinem Desktop und zu dem Setup von Malwarebytes und klicke darauf.
Nun klicke auf Öffnen und folge den Anweisungen um Malwarebytes in den vorgegeben Pfad zu installieren.
Wenn die Installation abgeschlossen ist, navigiere nun zu C:\Programme\Malwarebytes Anti Malware und markiere die mbam.exe und klicke erneut auf öffnen
Wähle nun "Quick Scan ausführen" und drücke Scannen.

Wenn der Scan beendet wurde sollte der PC neu starten.
Tut er das nicht klicke in OTH auf Reboot

Poste mir die Logfile von Malwarebytes
Starte Malwarebytes--> Reiter Scan-Berichte--> klick auf den aktuellsten Bericht--> es öffnet sich automatisch ein Text-Dokument.

Sollte Malwarebytes nach dem Reboot nicht starten, teile mir das bitte mit.

GermanShark · 08.09.2010, 20:33

Okay, das werde ich morgen erledigen, bin erkältet und werde mich zur Ruhe legen, damit ich morgen mit vollem elan scannen kann. Also bis morgen denn, und danke für deine schnelligkeit

Swisstreasure · 08.09.2010, 20:43

Ja dann ab ins Bett

Gute Besserung.

GermanShark · 09.09.2010, 13:40

So, ich bin zurueck

Hab allerdings ein Problem. Der Standard Pfad ist ja Laufwerk X von Reatargo, und der hat 0 Kb, weshalb ich da nicht installieren kann. Wohin soll ich das dann zaubern Chef?

Swisstreasure · 09.09.2010, 21:14

Führe diesen Schritt nochmals aus:

Unbootbares System mit OTLPE Network scannen

Starte das unbootbare System neu und boote von der CD, die Du erstellt hast.
Anmerkung: Wenn Du nicht weißt, wie Du Deinen Computer dazu bringst, von CD zu booten, dann folge diesen Schritten hier.
Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
Mache einen Doppelklick auf das OTLPE Icon.
Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
OTLpe sollte nun starten.
Drücke Run Scan, um den Scan zu starten.
Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt gesichert und mit Notepad++ geöffnet.
Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
Bitte poste den Inhalt von C:\OTL.Txt und Extras.Txt in diesen Thread.

Falls Du kein Brennprogramm hast:

ISOBurner
Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen.
Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.

GermanShark · 10.09.2010, 15:23

Okay, hier erstmal log Nummer 1

Code:

ATTFilter

OTL logfile created on: 9/10/2010 11:17:51 PM - Run 
OTLPE by OldTimer - Version 3.1.40.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97.65 Gb Total Space | 30.64 Gb Free Space | 31.38% Space Free | Partition Type: NTFS
Drive D: | 982.72 Mb Total Space | 917.56 Mb Free Space | 93.37% Space Free | Partition Type: FAT
Drive E: | 200.43 Gb Total Space | 13.55 Gb Free Space | 6.76% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand] -- D:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - File not found [Auto] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - File not found [Auto] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - File not found [Auto] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/08/10 14:07:00 | 000,304,528 | ---- | M] (Protection Technology) [Auto] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2010/07/21 04:47:18 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Programme\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/16 06:52:51 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Programme\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/10 15:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/06 05:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010/03/18 07:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2008/11/03 19:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/04/02 08:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2003/04/02 08:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | System] -- D:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/08/31 14:21:18 | 000,281,760 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/08/31 14:21:18 | 000,025,888 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/08/25 07:33:49 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/08/10 14:07:00 | 002,915,944 | ---- | M] (Protection Technology) [Kernel | System] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2010/07/20 08:33:33 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/07/16 06:52:54 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/16 06:52:27 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/30 07:37:00 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010/06/30 03:27:40 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/06/07 19:57:00 | 010,531,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010/03/18 05:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/03/18 05:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/03/18 05:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2010/03/01 04:05:19 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 08:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/09/11 06:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009/09/11 06:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009/09/11 06:47:42 | 000,031,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2009/09/11 06:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009/09/11 06:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/01/13 07:10:08 | 005,015,040 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/10/30 09:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/04/13 18:10:32 | 000,096,512 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 16:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2005/08/10 08:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/05/16 09:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 53.100.66.60:3128
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Timo_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKU\Timo_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Timo_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKU\Timo_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKU\Timo_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Timo_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\Timo_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6092
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010/07/25 09:18:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010/08/20 07:11:26 | 000,000,000 | ---D | M]
 
