Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: trojaner der alles heranzoomt habe keine ahnung:'(

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.10.2010, 11:55   #1
Kike1807
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Icon27

trojaner der alles heranzoomt habe keine ahnung:'(



ich habe einen trojaner auf meinem pc der ist echt blöd:'( alles ist heran gezoomt um die 300% mehr!! Ich kann so nich arbeiten auf meinem laptop habs schon mit vielen pctools ausprobiert... aber ich möchte nicht gerne geld dafür ausgeben... ich habe gehört das man die festplatte neu formatieren kann wie geht das was braucht man dafür und geht/lohnt es sich auch bitte um antwort.

ps hier 3 screenshots um euch zu zeigen wie ich das meine
Miniaturansicht angehängter Grafiken
trojaner der alles heranzoomt  habe keine ahnung:'(-unbenannt.jpg   trojaner der alles heranzoomt  habe keine ahnung:'(-unbenannt1.jpg   trojaner der alles heranzoomt  habe keine ahnung:'(-unbenannt2.jpg  

Alt 12.10.2010, 12:02   #2
markusg
/// Malware-holic
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



ootl:
Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
beide posten
__________________


Alt 12.10.2010, 13:22   #3
Kike1807
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



beim scann läuft was schief...
der macht nichts beim scann... kannst du mir mir vielleicht weiter helfen mach ich irgendetwas falsch?q.q bitte um hilfe

selbst geschaft^^ danke für deine hilfe
__________________

Geändert von Kike1807 (12.10.2010 um 13:35 Uhr)

Alt 12.10.2010, 13:28   #4
Kike1807
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



muss ich denn auch CREATERESTOREPOINT kopieren?? denn ich kopiere es immer mit ein also bitte um hilfe

Alt 12.10.2010, 13:43   #5
Kike1807
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



fukntioniert aber leider nicht... was muss ich denn machen wenn das gescannt wurde?
denn es ist so geblieben schnell bitte ich muss wieder auf mienem laptop arbeiten:'(


Alt 12.10.2010, 13:51   #6
Kike1807
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



das steht dort:
OTL.Txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.10.2010 13:24:11 - Run 1
OTL by OldTimer - Version 3.2.15.1     Folder = c:\Users\Steffen\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218,20 Gb Total Space | 74,24 Gb Free Space | 34,02% Space Free | Partition Type: NTFS
Drive D: | 14,65 Gb Total Space | 8,61 Gb Free Space | 58,77% Space Free | Partition Type: NTFS
 
Computer Name: KIKE-PC | User Name: Steffen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - c:\Users\Steffen\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Programme\PC Optimizer Pro\PCOptimizerPro.exe (Tweaking Tools Inc)
PRC - C:\Programme\Uniblue\RegistryBooster\registrybooster.exe (Uniblue Systems Limited)
PRC - C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
PRC - C:\Programme\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - c:\Users\Steffen\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Programme\PC Tools Security\PCTGMhk.dll (PC Tools)
MOD - C:\Programme\Xfire\xfire_toucan_43094.dll (Xfire Inc.)
MOD - C:\Programme\BearShare Applications\MediaBar\DataMngr\datamngr.dll ()
MOD - C:\Windows\System32\msvcr71.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\System32\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_062a651.dll ()
SRV - (sdCoreService) -- C:\Programme\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (sdAuxService) -- C:\Programme\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (XDva368) -- C:\Windows\System32\XDva368.sys File not found
DRV - (XDva367) -- C:\Windows\System32\XDva367.sys File not found
DRV - (XDva362) -- C:\Windows\System32\XDva362.sys File not found
DRV - (XDva359) -- C:\Windows\System32\XDva359.sys File not found
DRV - (XDva358) -- C:\Windows\System32\XDva358.sys File not found
DRV - (XDva354) -- C:\Windows\System32\XDva354.sys File not found
DRV - (XDva352) -- C:\Windows\System32\XDva352.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (PnkBstrK) -- C:\Windows\System32\drivers\PnkBstrK.sys ()
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (pctEFA) -- C:\Windows\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (35624452) -- C:\Windows\system32\DRIVERS\35624452.sys (Kaspersky Lab)
DRV - (setup_9.0.0.722_10.10.2010_06-36drv) -- C:\Windows\System32\drivers\3562445.sys (Kaspersky Lab)
DRV - (35624451) -- C:\Windows\System32\drivers\35624451.sys (Kaspersky Lab)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (LVUVC) Logitech Webcam 250(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2431245&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {038cb5c7-48ea-4af9-94e0-a1646542e62b}:2.7.2.0
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..keyword.URL: "hxxp://search.bearshare.com/web?src=ffb&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.19 15:00:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.19 15:00:29 | 000,000,000 | ---D | M]
 
