Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Kernel Data Inpage error

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 25.07.2010, 19:17   #1
eqha
 
Kernel Data Inpage error - Reden

Kernel Data Inpage error



Hallo,
ich hab mich mal auf diesem Board angemeldet, in der hoffnung man kann mein Problem lösen. Und zwar heute bekam ich zwei Bluescreens mit dem Namen:
Kernel Data Inpage error mit der Beschreibung:
Stop 0x0000007a (0xC04791F8, 0x000009C, 0x1F8SCBE0, 0x8F23F00)

In letzter zeit (grob 1 Monat) bekomme ich immer häufiger diese Blue Screens.

CCleaner hab ich gemacht --> Keine Besserung
Malwarebytes--> keine infizierten projekte

Laut der Anleitung poste ich jetzt die log.txt:

RSIT Logfile:
Code:
ATTFilter
Logfile of random's system information tool 1.08 (written by random/random)
Run by ****** at 2010-07-25 20:03:08
Microsoft Windows 7 Home Premium  
System drive C: has 660 GB (71%) free of 932 GB
Total RAM: 3071 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:03:16, on 25.07.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
C:\Users\******\Desktop\RSIT.exe
C:\Program Files\trend micro\******.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.orbitdownloader.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) -  - (no file)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware  (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 (file missing)
O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 (file missing)
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: DATA BECKER Update Service (DBService) - DATA BECKER GmbH & Co KG - C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Net Control 2 Administrator. Helper Service. (NetControl2.AdminHelper) - Unknown owner - C:\Program Files\Net Control 2\ahs.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 8604 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130460688-3702063877-4155906110-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130460688-3702063877-4155906110-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2010-05-07 240912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11222041-111B-46E3-BD29-EFB2449479B1}]
IEPlugin Class - C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL [2008-12-24 145920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-13 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL [2010-05-14 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-13 394608]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2010-05-07 666816]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
" Malwarebytes Anti-Malware  (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2010-06-17 1238352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-07-25 20:03:11 ----D---- C:\Program Files\trend micro
2010-07-25 20:03:08 ----D---- C:\rsit
2010-07-25 10:30:26 ----DC---- C:\Users\******\AppData\Roaming\vlc
2010-07-24 20:53:11 ----A---- C:\Windows\TSearch.INI
2010-07-23 13:44:54 ----A---- C:\Windows\avisplitter.ini
2010-07-23 13:44:52 ----A---- C:\Windows\system32\yv12vfw.dll
2010-07-23 13:44:52 ----A---- C:\Windows\system32\xvidvfw.dll
2010-07-23 13:44:52 ----A---- C:\Windows\system32\xvidcore.dll
2010-07-23 13:44:52 ----A---- C:\Windows\system32\x264vfw.dll
2010-07-23 13:44:52 ----A---- C:\Windows\system32\vp6vfw.dll
2010-07-23 13:44:52 ----A---- C:\Windows\system32\huffyuv.dll
2010-07-23 13:44:52 ----A---- C:\Windows\system32\dpl100.dll
2010-07-23 13:44:51 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2010-07-23 13:44:51 ----A---- C:\Windows\system32\divx.dll
2010-07-23 13:44:50 ----A---- C:\Windows\system32\ff_vfw.dll
2010-07-22 16:56:26 ----D---- C:\Program Files\Winamp Detect
2010-07-22 16:54:43 ----DC---- C:\Users\******\AppData\Roaming\Winamp
2010-07-22 16:54:43 ----D---- C:\Program Files\Winamp
2010-07-21 20:48:37 ----ASH---- C:\pagefile.sys
2010-07-21 16:44:25 ----SHD---- C:\found.001
2010-07-21 16:33:02 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-07-21 16:33:00 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-07-21 16:27:25 ----D---- C:\Program Files\CCleaner
2010-07-19 13:49:21 ----DC---- C:\Users\******\AppData\Roaming\Astroburn
2010-07-19 13:49:19 ----D---- C:\Program Files\Astroburn Toolbar
2010-07-19 13:43:54 ----DC---- C:\Users\******\AppData\Roaming\Astroburn Pro
2010-07-19 13:43:54 ----D---- C:\ProgramData\Astroburn Pro
2010-07-19 13:17:11 ----DC---- C:\Users\******\AppData\Roaming\Astroburn Lite
2010-07-19 13:17:08 ----D---- C:\ProgramData\Astroburn Lite
2010-07-16 13:53:31 ----A---- C:\Windows\WorldBuilder.INI
2010-07-16 12:02:12 ----D---- C:\Program Files\DAEMON Tools Lite
2010-07-15 20:34:06 ----D---- C:\Program Files\Elaborate Bytes
2010-07-15 20:28:37 ----D---- C:\ProgramData\SlySoft
2010-07-15 16:14:27 ----D---- C:\Program Files\SlySoft
2010-07-14 23:02:23 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-07-14 23:01:54 ----DC---- C:\Users\******\AppData\Roaming\DAEMON Tools Lite
2010-07-14 23:01:51 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-07-13 14:45:28 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2010-07-13 14:45:28 ----A---- C:\Windows\system32\msmpeg2adec.dll
2010-07-13 14:45:28 ----A---- C:\Windows\system32\mp4sdecd.dll
2010-07-13 14:45:28 ----A---- C:\Windows\system32\mp43decd.dll
2010-07-13 14:45:28 ----A---- C:\Windows\system32\mp3dmod.dll
2010-07-13 14:45:28 ----A---- C:\Windows\system32\mfds.dll
2010-07-13 14:08:37 ----A---- C:\Windows\system32\uxtuneup.dll
2010-07-13 14:08:37 ----A---- C:\Windows\system32\authuitu.dll
2010-07-12 08:18:36 ----DC---- C:\Users\******\AppData\Roaming\Recordpad
2010-07-11 11:59:37 ----D---- C:\ProgramData\NCH Swift Sound
2010-07-11 10:57:05 ----DC---- C:\Users\******\AppData\Roaming\AudioMoves
2010-07-11 10:57:02 ----D---- C:\Program Files\AudioMoves
2010-07-11 10:53:40 ----D---- C:\Program Files\Aspect one
2010-07-11 10:43:23 ----D---- C:\Program Files\The GodFather
2010-07-11 10:15:40 ----D---- C:\Program Files\Mp3tag
2010-07-10 18:19:38 ----DC---- C:\Users\******\AppData\Roaming\BitTorrent
2010-07-10 18:19:22 ----D---- C:\Program Files\BitTorrent
2010-06-28 20:24:04 ----D---- C:\Program Files\Orbitdownloader
2010-06-28 16:25:57 ----D---- C:\Program Files\Mozilla Firefox
2010-06-28 15:49:17 ----DC---- C:\Users\******\AppData\Roaming\Malwarebytes
2010-06-28 15:49:02 ----D---- C:\ProgramData\Malwarebytes
2010-06-28 15:48:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-06-26 14:24:42 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-06-26 14:24:42 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-06-26 14:24:42 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-06-26 14:24:42 ----A---- C:\Windows\system32\X3DAudio1_7.dll