[2010/09/04 15:34:29 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010/07/04 09:45:12 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/11 21:24:05 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/06/11 21:24:05 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/06/11 21:24:05 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/06/11 21:24:05 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/06/11 21:24:05 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010/07/30 16:39:51 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll File not found
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKU\Timo_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe File not found
O4 - HKLM..\Run: [BrMfcWnd] C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EvtMgr6] D:\Programme\Logitech\SetPointP\SetPoint.exe File not found
O4 - HKLM..\Run: [GrooveMonitor] D:\Programme\Microsoft Office\Office12\GrooveMonitor.exe File not found
O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [iTunesHelper] D:\Programme\iTunes\iTunesHelper.exe File not found
O4 - HKLM..\Run: [LGODDFU] C:\Programme\lg_fwupdate\fwupdate.exe (BitLeader)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Programme\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PPort11reminder] C:\Programme\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl8] C:\Programme\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SearchSettings] C:\Programme\Search Settings\SearchSettings.exe File not found
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Programme\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Programme\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Programme\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Programme\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Programme\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\Timo_ON_C..\Run: [cleansweep.exe] C:\cleansweep.exe\cleansweep.exe (Sd2                             )
O4 - HKU\Timo_ON_C..\Run: [COM+ Manager] C:\Dokumente und Einstellungen\Timo\.COMMgr\complmgr.exe File not found
O4 - HKU\Timo_ON_C..\Run: [RGSC] D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Timo_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277806513187 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1277822964828 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll - c:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/29 04:07:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/09/08 22:48:21 | 000,552,960 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/09/08 22:48:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/07 11:40:23 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService\Recent
[2010/09/04 15:58:04 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Timo\Recent
[2010/09/04 04:53:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Desktop\RCT
[2010/09/03 13:30:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Games for Windows - LIVE Demos
[2010/09/03 13:22:11 | 000,018,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/09/03 13:21:50 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2010/08/30 13:46:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Desktop\Anno 1701
[2010/08/28 14:07:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Desktop\Share
[2010/08/28 11:49:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\RCT3
[2010/08/28 11:49:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Atari
[2010/08/28 10:30:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Rockstar Games
[2010/08/28 10:24:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\Rockstar Games
[2010/08/28 10:06:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2010/08/28 10:06:06 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Games for Windows - LIVE
[2010/08/28 08:38:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\The Lord of the Rings - Conquest
[2010/08/28 08:38:04 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\SecuROM
[2010/08/25 07:33:49 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/08/25 07:33:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\DAEMON Tools Lite
[2010/08/25 06:45:21 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010/08/25 02:35:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\GTA San Andreas User Files
[2010/08/25 02:11:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Google
[2010/08/24 10:32:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Google
[2010/08/24 10:30:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\Temp
[2010/08/24 10:30:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Google
[2010/08/24 10:30:24 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2010/08/24 10:30:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\Google
[2010/08/24 07:31:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\GetRightToGo
[2010/08/22 14:56:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Stronghold Legends
[2010/08/22 05:08:14 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Blizzard Entertainment.Trash
[2010/08/22 05:05:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\StarCraft II
[2010/08/22 05:05:11 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Blizzard Entertainment
[2010/08/21 08:58:17 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2010/08/20 17:09:29 | 000,447,752 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2010/08/20 17:09:28 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft WSE
[2010/08/20 10:51:27 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Brother
[2010/08/18 13:53:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\BitTorrent
[2010/08/18 13:46:43 | 000,200,704 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\vbalExpBar6.ocx
[2010/08/18 13:46:41 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL
[2010/08/18 13:46:41 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\WINDOWS\System32\SSubTmr6.dll
[2010/08/18 13:46:41 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetfr.DLL
[2010/08/18 13:46:40 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL
[2010/08/18 13:46:40 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL
[2010/08/18 13:46:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\FreeBurner
[2010/08/18 12:56:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Electronic Arts
[2010/08/18 12:49:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\GS Spiele-Verwaltung
[2010/08/18 12:48:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\FileMaker
[2010/08/15 17:26:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Avira
[2010/08/15 17:20:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/08/15 17:20:00 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/08/15 17:20:00 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/08/15 17:20:00 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/08/15 17:20:00 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/08/15 17:03:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\PriceGong
[2010/08/15 11:20:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Games
[2010/08/15 09:52:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Imperium Romanum
[2010/08/15 09:40:33 | 000,073,728 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\System32\ISUSPM.cpl
[2010/08/15 09:25:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\COMPUTERBILD-Abzockschutz
[2010/08/15 09:15:37 | 000,000,000 | ---D | C] -- C:\Programme\COMPUTERBILD-Abzockschutz
[2010/08/15 05:59:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\vlc
[2010/08/14 18:23:02 | 000,000,000 | ---D | C] -- C:\Programme\vghd
[2010/08/14 16:05:38 | 000,244,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MsFlxGrd.ocx
[2010/08/14 16:05:27 | 000,126,976 | ---- | C] (Oceanview Software Limited) -- C:\WINDOWS\System32\ovsBooleanControls.ocx
[2010/08/14 14:50:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\DivX
[2010/08/14 14:47:37 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010/08/14 13:12:36 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DirectX
[2010/08/13 13:47:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\TS3Client
[2010/08/13 09:50:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Soldat
[2010/08/13 09:39:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\BTroopers
[2010/08/12 12:27:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Publish Providers
[2010/08/12 12:26:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\Sony
[2010/08/12 12:26:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Sony
 