[2010.07.17 13:44:11 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Extensions
[2010.10.11 21:38:28 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions
[2010.10.05 13:52:03 | 000,000,000 | ---D | M] (ToggleEN Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}
[2010.09.03 14:53:43 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.08.04 03:42:11 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.07.20 01:38:36 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2010.10.11 21:38:13 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\battlefieldheroespatcher@ea.com
[2010.04.12 14:01:54 | 000,002,476 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\FireFox\Profiles\di5rjcbj.default\searchplugins\BearShareWebSearch.xml
[2010.06.08 11:29:10 | 000,000,927 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\FireFox\Profiles\di5rjcbj.default\searchplugins\conduit.xml
[2010.10.11 21:38:28 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.15 11:18:07 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.11.10 03:30:56 | 000,189,592 | ---- | M] (MGame) -- C:\Programme\Mozilla Firefox\plugins\NPMFireLauncher.dll
[2010.09.19 15:00:22 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.12 14:01:54 | 000,002,476 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2010.09.19 15:00:22 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.19 15:00:22 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.19 15:00:22 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.19 15:00:22 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O2 - BHO: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Programme\BearShare Applications\MediaBar\DataMngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O3 - HKLM\..\Toolbar: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DataMngr] C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PC Optimizer Pro] C:\Program Files\PC Optimizer Pro\StartApps.exe (Tweaking Tools)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [NexonEULauncher]  File not found
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Programme\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk = C:\Users\Steffen\Desktop\Virus Removal Tool\setup_9.0.0.722_10.10.2010_06-36\startup.exe ()
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\gameboxchrome {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll) - C:\Programme\BearShare Applications\MediaBar\DataMngr\datamngr.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{807ea3fa-7850-11df-849d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{807ea3fa-7850-11df-849d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger -  File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo - vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - lvcodec2.dll (Logitech Inc.)
Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.XFR1 - xfcodec.dll ()
Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.12 10:33:45 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2010.10.12 10:33:45 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2010.10.12 10:33:44 | 000,247,824 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010.10.12 10:33:44 | 000,102,184 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010.10.12 10:33:40 | 000,237,632 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010.10.12 10:33:40 | 000,159,296 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010.10.12 10:33:29 | 000,123,968 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplfw.sys
[2010.10.12 10:33:29 | 000,087,400 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-PacketFilter.sys
[2010.10.12 10:33:29 | 000,031,960 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-DNS.sys
[2010.10.12 10:33:28 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010.10.12 10:32:59 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PC Tools
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\Programme\PC Tools Security
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\PC Tools
[2010.10.12 10:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010.10.11 22:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.10.11 22:10:48 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\3562445.sys
[2010.10.11 22:10:48 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\35624451.sys
[2010.10.11 22:10:48 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\35624452.sys
[2010.10.11 22:10:47 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Desktop\Virus Removal Tool
[2010.10.11 21:56:12 | 000,000,000 | ---D | C] -- C:\Programme\OMFGZ Infinite Dll Injector
[2010.10.11 21:55:57 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2010.10.11 21:55:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2010.10.11 21:55:44 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Desktop\OMFGZ Infinite Dll Injector
[2010.10.11 21:54:33 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Users\Steffen\Desktop\setup.exe
[2010.10.09 10:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2010.10.08 21:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2010.10.05 14:12:56 | 000,000,000 | ---D | C] -- C:\Programme\GameBox
[2010.10.05 13:51:59 | 000,000,000 | ---D | C] -- C:\Programme\ConduitEngine
[2010.10.05 13:51:56 | 000,000,000 | ---D | C] -- C:\Programme\ToggleEN
[2010.10.05 13:38:45 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2010.10.04 21:32:41 | 000,000,000 | ---D | C] -- C:\Programme\Hurrican
[2010.10.04 16:06:03 | 000,000,000 | ---D | C] -- C:\Programme\Cheatbook 07.2009
[2010.10.04 15:34:04 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\Fallout3
[2010.10.04 15:33:33 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.10.04 15:14:30 | 000,000,000 | ---D | C] -- C:\Programme\Bethesda Softworks
[2010.10.04 15:14:25 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.10.04 15:14:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.10.04 15:14:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.10.04 15:14:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.10.04 15:14:24 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.10.04 15:14:23 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.10.04 15:14:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.10.04 15:14:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.10.04 15:14:21 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.10.04 15:14:20 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.10.04 15:14:20 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.10.04 15:14:19 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.10.04 15:14:17 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.10.04 13:42:16 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.10.04 13:42:16 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.10.04 13:40:29 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.10.04 13:40:29 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.10.04 13:40:29 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.10.04 13:39:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010.10.04 13:39:46 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Games for Windows - LIVE
[2010.10.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\Cross Fire