======List of files/folders modified in the last 1 months======

2010-07-25 20:03:11 ----RD---- C:\Program Files
2010-07-25 20:03:11 ----D---- C:\Windows\Temp
2010-07-25 20:03:02 ----DC---- C:\Users\*******\AppData\Roaming\Skype
2010-07-25 19:40:01 ----DC---- C:\Users\******\AppData\Roaming\skypePM
2010-07-25 19:10:24 ----AD---- C:\Windows
2010-07-25 19:00:27 ----SHD---- C:\System Volume Information
2010-07-25 18:16:21 ----D---- C:\Program Files\Steam
2010-07-25 18:08:23 ----DC---- C:\Users\******\AppData\Roaming\Command & Conquer 3 Kanes Rache
2010-07-25 16:53:11 ----D---- C:\Windows\Prefetch
2010-07-25 14:52:46 ----D---- C:\ProgramData
2010-07-25 14:50:45 ----SHD---- C:\Windows\Installer
2010-07-25 14:49:35 ----HDC---- C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2010-07-25 14:48:24 ----D---- C:\Windows\system32\config
2010-07-25 14:40:47 ----D---- C:\Windows\Logs
2010-07-25 12:03:53 ----D---- C:\Windows\Minidump
2010-07-25 11:41:43 ----D---- C:\Windows\system32\catroot2
2010-07-24 21:12:32 ----A---- C:\Windows\system32\PnkBstrB.exe
2010-07-24 21:12:15 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-24 19:37:42 ----A---- C:\Windows\system32\PnkBstrA.exe
2010-07-24 19:24:24 ----A---- C:\Windows\game.ini
2010-07-24 19:14:04 ----D---- C:\Program Files\Activision
2010-07-23 16:46:36 ----DC---- C:\Users\******\AppData\Roaming\Media Player Classic
2010-07-23 13:46:49 ----DC---- C:\Users\******\AppData\Roaming\Orbit
2010-07-23 13:46:38 ----D---- C:\Windows\System32
2010-07-23 13:45:11 ----D---- C:\Program Files\K-Lite Codec Pack
2010-07-23 13:00:35 ----D---- C:\Windows\system32\Tasks
2010-07-23 12:33:57 ----D---- C:\Windows\Tasks
2010-07-22 16:57:09 ----D---- C:\$RECYCLE.BIN
2010-07-22 08:22:47 ----D---- C:\ProgramData\NOS
2010-07-21 16:42:07 ----D---- C:\Windows\system32\drivers
2010-07-21 16:29:20 ----D---- C:\Windows\debug
2010-07-18 22:35:36 ----DC---- C:\Users\******\AppData\Roaming\dvdcss
2010-07-16 13:30:02 ----DC---- C:\Users\******\AppData\Roaming\Microsoft
2010-07-16 13:30:02 ----D---- C:\ProgramData\Microsoft
2010-07-15 20:34:37 ----D---- C:\Windows\inf
2010-07-15 20:34:35 ----D---- C:\Windows\system32\DriverStore
2010-07-15 20:34:35 ----D---- C:\Windows\system32\catroot
2010-07-13 14:45:43 ----DC---- C:\Users\******\AppData\Roaming\DivX
2010-07-13 14:08:28 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-07-13 14:05:34 ----DC---- C:\Users\******\AppData\Roaming\NCH Swift Sound
2010-07-12 19:08:43 ----D---- C:\Program Files\Call of Duty
2010-07-12 08:18:23 ----D---- C:\ProgramData\NVIDIA
2010-07-11 12:14:18 ----DC---- C:\Users\******\AppData\Roaming\Audacity
2010-07-11 00:03:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-06 13:26:00 ----A---- C:\Windows\system32\TURegOpt.exe
2010-07-04 16:39:43 ----D---- C:\Windows\system32\drivers\etc
2010-07-02 23:09:24 ----D---- C:\ProgramData\Tunngle
2010-07-02 23:09:23 ----DC---- C:\Users\******\AppData\Roaming\Tunngle
2010-07-02 21:39:05 ----A---- C:\Windows\system32\MRT.exe
2010-07-02 16:59:36 ----D---- C:\Program Files\MKVtoolnix
2010-06-29 17:43:18 ----D---- C:\ProgramData\DivX
2010-06-28 16:36:53 ----DC---- C:\Users\******\AppData\Roaming\Mozilla
2010-06-27 11:10:41 ----D---- C:\Program Files\Common Files\DivX Shared
2010-06-27 11:10:40 ----D---- C:\Program Files\DivX
2010-06-26 14:24:14 ----RSD---- C:\Windows\assembly
2010-06-26 13:59:58 ----D---- C:\Windows\Microsoft.NET
2010-06-26 10:39:05 ----D---- C:\Windows\system32\de-DE
2010-06-26 10:36:25 ----D---- C:\Windows\system32\en-US
2010-06-26 10:36:24 ----D---- C:\Program Files\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-03-31 44944]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-24 697328]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NIS\1107000.00C\SYMDS.SYS [2009-08-30 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1107000.00C\SYMEFA.SYS [2010-04-22 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx86.sys [2010-05-22 691248]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\NIS\1107000.00C\ccHPx86.sys [2010-02-26 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-05-27 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100723.001\IDSvix86.sys [2010-05-28 344112]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1107000.00C\SRTSP.SYS [2010-04-22 325680]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1107000.00C\SRTSPX.SYS [2010-04-22 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-12-03 44080]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1107000.00C\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1107000.00C\SYMTDIV.SYS [2010-05-06 339504]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-01-20 295432]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2009-07-14 117248]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\DRIVERS\LVUSBSta.sys [2008-07-26 41752]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100725.003\NAVENG.SYS [2010-07-14 85424]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100725.003\NAVEX15.SYS [2010-07-14 1362608]
R3 NVENETFD;NVIDIA nForce-Netzwerkcontrollertreiber; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-08-21 66592]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 NxpCap;CTX capture service; C:\Windows\system32\DRIVERS\NxpCap.sys [2009-07-30 1488096]
R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-06-21 601192]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-01-27 124976]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2009-05-13 13720]
R3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys [2009-05-13 27160]
S0 lskjanku;lskjanku; C:\Windows\System32\drivers\dykemvo.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a1lbnumg;a1lbnumg; C:\Windows\system32\drivers\a1lbnumg.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP-Bus-Filtertreiber; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 EraserUtilDrv11010;EraserUtilDrv11010; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11010.sys [2010-06-24 102448]
S3 ncvhook;ncvhook; C:\Windows\system32\DRIVERS\ncvhook.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-06-28 137216]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP-Bus-Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2009-11-09 25088]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S3 viaagp;VIA AGP-Bus-Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7-Prozessortreiber; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vtcdrv;GoGear Recovery Mode; C:\Windows\system32\DRIVERS\vtcdrv_x86.sys [2009-12-21 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 DBService;DATA BECKER Update Service; C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe [2009-01-08 187456]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-02-03 1155072]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe [2010-02-26 126392]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-07-24 66872]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-06-24 715512]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 NetControl2.AdminHelper;Net Control 2 Administrator. Helper Service.; C:\Program Files\Net Control 2\ahs.exe []
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-07-13 435008]

-----------------EOF-----------------
         
--- --- ---


Und jetzt die info.txt:

info.txtRSIT Logfile:
Code:
ATTFilter
logfile of random's system information tool 1.08 2010-07-25 20:03:18