========== Files - Modified Within 30 Days ==========
 
[2010/09/09 18:33:46 | 000,262,144 | -H-- | M] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2010/09/08 22:49:18 | 005,242,880 | -H-- | M] () -- C:\Dokumente und Einstellungen\Timo\NTUSER.DAT
[2010/09/08 16:52:12 | 000,355,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/08 16:51:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/04 15:58:34 | 000,262,144 | -H-- | M] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2010/09/04 15:58:27 | 002,555,472 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010/09/04 15:58:16 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/04 15:58:03 | 005,842,654 | -H-- | M] () -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010/09/04 15:54:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2010/09/04 15:44:25 | 000,023,552 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Alte im Wald.doc
[2010/09/04 15:38:25 | 000,024,576 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Jagd nach dem Schatz(verbessert).doc
[2010/09/04 15:38:08 | 000,024,576 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Insel Bunga Bong1.doc
[2010/09/04 15:35:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/04 14:22:55 | 000,002,261 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Skype.lnk
[2010/09/04 12:05:44 | 064,281,946 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/09/04 11:43:34 | 000,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/09/04 10:35:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/04 09:49:43 | 000,105,776 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010/09/04 09:23:04 | 000,001,657 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\RollerCoaster Tycoon® 3.lnk
[2010/09/04 08:38:00 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/04 03:53:08 | 000,000,361 | ---- | M] () -- C:\WINDOWS\lgfwup.ini
[2010/09/04 02:41:53 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/01 11:38:44 | 000,023,797 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Ebay_Fellfratze.docx
[2010/09/01 11:36:20 | 000,011,266 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\.recently-used.xbel
[2010/08/31 14:21:18 | 000,281,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010/08/31 14:21:18 | 000,025,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010/08/31 14:16:39 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini
[2010/08/28 11:25:09 | 000,077,156 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/08/28 10:09:32 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010/08/25 07:33:49 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/08/24 16:45:17 | 692,753,611 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\GtaSa.rar
[2010/08/24 11:08:31 | 000,010,919 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\London, Aufgabe 1.docx
[2010/08/22 17:20:46 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\chrtmp
[2010/08/20 16:33:57 | 1716,912,127 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\rld-sim3.iso
[2010/08/17 15:03:46 | 000,000,523 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\hamachi.lnk
[2010/08/17 10:31:18 | 000,063,777 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Stundenplan G10a.pptx
[2010/08/15 09:34:08 | 000,009,641 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Telefonliste G10a.xlsx
[2010/08/14 18:24:37 | 000,000,003 | ---- | M] () -- C:\WINDOWS\treeskp.sys
[2010/08/14 18:24:37 | 000,000,003 | ---- | M] () -- C:\WINDOWS\sbacknt.bin
[2010/08/14 18:23:03 | 000,152,904 | ---- | M] () -- C:\WINDOWS\System32\vghd.scr
[2010/08/13 09:52:12 | 000,000,000 | R--- | M] () -- C:\logwmemory.bin
[2010/08/13 07:04:24 | 000,215,128 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010/08/12 12:27:04 | 000,002,556 | ---- | M] () -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Vegas Pro registrieren.htm
 