[2010.10.02 21:11:52 | 000,000,000 | ---D | C] -- C:\CFLog
[2010.10.02 20:46:14 | 000,000,000 | ---D | C] -- C:\Programme\Z8Games
[2010.10.02 12:40:47 | 000,000,000 | ---D | C] -- C:\Download
[2010.10.02 12:40:26 | 000,000,000 | ---D | C] -- C:\Nexon
[2010.10.02 12:40:25 | 000,438,272 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2010.09.29 16:09:19 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\My Games
[2010.09.27 18:38:50 | 000,000,000 | ---D | C] -- C:\Programme\EA Games
[2010.09.23 20:43:43 | 000,000,000 | ---D | C] -- C:\Programme\ReviverSoft
[2010.09.23 20:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ReviverSoft
[2010.09.23 20:42:14 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\OpenCandy
[2010.09.23 20:42:12 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\OpenCandy
[2010.09.23 14:36:03 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.09.23 14:36:03 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.09.23 14:36:02 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.09.20 18:32:26 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\DivX
[2010.09.20 18:32:08 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine
[2010.09.20 18:31:45 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DivX Shared
[2010.09.20 18:30:08 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.09.20 18:29:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.09.19 20:03:45 | 000,000,000 | ---D | C] -- C:\Programme\HyCam2
[2010.09.19 14:54:39 | 000,000,000 | ---D | C] -- C:\Fraps
[2010.09.19 14:38:39 | 000,000,000 | ---D | C] -- C:\Programme\Game Cam
[2010.09.18 17:55:55 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\HyperCam3
[2010.09.18 17:13:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Solveig Multimedia
[2010.09.18 17:13:11 | 000,000,000 | ---D | C] -- C:\Programme\HyperCam 3
[2010.09.18 17:08:01 | 000,000,000 | ---D | C] -- C:\Programme\CamStudio
[2010.09.16 16:39:49 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\Doom_(1993)_(Id_Software)
[2010.09.16 16:32:05 | 000,000,000 | ---D | C] -- C:\Programme\DOOM 3
[2010.09.16 14:14:38 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\PriceGong
[2010.09.16 14:14:38 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\bearsharemediabartb
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\XfireXO
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\softonic-de3
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\DVDVideoSoftTB
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\Conduit
[2010.09.15 17:01:58 | 736,407,212 | ---- | C] (InstallShield Software Corporation) -- C:\Users\Steffen\Desktop\S4League.exe
[2010.09.14 15:45:37 | 000,000,000 | ---D | C] -- C:\Programme\VTFEdit
[2010.09.14 15:05:48 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\System32\D3DX81ab.dll
[2010.09.14 15:05:47 | 000,000,000 | ---D | C] -- C:\Programme\Cheat Engine
[2010.09.14 14:07:12 | 000,000,000 | ---D | C] -- C:\Programme\AutoIt3
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.12 13:22:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.12 13:15:46 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.12 13:15:41 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.12 12:37:59 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001UA.job
[2010.10.12 10:34:10 | 001,186,460 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2010.10.12 10:29:25 | 000,507,360 | ---- | M] () -- C:\Users\Steffen\Desktop\sdsetup.exe
[2010.10.11 23:09:15 | 000,001,532 | -HS- | M] () -- C:\Windows\setup_9.0.0.722_10.10.2010_06-36drv.spi
[2010.10.11 22:12:46 | 000,002,169 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk
[2010.10.11 22:04:52 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-Steffen-Startup.job
[2010.10.11 22:03:09 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.11 22:03:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2010.10.11 22:02:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.11 22:02:51 | 3181,760,512 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.11 21:55:57 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2010.10.11 21:55:57 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2010.10.11 21:54:36 | 000,000,303 | ---- | M] () -- C:\Windows\ST6UNST.000
[2010.10.11 16:37:59 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001Core.job
[2010.10.09 16:50:01 | 000,011,975 | ---- | M] () -- C:\Users\Steffen\Documents\selbst gemachte limonade machen(^-^).docx
[2010.10.09 16:44:28 | 000,001,744 | ---- | M] () -- C:\Users\Steffen\Desktop\Mozilla Firefox.lnk
[2010.10.08 21:05:03 | 000,001,580 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2010.10.07 20:48:33 | 1779,088,160 | -H-- | M] () -- C:\Users\Steffen\Desktop\LOCO_Setup.exe.part
[2010.10.05 13:40:30 | 000,000,788 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.10.04 21:32:49 | 000,000,841 | ---- | M] () -- C:\Users\Steffen\Desktop\Hurrican.lnk
[2010.10.04 15:33:33 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.10.03 17:38:31 | 000,001,019 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2010.10.02 12:40:25 | 000,438,272 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2010.09.28 20:08:09 | 000,374,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.09.28 13:46:29 | 000,138,184 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.09.28 13:46:08 | 000,215,016 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.09.27 18:54:12 | 000,138,056 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\PnkBstrK.sys
[2010.09.27 18:53:50 | 002,427,248 | ---- | M] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.09.23 20:46:32 | 000,000,794 | ---- | M] () -- C:\Users\Steffen\Desktop\Cheat Engine.lnk
[2010.09.23 14:44:26 | 000,670,934 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.23 14:44:26 | 000,631,636 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.23 14:44:26 | 000,144,082 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.23 14:44:26 | 000,118,262 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.21 15:03:36 | 000,006,756 | ---- | M] () -- C:\Users\Steffen\AppData\Local\d3d9caps.dat
[2010.09.20 18:58:06 | 000,008,192 | ---- | M] () -- C:\Users\Steffen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.20 18:32:47 | 000,001,398 | ---- | M] () -- C:\Users\Steffen\Desktop\DivX Movies.lnk
[2010.09.20 18:32:20 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.09.20 18:32:02 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.09.19 20:25:46 | 000,000,516 | ---- | M] () -- C:\Users\Steffen\Desktop\Fraps.lnk
[2010.09.19 12:59:29 | 000,009,554 | ---- | M] () -- C:\video.pass
[2010.09.18 17:13:14 | 000,000,842 | ---- | M] () -- C:\Users\Steffen\Desktop\HyperCam 3.lnk
[2010.09.18 17:08:16 | 000,000,813 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2010.09.15 17:34:33 | 736,407,212 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Steffen\Desktop\S4League.exe
[2010.09.15 16:53:55 | 000,001,699 | ---- | M] () -- C:\Users\Steffen\Desktop\Notepad.lnk
[2010.09.14 15:45:38 | 000,000,740 | ---- | M] () -- C:\Users\Steffen\Desktop\VTFEdit.lnk
[2010.09.14 14:30:59 | 000,000,291 | ---- | M] () -- C:\Users\Steffen\SciTE.session
[2010.09.14 14:08:34 | 000,031,076 | ---- | M] () -- C:\Users\Steffen\abbrev.properties
 