======Uninstall list======

-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
7-Zip 9.13 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Reader 9.3.3 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Audacity 1.3.11 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
Battlefield: Bad Company™ 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67}
BitTorrent-->C:\Program Files\BitTorrent\uninst.exe
Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{149464D9-B06F-4505-9968-FD1206F67AD3}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.5 Patch-->C:\Program Files\InstallShield Installation Information\{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{E237FA24-CFB3-431F-B356-DF8FB116DE4B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM)-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0407
Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty: Modern Warfare 2 - Multiplayer-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10190
Call of Duty: Modern Warfare 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10180
Call of Duty-->C:\PROGRA~1\Call of Duty\Uninstall\Unwise.exe /u C:\PROGRA~1\Call of Duty\Uninstall\Install.log
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cnc4WorldBuilder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56BDDC6B-A676-4559-B9D7-D2E19264E80D}\setup.exe" -l0x9  -removeonly
Command & Conquer 3 Kane's Wrath(TM) Worldbuilder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44C934E4-6610-43D4-8E9B-49F30785013A}\setup.exe" -l0x9  -removeonly
Command & Conquer 3-->MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}
Command & Conquer™ 3: Kanes Rache-->MsiExec.exe /I{CC2422C9-F7B5-4175-B295-5EC2283AA674}
Command & Conquer™ 4 Tiberian Twilight-->MsiExec.exe /X{82696435-8572-4D8B-A230-D1AA567D0F0F}
Command & Conquer™ Alarmstufe Rot 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
Crysis WARHEAD(R)-->"C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R)-->C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
CyberLink MediaShow-->"C:\Program Files\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe" /z-uninstall
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
DivX Converter-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
DivX Plus DirectShow Filters-->C:\ProgramData\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe /DSFILTERS
DivX-Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
DSL-Speedtest-->MsiExec.exe /X{5C98D841-6392-41F1-A80E-B1A741F32A95}
EA Download Manager UI-->msiexec /qb /x {D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}
EA Download Manager UI-->MsiExec.exe /I{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}
EA Download Manager-->C:\Program Files\Electronic Arts\EADM\EADMUninstall.exe
Enemy Territory - Quake Wars(TM)-->C:\Program Files\id Software\Enemy Territory - QUAKE Wars\uninstall.exe
FFmpeg for Audacity on Windows-->"C:\Program Files\FFmpeg for Audacity\unins000.exe"
Firebird SQL Server - MAGIX Edition-->MsiExec.exe /X{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
K-Lite Mega Codec Pack 6.2.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LADSPA_plugins-win-0.4.15-->"C:\Program Files\Audacity\Plug-Ins\unins000.exe"
LAME v3.98.2 for Audacity-->"C:\Program Files\Lame for Audacity\unins000.exe"
Logitech Vid-->MsiExec.exe /I{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}
Logitech Webcam Software-->MsiExec.exe /I{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media Converter for Philips-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E623BB3F-F7ED-4148-BEB5-A0D1DB28B4DE}\Setup.exe" -l0x7 
Medion Home Cinema-->"C:\Program Files\InstallShield Installation Information\{AB770FDE-8087-4C98-9A85-BD64262C104C}\Setup.exe" /z-uninstall
Medion Home Cinema-->"C:\Program Files\InstallShield Installation Information\{AB770FDE-8087-4C98-9A85-BD64262C104C}\Setup.exe" /z-uninstall
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 4 Client Profile DEU Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1031 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile DEU Language Pack-->MsiExec.exe /X{F750C986-5310-3A5A-95F8-4EC71C8AC01C}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{06E6E30D-B498-442F-A943-07DE41D7F785}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [DEU]-->MsiExec.exe /I{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{39D0E034-1042-4905-BECB-5502909FCB7C}
MKVtoolnix 4.0.0-->C:\Program Files\MKVtoolnix\uninst.exe
Moorhuhn Kart 3 Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{42B49E02-8422-4B41-BABA-2B282E997462}\Setup.exe" -l0x7 
Moorhuhn WE AYCS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F92CDFEB-DB96-4589-B88C-BE181D153445}\Setup.exe" -l0x7 
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3-Check (v1.0.39.0)-->"C:\Program Files\AudioMoves\unins000.exe"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MUSE Device Manager-->C:\Program Files\InstallShield Installation Information\{44A4644A-CF32-47A4-8EFE-ACF7BD12D2CC}\setup.exe -runfromtemp -l0x0007 -removeonly
Nokia Connectivity Cable Driver-->RUNDLL32.EXE nsesetup.dll,DoNTUninst
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\2454B0AB\17.7.0.12\InstStub.exe /X
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{DEA314C4-0929-4250-BC92-98E4C105F28D}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Orbit Downloader-->"C:\Program Files\Orbitdownloader\unins000.exe"
PlayReady PC Runtime x86-->MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}
Portal-->"C:\Program Files\Steam\steam.exe" steam://uninstall/400
Protect Disc License Helper 1.0.118-->C:\Program Files\ProtectDisc\License Helper\uninst.exe
ProtectDisc Driver, Version 11-->C:\Program Files\ProtectDisc Driver Installer\uninstall_v11.exe
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709
Schatzjäger 3 - Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9023F57A-D8A5-4CB9-B554-966AF520AAA3}\Setup.exe" -l0x7 
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB982135)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0112C750-A06F-4F92-9C40-E5C1EA9A70EB}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sniper: Ghost Warrior-->"C:\Program Files\Steam\steam.exe" steam://uninstall/34830
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SUPER © Version 2010.bld.38 (May 2, 2010)-->C:\PROGRA~1\eRightSoft\SUPER\Setup.exe /remove /q0
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Tunngle beta-->"C:\Program Files\Tunngle\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Visual C++ 9.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{0138F525-6C8A-333F-A105-14AE030B9A54}
VLC media player 1.1.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Fotogalerie-->MsiExec.exe /X{2BA722D1-48D1-406E-9123-8AE5431D63EF}
Windows Live ID-Anmelde-Assistent-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Live Mail-->MsiExec.exe /I{C4D738F7-996A-4C81-B8FA-C4E26D767E41}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live Movie Maker-->MsiExec.exe /X{3EFEF049-23D4-4B46-8903-4592FEA51018}
Windows Live Sync-->MsiExec.exe /X{76618402-179D-4699-A66B-D351C59436BC}
Windows Live Toolbar-->MsiExec.exe /X{70B7A167-0B88-445D-A3EA-97C73AA88CAC}
Windows Live Writer-->MsiExec.exe /X{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
X10 Hardware(TM)-->C:\Windows\UNWISE32_setup.EXE C:\PROGRA~1\X10HAR~1\Install.log

======System event log======

Computer Name: ******-Desktop
Event Code: 7
Message: Fehlerhafter Block bei Gerät \Device\Harddisk4\DR4.
Record Number: 91885
Source Name: Disk
Time Written: 20100422144707.992700-000
Event Type: Fehler
User: 

Computer Name: ******-Desktop
Event Code: 7
Message: Fehlerhafter Block bei Gerät \Device\Harddisk4\DR4.
Record Number: 91884
Source Name: Disk
Time Written: 20100422144707.910200-000
Event Type: Fehler
User: 