========== Files Created - No Company Name ==========
 
[2010/09/04 15:44:23 | 000,023,552 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Alte im Wald.doc
[2010/09/04 15:38:23 | 000,024,576 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Jagd nach dem Schatz(verbessert).doc
[2010/09/04 15:38:02 | 000,024,576 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Die Insel Bunga Bong1.doc
[2010/09/04 04:49:30 | 000,001,657 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\RollerCoaster Tycoon® 3.lnk
[2010/09/01 11:37:56 | 000,023,797 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Ebay_Fellfratze.docx
[2010/09/01 11:36:20 | 000,011,266 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\.recently-used.xbel
[2010/08/31 14:20:25 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010/08/31 14:20:25 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010/08/28 17:14:54 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/25 06:45:21 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010/08/24 16:28:59 | 692,753,611 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\GtaSa.rar
[2010/08/24 10:30:49 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/24 10:30:48 | 000,001,080 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/24 10:26:21 | 000,010,919 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\London, Aufgabe 1.docx
[2010/08/22 17:20:46 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\chrtmp
[2010/08/20 16:55:47 | 1716,912,127 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\rld-sim3.iso
[2010/08/18 13:46:43 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2010/08/18 13:46:40 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/08/17 15:03:46 | 000,000,523 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\hamachi.lnk
[2010/08/16 08:32:50 | 000,063,777 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Stundenplan G10a.pptx
[2010/08/15 12:03:46 | 007,613,716 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Sherlock Holmes v. Arsene Lupin Lösung.pdf
[2010/08/15 09:34:07 | 000,009,641 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Desktop\Telefonliste G10a.xlsx
[2010/08/14 18:23:07 | 000,000,003 | ---- | C] () -- C:\WINDOWS\treeskp.sys
[2010/08/14 18:23:07 | 000,000,003 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2010/08/14 18:23:03 | 000,152,904 | ---- | C] () -- C:\WINDOWS\System32\vghd.scr
[2010/08/13 09:52:12 | 000,000,000 | R--- | C] () -- C:\logwmemory.bin
[2010/08/12 12:27:04 | 000,002,556 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Eigene Dateien\Vegas Pro registrieren.htm
[2010/08/12 11:23:15 | 000,002,261 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Skype.lnk
[2010/08/10 15:17:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/08/09 10:06:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\galaxy.ini
[2010/08/02 23:15:24 | 002,555,472 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010/07/30 15:18:41 | 000,018,981 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\f1graphics.cfg
[2010/07/24 14:17:42 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/07/18 14:27:18 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\CmiInstallResAll.dll
[2010/07/18 14:27:17 | 000,000,335 | ---- | C] () -- C:\WINDOWS\cm106.ini
[2010/07/10 09:03:14 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/07/06 04:52:20 | 000,011,264 | ---- | C] () -- C:\Dokumente und Einstellungen\Timo\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/05 14:19:11 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2010/07/03 12:23:21 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/07/03 12:23:04 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010/07/03 12:20:44 | 000,031,864 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/06/30 06:29:10 | 000,000,361 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2010/06/29 09:08:05 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/06/29 08:41:57 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010/06/29 04:11:44 | 005,242,880 | -H-- | C] () -- C:\Dokumente und Einstellungen\Timo\NTUSER.DAT
[2010/06/29 04:11:44 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\Timo\ntuser.dat.LOG
[2010/06/29 04:11:44 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Timo\ntuser.ini
[2010/06/29 04:11:20 | 000,262,144 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2010/06/29 04:11:20 | 000,262,144 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2010/06/29 04:11:20 | 000,016,384 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.dat.LOG
[2010/06/29 04:11:20 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.dat.LOG
[2010/06/29 04:11:20 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.ini
[2010/06/29 04:11:20 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.ini
[2010/04/02 11:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2003/04/02 08:00:00 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
 