========== Files Created - No Company Name ==========
 
[2010.10.12 10:33:48 | 001,186,460 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2010.10.12 10:29:40 | 000,507,360 | ---- | C] () -- C:\Users\Steffen\Desktop\sdsetup.exe
[2010.10.11 22:21:21 | 000,001,532 | -HS- | C] () -- C:\Windows\setup_9.0.0.722_10.10.2010_06-36drv.spi
[2010.10.11 22:12:46 | 000,002,169 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk
[2010.10.11 21:54:36 | 000,000,303 | ---- | C] () -- C:\Windows\ST6UNST.000
[2010.10.09 16:50:00 | 000,011,975 | ---- | C] () -- C:\Users\Steffen\Documents\selbst gemachte limonade machen(^-^).docx
[2010.10.09 16:44:28 | 000,001,744 | ---- | C] () -- C:\Users\Steffen\Desktop\Mozilla Firefox.lnk
[2010.10.08 21:05:03 | 000,001,580 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2010.10.05 13:38:46 | 000,000,788 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.10.04 21:32:49 | 000,000,841 | ---- | C] () -- C:\Users\Steffen\Desktop\Hurrican.lnk
[2010.10.03 17:38:31 | 000,001,019 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2010.10.02 16:33:18 | 000,001,114 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001UA.job
[2010.10.02 16:33:16 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001Core.job
[2010.10.02 16:28:15 | 1779,088,160 | -H-- | C] () -- C:\Users\Steffen\Desktop\LOCO_Setup.exe.part
[2010.09.27 18:53:49 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.09.23 20:44:18 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\Registry Reviver-Steffen-Startup.job
[2010.09.20 18:32:47 | 000,001,398 | ---- | C] () -- C:\Users\Steffen\Desktop\DivX Movies.lnk
[2010.09.20 18:32:20 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.09.20 18:32:02 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.09.19 20:25:46 | 000,000,516 | ---- | C] () -- C:\Users\Steffen\Desktop\Fraps.lnk
[2010.09.18 17:13:14 | 000,000,842 | ---- | C] () -- C:\Users\Steffen\Desktop\HyperCam 3.lnk
[2010.09.18 17:08:16 | 000,000,813 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2010.09.15 16:53:55 | 000,001,699 | ---- | C] () -- C:\Users\Steffen\Desktop\Notepad.lnk
[2010.09.14 15:45:38 | 000,000,740 | ---- | C] () -- C:\Users\Steffen\Desktop\VTFEdit.lnk
[2010.09.14 15:05:50 | 000,000,794 | ---- | C] () -- C:\Users\Steffen\Desktop\Cheat Engine.lnk
[2010.09.14 15:05:48 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.09.14 14:30:59 | 000,000,291 | ---- | C] () -- C:\Users\Steffen\SciTE.session
[2010.09.14 14:08:34 | 000,031,076 | ---- | C] () -- C:\Users\Steffen\abbrev.properties
[2010.09.09 13:05:37 | 000,008,192 | ---- | C] () -- C:\Users\Steffen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.01 19:00:53 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010.08.20 16:15:50 | 000,000,552 | ---- | C] () -- C:\Users\Steffen\AppData\Local\d3d8caps.dat
[2010.07.24 19:58:48 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.24 19:58:47 | 000,138,056 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\PnkBstrK.sys
[2010.07.09 21:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.06.15 10:27:16 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010.06.15 10:27:13 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2010.06.15 10:15:51 | 000,006,756 | ---- | C] () -- C:\Users\Steffen\AppData\Local\d3d9caps.dat
[2010.06.14 21:35:23 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1576.dll
[2009.08.07 19:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.05.08 10:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009.04.30 16:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
========== LOP Check ==========
 
[2010.10.08 18:50:22 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\ICQ
[2010.10.05 14:41:48 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\Teeworlds
[2010.08.04 23:06:42 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\UseNeXT
[2010.09.16 14:15:25 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\bearsharemediabartb
[2010.09.01 19:01:33 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\Leadertech
[2010.07.20 01:43:25 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\MusicNet
[2010.09.23 20:42:12 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\OpenCandy
[2010.09.16 14:14:38 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\PriceGong
[2010.08.04 22:54:40 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\Uniblue
[2010.07.20 01:31:58 | 000,000,296 | ---- | M] () -- C:\Windows\Tasks\BearShare NAG.job
[2010.10.11 22:04:52 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\Registry Reviver-Steffen-Startup.job
[2010.10.11 22:03:09 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2010.10.11 22:02:03 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
<  >
 
========== Files - Unicode (All) ==========
[2010.10.09 10:42:32 | 000,000,000 | ---D | M](C:\Users\Steffen\Documents\?? ???) -- C:\Users\Steffen\Documents\넥슨 플러그
[2010.10.09 10:42:32 | 000,000,000 | ---D | C](C:\Users\Steffen\Documents\?? ???) -- C:\Users\Steffen\Documents\넥슨 플러그
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
         