Computer Name: ******-Desktop
Event Code: 7
Message: Fehlerhafter Block bei Gerät \Device\Harddisk4\DR4.
Record Number: 91883
Source Name: Disk
Time Written: 20100422144707.775200-000
Event Type: Fehler
User: 

Computer Name: ******-Desktop
Event Code: 7
Message: Fehlerhafter Block bei Gerät \Device\Harddisk4\DR4.
Record Number: 91882
Source Name: Disk
Time Written: 20100422144707.720200-000
Event Type: Fehler
User: 

Computer Name: ******-Desktop
Event Code: 7
Message: Fehlerhafter Block bei Gerät \Device\Harddisk4\DR4.
Record Number: 91881
Source Name: Disk
Time Written: 20100422144707.650200-000
Event Type: Fehler
User: 

=====Application event log=====

Computer Name: WIN-GOEOTCD883D
Event Code: 0
Message: 
Record Number: 5
Source Name: RichVideo
Time Written: 20091127182428.000000-000
Event Type: Informationen
User: 

Computer Name: WIN-GOEOTCD883D
Event Code: 0
Message: 
Record Number: 4
Source Name: Fabs
Time Written: 20091127182426.000000-000
Event Type: Informationen
User: 

Computer Name: WIN-GOEOTCD883D
Event Code: 4625
Message: Das EventSystem-Subsystem unterdrückt duplizierte Ereignisprotokolleinträge für eine Dauer von 86400 Sekunden. Dieses Zeitlimit kann durch den REG_DWORD-Wert SuppressDuplicateDuration unter folgendem Registrierungsschlüssel gesteuert werden: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 3
Source Name: Microsoft-Windows-EventSystem
Time Written: 20091127182422.000000-000
Event Type: Informationen
User: 

Computer Name: WIN-GOEOTCD883D
Event Code: 1531
Message: Der Benutzerprofildienst wurde erfolgreich gestartet.  


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091127182422.257600-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: WIN-GOEOTCD883D
Event Code: 1532
Message: Das Benutzerprofil wurde angehalten  


Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091030111922.583600-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

=====Security event log=====

Computer Name: WIN-GOEOTCD883D
Event Code: 4672
Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.

Antragsteller:
	Sicherheits-ID:		S-1-5-18
	Kontoname:		SYSTEM
	Kontodomäne:		NT-AUTORITÄT
	Anmelde-ID:		0x3e7

Berechtigungen:		SeAssignPrimaryTokenPrivilege
			SeTcbPrivilege
			SeSecurityPrivilege
			SeTakeOwnershipPrivilege
			SeLoadDriverPrivilege
			SeBackupPrivilege
			SeRestorePrivilege
			SeDebugPrivilege
			SeAuditPrivilege
			SeSystemEnvironmentPrivilege
			SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091127182351.588000-000
Event Type: Überwachung erfolgreich
User: 

Computer Name: WIN-GOEOTCD883D
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.

Antragsteller:
	Sicherheits-ID:		S-1-5-18
	Kontoname:		WIN-GOEOTCD883D$
	Kontodomäne:		WORKGROUP
	Anmelde-ID:		0x3e7

Anmeldetyp:			5

Neue Anmeldung:
	Sicherheits-ID:		S-1-5-18
	Kontoname:		SYSTEM
	Kontodomäne:		NT-AUTORITÄT
	Anmelde-ID:		0x3e7
	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}

Prozessinformationen:
	Prozess-ID:		0x1e0
	Prozessname:		C:\Windows\System32\services.exe

Netzwerkinformationen:
	Arbeitsstationsname:	
	Quellnetzwerkadresse:	-
	Quellport:		-

Detaillierte Authentifizierungsinformationen:
	Anmeldeprozess:		Advapi  
	Authentifizierungspaket:	Negotiate
	Übertragene Dienste:	-
	Paketname (nur NTLM):	-
	Schlüssellänge:		0

Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.

Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".

Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).

Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.

Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.

Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
	 - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
	- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
	- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
	- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091127182351.588000-000
Event Type: Überwachung erfolgreich
User: 

Computer Name: WIN-GOEOTCD883D
Event Code: 4902
Message: Eine Benutzerrichtlinien-Überwachungstabelle wurde erstellt.

	Anzahl von Elementen:	0
	Richtlinienkennung:	0x3b511
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091127182351.026400-000
Event Type: Überwachung erfolgreich
User: 

Computer Name: WIN-GOEOTCD883D
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.

Antragsteller:
	Sicherheits-ID:		S-1-0-0
	Kontoname:		-
	Kontodomäne:		-
	Anmelde-ID:		0x0

Anmeldetyp:			0

Neue Anmeldung:
	Sicherheits-ID:		S-1-5-18
	Kontoname:		SYSTEM
	Kontodomäne:		NT-AUTORITÄT
	Anmelde-ID:		0x3e7
	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}

Prozessinformationen:
	Prozess-ID:		0x4
	Prozessname:		

Netzwerkinformationen:
	Arbeitsstationsname:	-
	Quellnetzwerkadresse:	-
	Quellport:		-

Detaillierte Authentifizierungsinformationen:
	Anmeldeprozess:		-
	Authentifizierungspaket:	-
	Übertragene Dienste:	-
	Paketname (nur NTLM):	-
	Schlüssellänge:		0

Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.

Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".

Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).

Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.

Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.

Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
	 - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
	- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
	- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
	- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091127182349.918800-000
Event Type: Überwachung erfolgreich
User: 

Computer Name: WIN-GOEOTCD883D
Event Code: 4608
Message: Windows wird gestartet.

Dieses Ereignis wird protokolliert, wenn LSASS.EXE gestartet und das Überwachungssubsystem initialisiert wird.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091127182349.856400-000
Event Type: Überwachung erfolgreich
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;c:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\MKVtoolnix
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
         
--- --- ---


Ich hoffe ich habe das richtig gemacht und auch nicht im falschen Forum gepostet. Schonmal vielen dank im voraus!!!

Alt 29.07.2010, 20:57   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kernel Data Inpage error - Standard

Kernel Data Inpage error



Poste bitte trotzdem das Log von Malwarebytes.
Erstell auch welche mit OTL.exe und poste sie.

Zitat:
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
Beides ist Schrott, der umgehend entsorgt werden sollte.
__________________

__________________

Alt 01.08.2010, 20:50   #3
eqha
 
Kernel Data Inpage error - Standard

Kernel Data Inpage error



Also Tune Up Utilities hab deinstalliert.
Aber Norton ist mein Antivirenprogramm, des tu ich net deinstallieren, oder wie meinst du das??