========== LOP Check ==========
 
[2010/08/28 11:49:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Atari
[2010/07/25 09:24:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Bierbuden Autoupdate
[2010/08/28 09:29:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\BitTorrent
[2010/08/15 09:25:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\COMPUTERBILD-Abzockschutz
[2010/08/25 16:36:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\DAEMON Tools Lite
[2010/07/07 11:56:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010/08/20 16:54:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\FreeBurner
[2010/08/30 12:36:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\GetRightToGo
[2010/08/14 13:55:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Glory of the Roman Empire
[2010/08/18 12:49:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\GS Spiele-Verwaltung
[2010/09/01 11:36:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\gtk-2.0
[2010/08/29 08:49:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\ICQ
[2010/08/15 09:52:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Imperium Romanum
[2010/07/09 03:41:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\inkscape
[2010/07/09 17:12:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Leadertech
[2010/07/30 14:13:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Meine Die Schlacht um Mittelerde-Dateien
[2010/07/28 13:33:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Meine Die Schlacht um Mittelerde™ II-Dateien
[2010/07/15 14:41:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Notepad++
[2010/06/29 08:42:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\OpenOffice.org
[2010/07/19 05:38:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Petroglyph
[2010/08/28 11:25:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\PriceGong
[2010/08/13 09:37:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Pro Cycling Manager 2008 - Demo
[2010/08/12 12:27:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Publish Providers
[2010/07/05 12:39:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Sierra
[2010/07/05 11:33:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Sierra Entertainment
[2010/08/13 09:50:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Soldat
[2010/08/12 12:27:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Sony
[2010/07/11 06:19:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\Tropico 3
[2010/08/14 11:56:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Timo\Anwendungsdaten\TS3Client
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\svchost.exe:SummaryInformation
< End of report >

GermanShark · 10.09.2010, 15:26

Und dann der Bonus/log

Code:

ATTFilter

OTL Extras logfile created on: 9/10/2010 11:17:51 PM - Run 
OTLPE by OldTimer - Version 3.1.40.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97.65 Gb Total Space | 30.64 Gb Free Space | 31.38% Space Free | Partition Type: NTFS
Drive D: | 982.72 Mb Total Space | 917.56 Mb Free Space | 93.37% Space Free | Partition Type: FAT
Drive E: | 200.43 Gb Total Space | 13.55 Gb Free Space | 6.76% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 File not found
htmlfile [print] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\CyberLink\PowerDVD8\PowerDVD8.exe" = C:\Programme\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0 -- (CyberLink Corp.)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\AVG\AVG9\avgemc.exe" = C:\Programme\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG9\avgupd.exe" = C:\Programme\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG9\avgnsx.exe" = C:\Programme\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\CyberLink\PowerDVD8\PowerDVD8.exe" = C:\Programme\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0 -- (CyberLink Corp.)
"C:\Programme\GIGABYTE\@BIOS\gwflash.exe" = C:\Programme\GIGABYTE\@BIOS\gwflash.exe:*:Enabled:@BIOS Application -- File not found
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"D:\Programme\GP4.exe" = D:\Programme\GP4.exe:*:Disabled:GP4 -- File not found
"D:\Programme\Steam\Steam.exe" = D:\Programme\Steam\Steam.exe:*:Enabled:Steam -- File not found
"D:\Programme\GP4\GP4.exe" = D:\Programme\GP4\GP4.exe:*:Disabled:GP4 -- File not found
"D:\Programme\The Games Company\Empire Earth Ultimate Edition\Empire Earth I\Empire Earth.exe" = D:\Programme\The Games Company\Empire Earth Ultimate Edition\Empire Earth I\Empire Earth.exe:*:Disabled:Empire Earth -- File not found
"D:\Programme\Cyanide\Radsport Manager\CYM2003.EXE" = D:\Programme\Cyanide\Radsport Manager\CYM2003.EXE:*:Disabled:CyclingManager -- File not found
"D:\Programme\Microsoft Games\Age of Empires III\age3.exe" = D:\Programme\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires III -- File not found
"D:\Programme\The Games Company\Empire Earth Ultimate Edition\Empire Earth I ZdE\EE-AOC.exe" = D:\Programme\The Games Company\Empire Earth Ultimate Edition\Empire Earth I ZdE\EE-AOC.exe:*:Disabled:EE-AOC -- File not found
"D:\Programme\iTunes\iTunes.exe" = D:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- File not found
"D:\Programme\Python\pythonw.exe" = D:\Programme\Python\pythonw.exe:*:Enabled:pythonw -- File not found
"D:\Programme\Teamspeak2_RC2\server_windows.exe" = D:\Programme\Teamspeak2_RC2\server_windows.exe:*:Enabled:Server -- File not found
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Programme\Steam\steamapps\britishshark17\race 07\Race_Steam.exe" = D:\Programme\Steam\steamapps\britishshark17\race 07\Race_Steam.exe:*:Enabled:RACE 07 -- File not found
"D:\Programme\GTR2\GTR2.exe" = D:\Programme\GTR2\GTR2.exe:*:Disabled:GTR2 - FIA GT Racing Game -- File not found
"C:\Dokumente und Einstellungen\Timo\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Dokumente und Einstellungen\Timo\Desktop\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)  -- ()
"C:\Dokumente und Einstellungen\Timo\Desktop\XIII\system\XIII.exe" = C:\Dokumente und Einstellungen\Timo\Desktop\XIII\system\XIII.exe:*:Disabled:XIII -- File not found
"D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic.exe" = D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic.exe:*:Enabled:WORLD IN CONFLICT -- File not found
"D:\Programme\EA GAMES\Battlefield 2 Demo\BF2.exe" = D:\Programme\EA GAMES\Battlefield 2 Demo\BF2.exe:*:Enabled:Battlefield 2 -- File not found
"D:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat" = D:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat:*:Enabled:Die Schlacht um Mittelerde™ II -- File not found
"D:\Programme\Steam\steamapps\common\lead and gold gangs of the wild west\lag_win32_public_dev.exe" = D:\Programme\Steam\steamapps\common\lead and gold gangs of the wild west\lag_win32_public_dev.exe:*:Enabled:Lead and Gold - Gangs of the Wild West -- File not found
"D:\Programme\Qtracker\qtracker.exe" = D:\Programme\Qtracker\qtracker.exe:*:Enabled:Qtracker -- File not found
"D:\Programme\Firefly Studios\Stronghold 2\Stronghold2.exe" = D:\Programme\Firefly Studios\Stronghold 2\Stronghold2.exe:*:Disabled:Stronghold 2 -- File not found
"D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_ds.exe" = D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_ds.exe:*:Disabled:WORLD IN CONFLICT - Dedizierter Server -- File not found