--- --- ---





Extras.Txt:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12.10.2010 13:24:11 - Run 1
OTL by OldTimer - Version 3.2.15.1     Folder = c:\Users\Steffen\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218,20 Gb Total Space | 74,24 Gb Free Space | 34,02% Space Free | Partition Type: NTFS
Drive D: | 14,65 Gb Total Space | 8,61 Gb Free Space | 58,77% Space Free | Partition Type: NTFS
 
Computer Name: KIKE-PC | User Name: Steffen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4C8B1755-A67D-421A-A1C2-826F3EF80FCA}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface | 
"{633F1973-8B42-4096-BABC-FB39393B3BDC}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{84CA6922-08B6-48E1-8343-708D274C5170}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{9624AB2E-F324-452E-B995-C2A459CA479A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{C09B7C51-8FE6-41C6-8EDE-C214A30152F5}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03910F00-6DE6-43C5-B7E2-E5B034F59DBE}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"{04025BF5-06D2-46C4-8B37-A036C16741E9}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{0738C38C-A8DC-4DBE-A8CE-63E5B5C16B71}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | 
"{08665967-A5A0-44B2-94EC-00CB732F5C3B}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe | 
"{127FDA84-6990-4614-B509-56114A822423}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{201220D0-5350-43EB-84A3-9B2DA7FC6775}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{20C86574-F1CD-48BF-BA3E-AAB8888D975C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{21775559-A821-452E-BE2E-A563D3578317}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{2ACD5085-6AE9-495E-AA3A-973BC6455B48}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe | 
"{36F10B03-DAF4-46C3-9E02-BA2F5954F2A6}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{3E5BBF84-F048-48A0-A7ED-A491F4D69546}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe | 
"{3F1A093F-0D90-47A3-A301-82D3E654104F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{4089CD84-0AC6-4E61-9622-7FAE9B5FC7DC}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{4C7ADFA8-0F8A-45FB-A3A5-51D36678C702}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{4DF08CAB-B385-4A70-AA2D-755FEF8B91B5}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | 
"{5937D2CF-2B27-4041-862B-87A0CE8C7A57}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{63334128-68AD-4A74-AFC2-F96D71673435}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{68F1021E-434E-4E0E-9B1F-C0D0FAB51DC8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{6942EC95-AE6C-4C5B-9BB2-A2E10E8E2266}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{738D68D6-791F-4092-85EB-961FF992CE8B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{77ACF2EB-97D5-436A-AA0E-BBE628476776}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{78813B60-E022-48C5-AC8A-13F9EDD9CFF6}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{78B32F87-8223-4687-A64A-8B83C78F6039}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe | 
"{89855C7B-1624-412F-9A22-F1E85FD0466D}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"{9B679BB9-206B-4149-803D-EF71DEC85531}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{9EC0FFDE-A034-425D-AC82-37825E7249D0}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{ABBC2E29-792F-4A3D-A787-E6FE20D4929E}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{B19B7414-08A7-4554-90CF-F275CDC52F48}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{B6BE9ABE-0595-442A-8C04-A60C3850A1F8}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"{B6CA0FB9-08D0-4438-AE82-E35D8886C3B0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B7150442-7A73-48D5-9D3D-01579C484D98}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{B7DCAB15-A08C-4971-A93B-07BE313DA8BC}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{C4AFE685-1F9A-4836-BEF4-07B2A0E9A02F}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"{D2E3F04B-E133-4CDB-8645-7447C94B81A1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{DE31BFBF-746F-48E1-ABA9-CEF5AD84F161}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{E2CA6A41-6D90-455B-97C8-B837949617C8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E93E100A-AFA1-4AD1-A529-AE8E8CD60AA4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{EF4075CB-489D-46B3-B8A7-DC4E4F4FBD02}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{F5D9C5D7-7A8A-4701-87B2-433797BA4640}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"TCP Query User{29D2B9DC-E2CE-43DE-B7EE-CA2A255DC941}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe | 
"TCP Query User{4A0FC996-1921-42BB-8A6A-067C24921906}C:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe | 
"TCP Query User{C3BB8354-C1B5-47E1-B6FD-BAA384622A61}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"TCP Query User{EAC525EE-CA27-408F-AC08-32521FD7D7BD}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{0CF276FB-FB9F-4408-BA12-2C9CEE2E94C6}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe | 
"UDP Query User{236957ED-EA89-4AA2-8C8C-3C6BB70F7953}C:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe | 
"UDP Query User{7F3AC2AA-E66E-4506-BE8B-06AC37FF4BD6}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"UDP Query User{B7C1BB9C-A722-4C58-AED6-14C02557AF64}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1B3EC2E9-67E3-4D10-B1B8-BD71D7DC8930}" = Eternia LastChaos
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{310945EF-6EC9-4D54-9E67-36EAF4AF7A95}" = S4 League_EU
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CBEA715-B6DD-4943-B505-5E435C2B6126}" = S4 League_EU
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{BC27061D-FFCE-4931-A05F-AC964CC026CA}" = Registry Reviver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D66F2695-E97D-4D42-A793-2F02ACB7E2A4}" = S4 League_EU
"{DB52432E-3AD8-41A5-A586-0F065FB6A31E}" = Game Cam
"{E285F3B1-A840-414F-9A95-47627A16E633}" = AvalonHeroesEU
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{EE53A1EB-B273-4657-B39E-93E0B29FA880}" = S4 League_EU
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"Akamai" = Akamai NetSession Interface
"AutoItv3" = AutoIt v3.3.6.1
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BearShare" = BearShare
"BearShare MediaBar" = MediaBar
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"CamStudio" = CamStudio
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"Cheatbook 07.2009" = Cheatbook 07.2009
"Combat Arms EU" = Combat Arms EU
"conduitEngine" = Conduit Engine
"Cross Fire_is1" = Cross Fire En
"Digital DJ Pro" = Digital DJ Pro 1.7.0
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FlorensiaEN" = FlorensiaEN 1.0
"Fraps" = Fraps (remove only)
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.0
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.8
"Game Cam" = Game Cam 2.54.0.47
"GameBox" = GameBox Toolbar
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Hurrican_is1" = Hurrican 1.0.0.4
"HyperCam 2" = HyperCam 2
"HyperCam 3" = HyperCam 3
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"OPERATION7" = OPERATION7
"PC Optimizer Pro" = PC Optimizer Pro
"PriceGong" = PriceGong 2.1.0
"PunkBusterSvc" = PunkBuster Services
"RegistryReviver" = Registry Reviver
"SciTE4AutoIt3" = SciTE4AutoIt3 2/28/2010
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Spyware Doctor" = Spyware Doctor 8.0
"ST6UNST #1" = OMFGZ Infinite Dll Injector
"Steam App 13140" = America's Army 3
"Steam App 310" = Team Fortress 2 Dedicated Server
"ToggleEN Toolbar" = ToggleEN Toolbar
"TweakUAC_is1" = TweakUAC
"Uninstall_is1" = Uninstall 1.0.0.1
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 1.1.4
"VTFEdit_is1" = VTFEdit 1.2.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12.10.2010 07:18:14 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:18:14 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:28:20 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:28:20 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
[ Broadcom Wireless LAN Events ]
Error - 20.08.2010 08:47:24 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 14:47:24, Fri, Aug 20, 10 Error - Unable to gain access to user store