Otl.txt:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 01.08.2010 21:41:55 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\***\Downloads
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 629,35 Gb Free Space | 69,13% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 11,19 Gb Free Space | 55,95% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***-DESKTOP
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (DT Soft Ltd)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe (DATA BECKER GmbH & Co KG)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (X10)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (NetControl2.AdminHelper) -- C:\Program Files\Net Control 2\ahs.exe File not found
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe (Symantec Corporation)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (DBService) -- C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe (DATA BECKER GmbH & Co KG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
SRV - (x10nets) -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (X10)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (udfs) -- C:\Windows\System32\DRIVERS\udfs.sys File not found
DRV - (uagp35) -- C:\Windows\System32\DRIVERS\uagp35.sys File not found
DRV - (ncvhook) -- C:\Windows\System32\DRIVERS\ncvhook.sys File not found
DRV - (lskjanku) -- C:\Windows\System32\drivers\dykemvo.sys File not found
DRV - (cpuz133) -- C:\Users\***\AppData\Local\Temp\cpuz133\cpuz133_x32.sys File not found
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100801.003\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100801.003\NAVENG.SYS (Symantec Corporation)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation                           )
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100730.001\IDSvix86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx86.sys (Symantec Corporation)
DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1107000.00C\SYMTDIV.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1107000.00C\Ironx86.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1107000.00C\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1107000.00C\SRTSPX.SYS (Symantec Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1107000.00C\ccHPx86.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (vtcdrv) -- C:\Windows\System32\drivers\vtcdrv_x86.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation)
DRV - (teamviewervpn) -- C:\Windows\System32\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1107000.00C\SYMDS.SYS (Symantec Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (VClone) -- C:\Windows\System32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (NxpCap) -- C:\Windows\System32\drivers\NxpCap.sys (NXP Semiconductors Germany GmbH)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC-Seriellschnittstellentreiber (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (RMCAST) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) Brother MFC-nur-Fax-Modem (USB) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) Brother MFC-WDM-Treiber (USB,seriell) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) Brother WDM-Treiber (seriell) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
DRV - (nmwcd) -- C:\Windows\System32\drivers\nmwcd.sys (Nokia)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.orbitdownloader.com
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://dsl-start.computerbild.de/"
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {4b0a905d-b508-4574-8d12-b8fe120ace09}:0.5
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2
FF - prefs.js..network.proxy.http: "165.230.49.115"
FF - prefs.js..network.proxy.http_port: 3124
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 4
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010.01.27 23:42:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010.07.28 15:43:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2010.05.23 18:32:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.25 11:50:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.25 11:50:36 | 000,000,000 | ---D | M]
 
[2010.06.28 16:31:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.06.28 16:31:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\24m81nvb.default\extensions
[2010.06.28 16:31:48 | 000,000,000 | ---D | M] (KC Softwares Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\24m81nvb.default\extensions\{096beb20-06a2-4fb4-ac16-ef911f37775b}
[2010.06.28 16:31:49 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\24m81nvb.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.06.28 16:31:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\24m81nvb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.06.28 16:31:49 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\24m81nvb.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.06.28 16:31:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\24m81nvb.default\extensions\fbdislike@doweb.fr
[2010.06.28 16:31:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\24m81nvb.default\extensions\personas@christopher.beard
[2010.08.01 21:12:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\i2i8m6d8.default\extensions
[2010.07.02 17:34:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\i2i8m6d8.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.07.10 16:14:54 | 000,000,000 | ---D | M] (Faark's Grepolis Bericht 2 Image - Exporter) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\i2i8m6d8.default\extensions\{4b0a905d-b508-4574-8d12-b8fe120ace09}
[2010.07.28 21:43:58 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\i2i8m6d8.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2010.07.10 15:28:30 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\i2i8m6d8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.07.11 21:27:55 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\i2i8m6d8.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.07.02 16:02:00 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\i2i8m6d8.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.07.14 23:02:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\i2i8m6d8.default\extensions\DTToolbar@toolbarnet.com
[2010.07.16 12:02:22 | 000,002,059 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\i2i8m6d8.default\searchplugins\daemon-search.xml
[2010.08.01 21:12:14 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010.06.28 16:31:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:20 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008.02.22 17:24:06 | 000,095,832 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPPDLicenseHelper.dll
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010.06.26 10:03:56 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.06.26 10:03:56 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.06.26 10:03:56 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.06.26 10:03:56 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.06.26 10:03:56 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL (ArcSoft, Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.220.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{092cc73d-0a8d-11df-b812-4061864cbd90}\Shell - "" = AutoRun
O33 - MountPoints2\{092cc73d-0a8d-11df-b812-4061864cbd90}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O33 - MountPoints2\{f592db4a-db81-11de-8088-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f592db4a-db81-11de-8088-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.07.28 21:45:04 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\!!!!!!!!!!FORMAT C!!!!!!!!!
[2010.07.25 21:20:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2010.07.25 20:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.07.25 20:03:08 | 000,000,000 | ---D | C] -- C:\rsit
[2010.07.25 17:07:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Neuer Ordner
[2010.07.25 10:30:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\vlc
[2010.07.23 13:44:53 | 000,839,680 | ---- | C] (hxxp://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2010.07.23 13:44:53 | 000,287,744 | ---- | C] (Kristal StudioD 
 FileDescription) -- C:\Windows\System32\divxa32.acm
[2010.07.23 13:44:52 | 000,438,272 | ---- | C] (On2.com) -- C:\Windows\System32\vp6vfw.dll
[2010.07.23 13:44:52 | 000,391,680 | ---- | C] (Intel Corporation) -- C:\Windows\System32\I263_32.drv
[2010.07.23 13:44:52 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\mp3fhg.acm