"D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_online.exe" = D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_online.exe:*:Disabled:WORLD IN CONFLICT - Nur Online -- File not found
"D:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- File not found
"D:\Programme\Microsoft Office\Office12\GROOVE.EXE" = D:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- File not found
"D:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = D:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- File not found
"D:\Programme\Cyanide\Radsportmanager Pro 2005-2006\Cym2005.exe" = D:\Programme\Cyanide\Radsportmanager Pro 2005-2006\Cym2005.exe:*:Enabled:Pro Cycling Manager -- File not found
"D:\Programme\Cyanide\GameCenter\GameCenter.exe" = D:\Programme\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter -- File not found
"D:\Programme\JoWooD\SpellForce\spellforce.exe" = D:\Programme\JoWooD\SpellForce\spellforce.exe:*:Disabled:spellforce -- File not found
"D:\Programme\Alien Arena 7_33\crx.exe" = D:\Programme\Alien Arena 7_33\crx.exe:*:Disabled:crx -- File not found
"D:\Programme\Cyanide\[Demo] Tour de France saison 2008 - Der Offizielle Radsport Manager\Autorun\Exe\Autorun.exe" = D:\Programme\Cyanide\[Demo] Tour de France saison 2008 - Der Offizielle Radsport Manager\Autorun\Exe\Autorun.exe:*:Enabled:[Demo] Tour de France saison 2008 - Der Offizielle Radsport Manager - AutoRun -- File not found
"C:\Dokumente und Einstellungen\Timo\Desktop\VGigant\VGigant.exe" = C:\Dokumente und Einstellungen\Timo\Desktop\VGigant\VGigant.exe:*:Disabled:MFC-Anwendung default -- File not found
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"D:\Programme\Cyanide\[Demo] Tour de France saison 2008 - Der Offizielle Radsport Manager\PCMDemo.exe" = D:\Programme\Cyanide\[Demo] Tour de France saison 2008 - Der Offizielle Radsport Manager\PCMDemo.exe:*:Disabled:pcm -- File not found
"D:\Programme\Soldat\Soldat.exe" = D:\Programme\Soldat\Soldat.exe:*:Disabled:hxxp://soldat.pl -- File not found
"D:\Programme\UrbanTerror\ioUrbanTerror.exe" = D:\Programme\UrbanTerror\ioUrbanTerror.exe:*:Enabled:ioUrbanTerror -- File not found
"D:\Programme\BitTorrent\BitTorrent.exe" = D:\Programme\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- File not found
"D:\Programme\1C Company\13th Century - Death or Glory\engine.exe" = D:\Programme\1C Company\13th Century - Death or Glory\engine.exe:*:Disabled:engine -- File not found
"D:\Programme\Steam\steamapps\common\mafia ii - public demo\launcher.exe" = D:\Programme\Steam\steamapps\common\mafia ii - public demo\launcher.exe:*:Enabled:Mafia II - Demo -- File not found
"C:\Dokumente und Einstellungen\Timo\Desktop\Downloads\StarCraft_2_EU_de-DE.exe" = C:\Dokumente und Einstellungen\Timo\Desktop\Downloads\StarCraft_2_EU_de-DE.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\StarCraft II\StarCraft II.exe" = D:\Programme\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- File not found
"D:\Programme\StarCraft II\Versions\Base15405\SC2.exe" = D:\Programme\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II -- File not found
"D:\Programme\Microprose\Grand Prix 3\GP3.ICD" = D:\Programme\Microprose\Grand Prix 3\GP3.ICD:*:Disabled:GP3 -- File not found
"D:\Programme\Firefly Studios\Stronghold Legends\StrongholdLegends.exe" = D:\Programme\Firefly Studios\Stronghold Legends\StrongholdLegends.exe:*:Enabled:Stronghold Legends -- File not found
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"D:\Programme\THQ\MotoGP 2007\motogp.exe" = D:\Programme\THQ\MotoGP 2007\motogp.exe:*:Disabled:motogp -- File not found
"D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- File not found
"D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- File not found
"D:\Programme\Rockstar Games\Grand Theft Auto IV\GTAIV.exe" = D:\Programme\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- File not found
"D:\Programme\Anno 1701\Anno1701.exe" = D:\Programme\Anno 1701\Anno1701.exe:*:Disabled:Anno 1701 -- File not found
"D:\Programme\Steam\steamapps\britishshark17\gtr evolution - demo\GtrEvo_Demo_Steam.exe" = D:\Programme\Steam\steamapps\britishshark17\gtr evolution - demo\GtrEvo_Demo_Steam.exe:*:Enabled:GTR Evolution Demo -- File not found
"D:\Programme\Steam\steamapps\britishshark17\gtr evolution - demo\Config.exe" = D:\Programme\Steam\steamapps\britishshark17\gtr evolution - demo\Config.exe:*:Enabled:GTR Evolution Demo -- File not found
"D:\Programme\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe" = D:\Programme\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{22CA391A-0589-403F-98AF-8030513E7C3A}" = Castle Strike
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = LG CyberLink PowerDVD