 
Error - 29.08.2010 07:53:29 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 13:53:28, Sun, Aug 29, 10 Error - Unable to gain access to user store

 
Error - 30.08.2010 10:28:52 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 16:28:51, Mon, Aug 30, 10 Error - Unable to gain access to user store

 
Error - 06.09.2010 15:02:04 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 21:02:03, Mon, Sep 06, 10 Error - Unable to gain access to user store

 
Error - 07.09.2010 10:39:25 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 16:39:25, Tue, Sep 07, 10 Error - Unable to gain access to user store

 
Error - 26.09.2010 12:57:19 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 18:57:18, Sun, Sep 26, 10 Error - Unable to gain access to user store

 
Error - 01.10.2010 02:51:57 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 08:51:56, Fri, Oct 01, 10 Error - Unable to gain access to user store

 
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---

was soll ich jetzt tun?
endschuldigen wegen so vielen posts auf einmal^^

Alt 12.10.2010, 13:55   #7
Kike1807
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



das steht dort:
OTL.Txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.10.2010 13:24:11 - Run 1
OTL by OldTimer - Version 3.2.15.1     Folder = c:\Users\Steffen\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218,20 Gb Total Space | 74,24 Gb Free Space | 34,02% Space Free | Partition Type: NTFS
Drive D: | 14,65 Gb Total Space | 8,61 Gb Free Space | 58,77% Space Free | Partition Type: NTFS
 
Computer Name: KIKE-PC | User Name: Steffen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - c:\Users\Steffen\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Programme\PC Optimizer Pro\PCOptimizerPro.exe (Tweaking Tools Inc)
PRC - C:\Programme\Uniblue\RegistryBooster\registrybooster.exe (Uniblue Systems Limited)
PRC - C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
PRC - C:\Programme\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - c:\Users\Steffen\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Programme\PC Tools Security\PCTGMhk.dll (PC Tools)
MOD - C:\Programme\Xfire\xfire_toucan_43094.dll (Xfire Inc.)
MOD - C:\Programme\BearShare Applications\MediaBar\DataMngr\datamngr.dll ()
MOD - C:\Windows\System32\msvcr71.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\System32\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_062a651.dll ()
SRV - (sdCoreService) -- C:\Programme\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (sdAuxService) -- C:\Programme\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (XDva368) -- C:\Windows\System32\XDva368.sys File not found
DRV - (XDva367) -- C:\Windows\System32\XDva367.sys File not found
DRV - (XDva362) -- C:\Windows\System32\XDva362.sys File not found
DRV - (XDva359) -- C:\Windows\System32\XDva359.sys File not found
DRV - (XDva358) -- C:\Windows\System32\XDva358.sys File not found
DRV - (XDva354) -- C:\Windows\System32\XDva354.sys File not found
DRV - (XDva352) -- C:\Windows\System32\XDva352.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (PnkBstrK) -- C:\Windows\System32\drivers\PnkBstrK.sys ()
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (pctEFA) -- C:\Windows\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (35624452) -- C:\Windows\system32\DRIVERS\35624452.sys (Kaspersky Lab)
DRV - (setup_9.0.0.722_10.10.2010_06-36drv) -- C:\Windows\System32\drivers\3562445.sys (Kaspersky Lab)
DRV - (35624451) -- C:\Windows\System32\drivers\35624451.sys (Kaspersky Lab)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (LVUVC) Logitech Webcam 250(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2431245&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {038cb5c7-48ea-4af9-94e0-a1646542e62b}:2.7.2.0
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..keyword.URL: "hxxp://search.bearshare.com/web?src=ffb&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.19 15:00:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.19 15:00:29 | 000,000,000 | ---D | M]
 