[2010.07.23 13:44:52 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2010.07.23 13:44:52 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll
[2010.07.23 13:44:52 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\Windows\System32\huffyuv.dll
[2010.07.23 13:44:51 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx.dll
[2010.07.23 12:33:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Google
[2010.07.22 16:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010.07.22 16:54:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Winamp
[2010.07.22 16:54:43 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010.07.21 16:44:25 | 000,000,000 | -HSD | C] -- C:\found.001
[2010.07.21 16:33:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.07.21 16:33:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.07.21 16:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.07.19 13:49:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Astroburn
[2010.07.19 13:49:19 | 000,000,000 | ---D | C] -- C:\Program Files\Astroburn Toolbar
[2010.07.19 13:43:54 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Astroburn Pro
[2010.07.19 13:43:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Astroburn Pro
[2010.07.19 13:17:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Astroburn Lite
[2010.07.19 13:17:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Astroburn Lite
[2010.07.16 12:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.07.15 20:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
[2010.07.15 20:29:10 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\AnyDVDHD
[2010.07.15 20:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SlySoft
[2010.07.15 16:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\SlySoft
[2010.07.14 23:11:27 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Alcohol 120%
[2010.07.14 23:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2010.07.14 23:01:54 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2010.07.14 23:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.07.14 14:16:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2010.07.13 14:45:28 | 002,134,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2010.07.13 14:45:28 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2adec.dll
[2010.07.13 14:45:28 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mp4sdecd.dll
[2010.07.13 14:45:28 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2010.07.13 14:45:28 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mp43decd.dll
[2010.07.13 14:45:28 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mp3dmod.dll
[2010.07.12 08:18:37 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Recordpad
[2010.07.12 08:18:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Recordpad
[2010.07.11 11:59:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound
[2010.07.11 10:57:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\AudioMoves
[2010.07.11 10:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\AudioMoves
[2010.07.11 10:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\Aspect one
[2010.07.11 10:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\The GodFather
[2010.07.11 10:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3tag
[2010.07.10 18:19:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\BitTorrent
[2010.07.10 18:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.01 21:44:13 | 003,407,872 | ---- | M] () -- C:\Users\***\ntuser.dat
[2010.08.01 21:43:27 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.01 21:43:27 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.01 21:38:05 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130460688-3702063877-4155906110-1000UA.job
[2010.08.01 21:36:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.01 21:36:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.01 21:35:54 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.01 21:26:36 | 002,906,560 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.08.01 21:01:09 | 306,671,769 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.08.01 20:58:55 | 000,006,704 | ---- | M] () -- C:\bootsqm.dat
[2010.08.01 12:38:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130460688-3702063877-4155906110-1000Core.job
[2010.07.29 20:41:48 | 000,465,623 | ---- | M] () -- C:\Users\***\Desktop\I-net.süchtig.jpg
[2010.07.28 17:33:34 | 000,139,128 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.28 17:33:25 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.07.28 11:23:10 | 000,101,824 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.28 11:21:40 | 000,524,288 | -HS- | M] () -- C:\Users\***\ntuser.dat{f35ea76e-9a28-11df-90e6-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010.07.28 11:21:40 | 000,524,288 | -HS- | M] () -- C:\Users\***\ntuser.dat{f35ea76e-9a28-11df-90e6-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010.07.28 11:21:40 | 000,065,536 | -HS- | M] () -- C:\Users\***\ntuser.dat{f35ea76e-9a28-11df-90e6-806e6f6e6963}.TM.blf
[2010.07.28 11:21:04 | 000,377,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.07.28 11:19:18 | 009,437,184 | ---- | M] () -- C:\Users\***\NTUSER.DAT_tureg_old
[2010.07.27 21:16:18 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2010.07.25 20:40:09 | 000,000,215 | ---- | M] () -- C:\Users\***\Desktop\Sniper Ghost Warrior.url
[2010.07.25 19:24:49 | 000,524,288 | -HS- | M] () -- C:\Users\***\ntuser.dat{58d74c09-980f-11df-9743-1c4bd6279909}.TMContainer00000000000000000002.regtrans-ms
[2010.07.25 19:24:49 | 000,524,288 | -HS- | M] () -- C:\Users\***\ntuser.dat{58d74c09-980f-11df-9743-1c4bd6279909}.TMContainer00000000000000000001.regtrans-ms
[2010.07.25 19:24:49 | 000,065,536 | -HS- | M] () -- C:\Users\***\ntuser.dat{58d74c09-980f-11df-9743-1c4bd6279909}.TM.blf
[2010.07.25 10:30:17 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.07.24 21:18:47 | 000,524,288 | -HS- | M] () -- C:\Users\***\ntuser.dat{20733766-9755-11df-8519-1c4bd6279909}.TMContainer00000000000000000002.regtrans-ms
[2010.07.24 21:18:47 | 000,524,288 | -HS- | M] () -- C:\Users\***\ntuser.dat{20733766-9755-11df-8519-1c4bd6279909}.TMContainer00000000000000000001.regtrans-ms
[2010.07.24 21:18:47 | 000,065,536 | -HS- | M] () -- C:\Users\***\ntuser.dat{20733766-9755-11df-8519-1c4bd6279909}.TM.blf
[2010.07.24 20:53:11 | 000,001,709 | ---- | M] () -- C:\Windows\TSearch.INI
[2010.07.24 19:25:08 | 000,022,328 | ---- | M] () -- C:\Users\***\AppData\Roaming\PnkBstrK.sys
[2010.07.23 13:44:55 | 000,001,251 | ---- | M] () -- C:\Users\Public\Desktop\Media Player Classic.lnk
[2010.07.23 12:08:36 | 000,000,211 | ---- | M] () -- C:\Users\***\Documents\kl.updatevonabakus^^.asav
[2010.07.21 16:31:40 | 000,006,846 | ---- | M] () -- C:\Users\Public\Documents\cc_20100721_163137.reg
[2010.07.21 16:31:20 | 000,000,982 | ---- | M] () -- C:\Users\Public\Documents\cc_20100721_163117.reg
[2010.07.21 16:31:03 | 000,001,774 | ---- | M] () -- C:\Users\Public\Documents\cc_20100721_163059.reg
[2010.07.21 16:30:47 | 000,030,782 | ---- | M] () -- C:\Users\Public\Documents\cc_20100721_163035.reg
[2010.07.16 16:19:50 | 000,001,850 | ---- | M] () -- C:\Users\***\Desktop\CNC3KR.lnk
[2010.07.16 13:53:31 | 000,000,035 | ---- | M] () -- C:\Windows\WorldBuilder.INI
[2010.07.15 21:02:53 | 000,000,081 | -HS- | M] () -- C:\ProgramData\.zreglib
[2010.07.14 23:34:28 | 3776,774,143 | ---- | M] () -- C:\Users\***\CNC3KW.iso
[2010.07.14 10:00:00 | 000,108,032 | ---- | M] () -- C:\Windows\System32\ff_vfw.dll
[2010.07.14 10:00:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini
[2010.07.11 23:51:41 | 000,000,211 | ---- | M] () -- C:\Users\***\Documents\PerfekteForschung
[2010.07.11 11:30:07 | 000,002,048 | ---- | M] () -- C:\Users\***\.recently-used_repaired.xbel
[2010.07.11 00:03:24 | 001,536,102 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.11 00:03:24 | 000,667,896 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.11 00:03:24 | 000,627,482 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.11 00:03:24 | 000,135,582 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.11 00:03:24 | 000,111,060 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.10 18:19:38 | 000,001,023 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2010.07.09 15:14:02 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.06 00:43:34 | 003,200,512 | ---- | M] () -- C:\Windows\System32\x264vfw.dll
[2010.07.04 17:06:35 | 000,000,507 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
 