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{38634E89-07CE-4236-A3B2-D006D4D4E6CB}_is1" = GS Spiele-Verwaltung
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{628C3D50-F524-4C49-A958-672CE7953756}" = Der Herr der Ringe® - Die Eroberung™
"{63686BEF-04CA-461C-B364-53BBC322F7BF}" = Sherlock Holmes jagt Arsene Lupin
"{6592FDEC-2C1A-413A-9985-25FEC2F0848D}" = Star Wars Empire at War Forces of Corruption
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-365CN
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{896B238F-7CFE-4952-82EB-96E63E8E67B6}" = COMPUTERBILD-Abzockschutz
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.0.7.2
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}" = Battlefield 2(TM) Demo
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{912CE296-3D73-4A9D-B3FB-70A5CF7A8568}" = Empire Earth Ultimate Edition
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"{BF1EC9C0-9C10-11DF-BBC7-005056C00008}" = Google Earth
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C7D27207-0F86-4B6F-859C-21800A2C592E}" = Grand Prix 4
"{C878CD69-85DB-426B-81A3-E71175AAEB91}" = Dealio Toolbar v4.0.2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D560A981-FEB3-42F0-A61A-13E9528E0C51}_is1" = GTR 2 1.0.0.0
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4961DB6-A3F3-11D3-BE67-0000B4A81FC5}" = Grand Prix 3
"{E7394A0F-3F80-45B1-87FC-ABCD51893246}" = Python 2.6.4
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null 
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"An Act of War" = An Act of War v1.1
"AVG9Uninstall" = AVG Free 9.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent
"C&C - Zero Hour - Full Uncut Patch Final v.2.5" = C&C - Zero Hour - Full Uncut Patch Final v.2.5
"CCleaner" = CCleaner
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"ClearProg" = ClearProg 1.6.1 Beta 3
"Cossacks : The Art Of War" = Cossacks - The Art Of War
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Easy Burner_is1" = Free Easy Burner V 4.1
"Free Studio_is1" = Free Studio version 4.7
"Free Video to Sony PSP Converter_is1" = Free Video to Sony PSP Converter version 2.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"GameCenter" = GameCenter
"Glory of the Roman Empire" = Die Römer
"Hamachi" = Hamachi 1.0.1.5
"Hardcopy(C__Programme_Hardcopy)" = Hardcopy (C:\Programme\Hardcopy)
"Heilige-Lieder.de Songtextquiz_is1" = Heilige-Lieder.de Songtextquiz 1.30
"ie8" = Windows Internet Explorer 8
"Imperium Romanum" = Imperium Romanum 1.04 Gold Edition
"Inkscape" = Inkscape 0.47
"Install Creator" = Install Creator
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = LG CyberLink PowerDVD
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MotoGP 2007_is1" = MotoGP 2007 v1.1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"Popscene: Track 2" = Popscene: Track 2
"PPDB Final Giant 2005" = PPDB Final Giant 2005
"Pro Cycling Manager" = Radsportmanager Pro 2005-2006
"Pro Cycling Manager 2008 - Demo_is1" = [Demo] Tour de France saison 2008 - Der Offizielle Radsport Man
"Qtracker" = Qtracker
"RACE 07 Offline_1.0_is1" = RACE 07 Offline
"Reach" = Reach
"Roller coaster 3 pack all pathed_is1" = Roller coaster 3
"SopCast" = SopCast 3.2.9
"SP6" = Logitech SetPoint 6.1
"SpellForce" = SpellForce
"StarCraft II" = StarCraft II
"Steam App 42120" = Lead and Gold - Gangs of the Wild West
"Steam App 50280" = Mafia II - Demo
"Steam App 8600" = RACE 07
"Steam App 8610" = RACE 07 Dedicated Server
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TEW2005" = TEW2005
"Tropico3" = Tropico 3 1.00
"Uninstall_is1" = Uninstall 1.0.0.1
"Urban Terror_is1" = Urban Terror 4.1
"VLC media player" = VLC media player 1.1.2
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.9
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wrestling MPire 2008 (Career Edition)" = Wrestling MPire 2008 (Career Edition)
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"wxPython2.8-unicode-py26_is1" = wxPython 2.8.9.1 (unicode) for Python 2.6
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Timo_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Stronghold Crusader Maps" = Stronghold Crusader Maps
 
< End of report >

07.09.2010, 10:59	#5
Swisstreasure /// Malwareteam	svchost.exe beendet - pc fährt nicht mehr hoch Ok da sehe ich einige Sachen. Melde mich am Abend. Muss dringend weg.

08.09.2010, 20:43	#11
Swisstreasure /// Malwareteam	svchost.exe beendet - pc fährt nicht mehr hoch Ja dann ab ins Bett Gute Besserung.

svchost.exe beendet - pc fährt nicht mehr hoch

Plagegeister aller Art und deren Bekämpfung: svchost.exe beendet - pc fährt nicht mehr hoch