[2010.07.17 13:44:11 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Extensions
[2010.10.11 21:38:28 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions
[2010.10.05 13:52:03 | 000,000,000 | ---D | M] (ToggleEN Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}
[2010.09.03 14:53:43 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.08.04 03:42:11 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.07.20 01:38:36 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2010.10.11 21:38:13 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\mozilla\Firefox\Profiles\di5rjcbj.default\extensions\battlefieldheroespatcher@ea.com
[2010.04.12 14:01:54 | 000,002,476 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\FireFox\Profiles\di5rjcbj.default\searchplugins\BearShareWebSearch.xml
[2010.06.08 11:29:10 | 000,000,927 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Mozilla\FireFox\Profiles\di5rjcbj.default\searchplugins\conduit.xml
[2010.10.11 21:38:28 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.15 11:18:07 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.11.10 03:30:56 | 000,189,592 | ---- | M] (MGame) -- C:\Programme\Mozilla Firefox\plugins\NPMFireLauncher.dll
[2010.09.19 15:00:22 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.12 14:01:54 | 000,002,476 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2010.09.19 15:00:22 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.19 15:00:22 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.19 15:00:22 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.19 15:00:22 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O2 - BHO: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Programme\BearShare Applications\MediaBar\DataMngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O3 - HKLM\..\Toolbar: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Programme\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (GameBox Toolbar) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Programme\XfireXO\tbXfi1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DataMngr] C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\DataMngrUI.exe File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PC Optimizer Pro] C:\Program Files\PC Optimizer Pro\StartApps.exe (Tweaking Tools)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [NexonEULauncher]  File not found
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Programme\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk = C:\Users\Steffen\Desktop\Virus Removal Tool\setup_9.0.0.722_10.10.2010_06-36\startup.exe ()
O4 - Startup: C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\gameboxchrome {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - C:\Programme\GameBox\gamebox_toolbar.dll ()
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll) - C:\Programme\BearShare Applications\MediaBar\DataMngr\datamngr.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{807ea3fa-7850-11df-849d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{807ea3fa-7850-11df-849d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000 begin_of_the_skype_highlighting**************056-444553540000******end_of_the_skype_highlighting} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger -  File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo - vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - lvcodec2.dll (Logitech Inc.)
Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.XFR1 - xfcodec.dll ()
Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.12 10:33:45 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2010.10.12 10:33:45 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2010.10.12 10:33:44 | 000,247,824 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010.10.12 10:33:44 | 000,102,184 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010.10.12 10:33:40 | 000,237,632 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010.10.12 10:33:40 | 000,159,296 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010.10.12 10:33:29 | 000,123,968 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplfw.sys
[2010.10.12 10:33:29 | 000,087,400 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-PacketFilter.sys
[2010.10.12 10:33:29 | 000,031,960 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-DNS.sys
[2010.10.12 10:33:28 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010.10.12 10:32:59 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PC Tools
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\Programme\PC Tools Security
[2010.10.12 10:32:58 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\PC Tools
[2010.10.12 10:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010.10.11 22:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.10.11 22:10:48 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\3562445.sys
[2010.10.11 22:10:48 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\35624451.sys
[2010.10.11 22:10:48 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\35624452.sys
[2010.10.11 22:10:47 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Desktop\Virus Removal Tool
[2010.10.11 21:56:12 | 000,000,000 | ---D | C] -- C:\Programme\OMFGZ Infinite Dll Injector
[2010.10.11 21:55:57 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2010.10.11 21:55:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2010.10.11 21:55:44 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Desktop\OMFGZ Infinite Dll Injector
[2010.10.11 21:54:33 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Users\Steffen\Desktop\setup.exe
[2010.10.09 10:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2010.10.08 21:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2010.10.05 14:12:56 | 000,000,000 | ---D | C] -- C:\Programme\GameBox
[2010.10.05 13:51:59 | 000,000,000 | ---D | C] -- C:\Programme\ConduitEngine
[2010.10.05 13:51:56 | 000,000,000 | ---D | C] -- C:\Programme\ToggleEN
[2010.10.05 13:38:45 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2010.10.04 21:32:41 | 000,000,000 | ---D | C] -- C:\Programme\Hurrican
[2010.10.04 16:06:03 | 000,000,000 | ---D | C] -- C:\Programme\Cheatbook 07.2009
[2010.10.04 15:34:04 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\Fallout3
[2010.10.04 15:33:33 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.10.04 15:14:30 | 000,000,000 | ---D | C] -- C:\Programme\Bethesda Softworks