========== Files Created - No Company Name ==========
 
[2010.08.01 20:58:55 | 000,006,704 | ---- | C] () -- C:\bootsqm.dat
[2010.07.29 20:41:47 | 000,465,623 | ---- | C] () -- C:\Users\***\Desktop\I-net.süchtig.jpg
[2010.07.28 18:36:08 | 306,671,769 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.07.28 11:21:40 | 000,524,288 | -HS- | C] () -- C:\Users\***\ntuser.dat{f35ea76e-9a28-11df-90e6-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010.07.28 11:21:40 | 000,524,288 | -HS- | C] () -- C:\Users\***\ntuser.dat{f35ea76e-9a28-11df-90e6-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010.07.28 11:21:40 | 000,065,536 | -HS- | C] () -- C:\Users\***\ntuser.dat{f35ea76e-9a28-11df-90e6-806e6f6e6963}.TM.blf
[2010.07.25 19:24:49 | 000,524,288 | -HS- | C] () -- C:\Users\***\ntuser.dat{58d74c09-980f-11df-9743-1c4bd6279909}.TMContainer00000000000000000002.regtrans-ms
[2010.07.25 19:24:49 | 000,524,288 | -HS- | C] () -- C:\Users\***\ntuser.dat{58d74c09-980f-11df-9743-1c4bd6279909}.TMContainer00000000000000000001.regtrans-ms
[2010.07.25 19:24:49 | 000,065,536 | -HS- | C] () -- C:\Users\***\ntuser.dat{58d74c09-980f-11df-9743-1c4bd6279909}.TM.blf
[2010.07.25 11:18:01 | 000,000,232 | ---- | C] () -- C:\Users\***\Desktop\Call of Duty® World at War.lnk
[2010.07.25 10:30:17 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.07.24 20:57:26 | 000,524,288 | -HS- | C] () -- C:\Users\***\ntuser.dat{20733766-9755-11df-8519-1c4bd6279909}.TMContainer00000000000000000002.regtrans-ms
[2010.07.24 20:57:26 | 000,524,288 | -HS- | C] () -- C:\Users\***\ntuser.dat{20733766-9755-11df-8519-1c4bd6279909}.TMContainer00000000000000000001.regtrans-ms
[2010.07.24 20:57:26 | 000,065,536 | -HS- | C] () -- C:\Users\***\ntuser.dat{20733766-9755-11df-8519-1c4bd6279909}.TM.blf
[2010.07.24 20:53:11 | 000,001,709 | ---- | C] () -- C:\Windows\TSearch.INI
[2010.07.23 13:44:55 | 000,001,251 | ---- | C] () -- C:\Users\Public\Desktop\Media Player Classic.lnk
[2010.07.23 13:44:54 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.07.23 13:44:53 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2010.07.23 13:44:52 | 003,200,512 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2010.07.23 13:44:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.07.23 13:44:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.07.23 13:44:51 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010.07.23 13:44:50 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.07.23 12:33:57 | 000,001,122 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130460688-3702063877-4155906110-1000UA.job
[2010.07.23 12:33:52 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130460688-3702063877-4155906110-1000Core.job
[2010.07.23 12:08:36 | 000,000,211 | ---- | C] () -- C:\Users\***\Documents\kl.updatevonabakus^^.asav
[2010.07.21 16:31:39 | 000,006,846 | ---- | C] () -- C:\Users\Public\Documents\cc_20100721_163137.reg
[2010.07.21 16:31:19 | 000,000,982 | ---- | C] () -- C:\Users\Public\Documents\cc_20100721_163117.reg
[2010.07.21 16:31:01 | 000,001,774 | ---- | C] () -- C:\Users\Public\Documents\cc_20100721_163059.reg
[2010.07.21 16:30:38 | 000,030,782 | ---- | C] () -- C:\Users\Public\Documents\cc_20100721_163035.reg
[2010.07.16 13:53:31 | 000,000,035 | ---- | C] () -- C:\Windows\WorldBuilder.INI
[2010.07.15 16:14:56 | 000,000,081 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.07.14 23:16:35 | 3776,774,143 | ---- | C] () -- C:\Users\***\CNC3KW.iso
[2010.07.13 20:53:17 | 000,001,850 | ---- | C] () -- C:\Users\***\Desktop\CNC3KR.lnk
[2010.07.11 23:51:41 | 000,000,211 | ---- | C] () -- C:\Users\***\Documents\PerfekteForschung
[2010.07.11 11:30:07 | 000,002,048 | ---- | C] () -- C:\Users\***\.recently-used_repaired.xbel
[2010.07.10 18:19:38 | 000,001,023 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2010.07.09 15:14:02 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.06.24 17:13:55 | 000,697,328 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.06.23 22:41:30 | 000,000,761 | ---- | C] () -- C:\Windows\CoD.INI
[2010.06.16 16:45:11 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2010.06.16 16:45:11 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2010.06.12 22:26:47 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.05.27 17:01:17 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\537A527F2E.sys
[2010.05.27 17:01:14 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2010.04.04 19:20:28 | 000,000,051 | ---- | C] () -- C:\Windows\BibiZa.ini
[2010.04.03 22:55:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nvcompiler.dll
[2010.02.09 16:51:26 | 000,000,153 | ---- | C] () -- C:\Windows\INpact_CSS_Hud_tweaker_1.19.INI
[2010.01.31 19:25:16 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2010.01.31 19:24:41 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.12.28 22:36:39 | 000,000,000 | ---- | C] () -- C:\Windows\System32\d3dcsx_42.dll
[2009.11.30 17:36:09 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.11.27 23:37:13 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.10.29 18:23:13 | 000,009,824 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll
[2009.10.07 15:36:38 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.10.07 01:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009.10.07 01:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009.09.27 18:47:00 | 004,622,952 | ---- | C] () -- C:\Windows\System32\nvvitvsr.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.14 02:13:20 | 004,507,648 | ---- | C] () -- C:\Windows\System32\NlsData0414.dll
[2009.07.14 02:13:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\NlsData0011.dll
[2009.07.14 02:13:14 | 010,240,512 | ---- | C] () -- C:\Windows\System32\NlsData000a.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008.07.26 14:42:52 | 000,066,482 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2002.10.16 00:54:04 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
 
========== LOP Check ==========
 
[2010.05.09 11:40:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.purple
[2010.02.21 11:39:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ASCOMP Software
[2010.07.19 14:23:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Astroburn
[2010.07.19 13:17:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Astroburn Lite
[2010.07.19 13:43:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Astroburn Pro
[2010.07.11 12:14:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Audacity
[2010.07.21 22:16:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AudioMoves
[2010.05.29 21:22:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Auslogics
[2010.07.19 14:24:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BitTorrent
[2010.07.25 18:08:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Command & Conquer 3 Kanes Rache
[2010.05.09 11:40:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010.05.30 11:41:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Command and Conquer 4
[2010.06.16 16:53:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\concept design
[2010.07.14 23:02:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2010.06.24 17:23:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Pro
[2010.01.31 19:24:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeAudioPack
[2010.01.31 20:04:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeCDRipper
[2010.01.31 19:07:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeFLVConverter
[2010.05.09 11:40:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreeVideoConverter
[2009.12.14 17:11:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GrabPro
[2009.12.06 16:48:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2010.05.16 10:49:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2010.06.12 17:32:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mkvtoolnix
[2010.07.13 14:05:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\NCH Swift Sound
[2010.04.05 17:19:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Net Control 2
[2010.08.01 20:47:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Orbit
[2010.05.25 10:52:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Philips
[2010.02.01 16:49:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\phonostar GmbH
[2010.05.29 18:11:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDisc
[2010.07.12 08:18:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Recordpad
[2010.05.09 11:40:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Red Alert 3
[2010.06.22 16:26:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\RouterControl
[2010.02.03 19:46:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Search Settings
[2010.05.09 11:41:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony
[2009.12.09 20:51:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Synthesia
[2009.12.30 15:54:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2010.02.21 11:23:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2010.03.09 16:48:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Tific
[2010.05.23 19:24:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2010.07.02 23:09:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Tunngle
[2010.05.29 15:21:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TW7Booster
[2010.08.01 21:29:04 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:1638C3F40D57AF1D
< End of report >
         
--- --- ---


Extras.txt

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 01.08.2010 21:41:55 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\***\Downloads
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 629,35 Gb Free Space | 69,13% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 11,19 Gb Free Space | 55,95% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***-DESKTOP
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MIF5BA~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}" = Firebird SQL Server - MAGIX Edition
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{42B49E02-8422-4B41-BABA-2B282E997462}" = Moorhuhn Kart 3 Demo
"{44A4644A-CF32-47A4-8EFE-ACF7BD12D2CC}" = MUSE Device Manager
"{44C934E4-6610-43D4-8E9B-49F30785013A}" = Command & Conquer 3 Kane's Wrath(TM) Worldbuilder
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56BDDC6B-A676-4559-B9D7-D2E19264E80D}" = Cnc4WorldBuilder
"{5C98D841-6392-41F1-A80E-B1A741F32A95}" = DSL-Speedtest
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7A585C8-CE4E-4150-84C6-A13C3CB1379F}" = Enemy Territory - Quake Wars(TM)
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E237FA24-CFB3-431F-B356-DF8FB116DE4B}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"{E623BB3F-F7ED-4148-BEB5-A0D1DB28B4DE}" = Media Converter for Philips
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F92CDFEB-DB96-4589-B88C-BE181D153445}" = Moorhuhn WE AYCS
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.13 beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode)
"Audacity_is1" = Audacity 1.2.6
"BitTorrent" = BitTorrent
"Call of Duty" = Call of Duty
"CCleaner" = CCleaner
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"EA Download Manager" = EA Download Manager
"FFmpeg for Audacity on Windows_is1" = FFmpeg for Audacity on Windows
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E237FA24-CFB3-431F-B356-DF8FB116DE4B}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.2.0
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MKVtoolnix" = MKVtoolnix 4.0.0
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MP3-Check_is1" = MP3-Check (v1.0.39.0)
"NIS" = Norton Internet Security
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Orbit_is1" = Orbit Downloader
"Protect Disc License Helper" = Protect Disc License Helper 1.0.118
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 240" = Counter-Strike: Source
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 34830" = Sniper: Ghost Warrior
"Steam App 400" = Portal
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"VLC media player" = VLC media player 1.1.1
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"X10Hardware" = X10 Hardware(TM)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Abakus" = Abakus
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---


Der Malwarebytes log kommt noch nach ^^!!(habs ausversehn deinstalliert)^^

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4335

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

25.07.2010 19:59:01
mbam-log-2010-07-25 (19-59-01).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 125303
Laufzeit: 5 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
__________________

Geändert von eqha (01.08.2010 um 21:01 Uhr) Grund: MBAM-Log nachgereicht^^

Alt 01.08.2010, 22:32   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kernel Data Inpage error - Standard

Kernel Data Inpage error



Zitat:
Aber Norton ist mein Antivirenprogramm, des tu ich net deinstallieren, oder wie meinst du das?
ich meine es so wie es da steht. Norton Internet Security würde ich meinem Rechner nicht antun

=> Editorial | c't


Zitat:
Datenbank Version: 4335
Bitte Malwarebytes updaten und einen Vollscan machen. Poste das Log.
Ich kann wohl erst Mittwoch oder Donnerstag wieder posten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.08.2010, 23:21   #5
eqha
 
Kernel Data Inpage error - Standard

Kernel Data Inpage error



Also den Vollscan werd ich noch machen,
aber Norton werde ich sicherlich nicht runterschmeißen, nehme ihn schon seit ka mind. 4-5 jahre und war zufrieden damit.

Den Vollscan reiche ich noch nach.

Aber was ist eig. ein Kernal Data Inpage Error und die Codes dahinter??


Geändert von eqha (02.08.2010 um 00:08 Uhr)

Alt 03.08.2010, 07:54   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kernel Data Inpage error - Standard

Kernel Data Inpage error



Zitat:
nehme ihn schon seit ka mind. 4-5 jahre und war zufrieden damit.
Ändert nichts an den im Artikel erwähnten Tatsachen. Hast Du den Artikel überhaupt gelesen?
__________________
--> Kernel Data Inpage error

Alt 04.08.2010, 21:49   #7
eqha
 
Kernel Data Inpage error - Standard

Kernel Data Inpage error



Natürlich hab ich den Artikel gelesen, aber keiner der anderen Virenscanner läuft perfekt...

Ach und ich krieg die ganze zeit keine rückmeldung wenn der Vollscan läuft -.-

Alt 05.08.2010, 13:49   #8
eqha
 
Kernel Data Inpage error - Standard

Kernel Data Inpage error



Also laut der Windows-Lösung hat meine Festplatte ein Fehler.
D.h. ich werd mal nenn techniker anrufen der sich das ma anscheut^^

Alt 05.08.2010, 16:14   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kernel Data Inpage error - Standard

Kernel Data Inpage error



Zitat:
Natürlich hab ich den Artikel gelesen, aber keiner der anderen Virenscanner läuft perfekt...
Du solltest auch zu einem Virenscanner und nicht zu einer SecuritySuite greifen!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Kernel Data Inpage error
becker, benutzerprofildienst, bho, bluescree, converter, desktop, diagnostics, ebay, eraser, error, excel, flash player, hijack, hijackthis, home, home premium, inpage, install.exe, installation, internet explorer, intrusion prevention, kernel, mozilla, msiexec.exe, notepad.exe, office 2007, plug-in, plug-ins, problem, programdata, realtek, registry, security, senden, server, software, sptd.sys, svchost.exe, symantec, system, usb 2.0, vista, windows, windows 7, windows 7 home, windows 7 home premium, wireless lan, world at war, wscript.exe



Ähnliche Themen: Kernel Data Inpage error


  1. Bluescreen Kernel Data In Page Error Win8
    Log-Analyse und Auswertung - 07.03.2015 (7)
  2. Kernal Data Inpage Error unter Win7 Home Premium
    Alles rund um Windows - 02.03.2015 (4)
  3. Kernel Data Inpage Error Windows 8.1 Acer Tab
    Log-Analyse und Auswertung - 09.02.2015 (12)
  4. Kernel Data Inpage Error Win 7
    Alles rund um Windows - 27.12.2014 (9)
  5. Win8: Bluescreen Kernel Data inpage error
    Log-Analyse und Auswertung - 24.07.2014 (13)
  6. Kernel Stack Inpage Error/Kernel Data Inpage Error
    Alles rund um Windows - 08.11.2010 (6)
  7. Kernel Stack Inpage BSOD
    Alles rund um Windows - 28.07.2010 (1)
  8. Kernel Stack Inpage Error / Blue Screen
    Log-Analyse und Auswertung - 08.06.2010 (1)
  9. Notebook mit XP fährt nicht hoch - Kernel Data Inpage Error
    Alles rund um Windows - 16.03.2009 (1)
  10. kernel-stack-inpage-error
    Log-Analyse und Auswertung - 03.12.2008 (0)
  11. Schwerer Ausnahmefehler Kernel Data Inpage Error (Blue Screen) + Verdacht DNS Problem
    Log-Analyse und Auswertung - 22.03.2008 (0)
  12. Kernel Stack Inpage Error
    Alles rund um Windows - 12.09.2006 (7)
  13. kernel inpage error???
    Log-Analyse und Auswertung - 10.09.2006 (8)
  14. kernel data inpage error
    Plagegeister aller Art und deren Bekämpfung - 23.04.2005 (5)
  15. Kernel.data.inpage.error
    Log-Analyse und Auswertung - 14.12.2004 (13)
  16. Bluescreen bei Win XP: Screen Kernel Stack Inpage Error
    Alles rund um Windows - 28.11.2004 (3)
  17. Kernel Data Inpage Error bei Norton Scan
    Antiviren-, Firewall- und andere Schutzprogramme - 21.08.2004 (3)

Zum Thema Kernel Data Inpage error - Hallo, ich hab mich mal auf diesem Board angemeldet, in der hoffnung man kann mein Problem lösen. Und zwar heute bekam ich zwei Bluescreens mit dem Namen: Kernel Data Inpage - Kernel Data Inpage error...
Archiv
Du betrachtest: Kernel Data Inpage error auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.