[2010.10.04 15:14:25 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.10.04 15:14:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.10.04 15:14:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.10.04 15:14:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.10.04 15:14:24 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.10.04 15:14:23 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.10.04 15:14:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.10.04 15:14:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.10.04 15:14:21 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.10.04 15:14:20 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.10.04 15:14:20 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.10.04 15:14:19 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.10.04 15:14:17 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.10.04 13:42:16 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.10.04 13:42:16 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.10.04 13:40:29 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.10.04 13:40:29 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.10.04 13:40:29 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.10.04 13:39:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010.10.04 13:39:46 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Games for Windows - LIVE
[2010.10.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\Cross Fire
[2010.10.02 21:11:52 | 000,000,000 | ---D | C] -- C:\CFLog
[2010.10.02 20:46:14 | 000,000,000 | ---D | C] -- C:\Programme\Z8Games
[2010.10.02 12:40:47 | 000,000,000 | ---D | C] -- C:\Download
[2010.10.02 12:40:26 | 000,000,000 | ---D | C] -- C:\Nexon
[2010.10.02 12:40:25 | 000,438,272 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2010.09.29 16:09:19 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\My Games
[2010.09.27 18:38:50 | 000,000,000 | ---D | C] -- C:\Programme\EA Games
[2010.09.23 20:43:43 | 000,000,000 | ---D | C] -- C:\Programme\ReviverSoft
[2010.09.23 20:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ReviverSoft
[2010.09.23 20:42:14 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\OpenCandy
[2010.09.23 20:42:12 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\OpenCandy
[2010.09.23 14:36:03 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.09.23 14:36:03 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.09.23 14:36:02 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.09.20 18:32:26 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\DivX
[2010.09.20 18:32:08 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine
[2010.09.20 18:31:45 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DivX Shared
[2010.09.20 18:30:08 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.09.20 18:29:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.09.19 20:03:45 | 000,000,000 | ---D | C] -- C:\Programme\HyCam2
[2010.09.19 14:54:39 | 000,000,000 | ---D | C] -- C:\Fraps
[2010.09.19 14:38:39 | 000,000,000 | ---D | C] -- C:\Programme\Game Cam
[2010.09.18 17:55:55 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\HyperCam3
[2010.09.18 17:13:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Solveig Multimedia
[2010.09.18 17:13:11 | 000,000,000 | ---D | C] -- C:\Programme\HyperCam 3
[2010.09.18 17:08:01 | 000,000,000 | ---D | C] -- C:\Programme\CamStudio
[2010.09.16 16:39:49 | 000,000,000 | ---D | C] -- C:\Users\Steffen\Documents\Doom_(1993)_(Id_Software)
[2010.09.16 16:32:05 | 000,000,000 | ---D | C] -- C:\Programme\DOOM 3
[2010.09.16 14:14:38 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\PriceGong
[2010.09.16 14:14:38 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Roaming\bearsharemediabartb
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\XfireXO
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\softonic-de3
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\DVDVideoSoftTB
[2010.09.16 14:14:37 | 000,000,000 | ---D | C] -- C:\Users\Steffen\AppData\Local\Conduit
[2010.09.15 17:01:58 | 736,407,212 | ---- | C] (InstallShield Software Corporation) -- C:\Users\Steffen\Desktop\S4League.exe
[2010.09.14 15:45:37 | 000,000,000 | ---D | C] -- C:\Programme\VTFEdit
[2010.09.14 15:05:48 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\System32\D3DX81ab.dll
[2010.09.14 15:05:47 | 000,000,000 | ---D | C] -- C:\Programme\Cheat Engine
[2010.09.14 14:07:12 | 000,000,000 | ---D | C] -- C:\Programme\AutoIt3
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.12 13:22:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.12 13:15:46 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.12 13:15:41 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.12 12:37:59 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001UA.job
[2010.10.12 10:34:10 | 001,186,460 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2010.10.12 10:29:25 | 000,507,360 | ---- | M] () -- C:\Users\Steffen\Desktop\sdsetup.exe
[2010.10.11 23:09:15 | 000,001,532 | -HS- | M] () -- C:\Windows\setup_9.0.0.722_10.10.2010_06-36drv.spi
[2010.10.11 22:12:46 | 000,002,169 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk
[2010.10.11 22:04:52 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-Steffen-Startup.job
[2010.10.11 22:03:09 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.11 22:03:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2010.10.11 22:02:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.11 22:02:51 | 3181,760,512 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.11 21:55:57 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2010.10.11 21:55:57 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2010.10.11 21:54:36 | 000,000,303 | ---- | M] () -- C:\Windows\ST6UNST.000
[2010.10.11 16:37:59 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001Core.job
[2010.10.09 16:50:01 | 000,011,975 | ---- | M] () -- C:\Users\Steffen\Documents\selbst gemachte limonade machen(^-^).docx
[2010.10.09 16:44:28 | 000,001,744 | ---- | M] () -- C:\Users\Steffen\Desktop\Mozilla Firefox.lnk
[2010.10.08 21:05:03 | 000,001,580 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2010.10.07 20:48:33 | 1779,088,160 | -H-- | M] () -- C:\Users\Steffen\Desktop\LOCO_Setup.exe.part
[2010.10.05 13:40:30 | 000,000,788 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.10.04 21:32:49 | 000,000,841 | ---- | M] () -- C:\Users\Steffen\Desktop\Hurrican.lnk
[2010.10.04 15:33:33 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.10.03 17:38:31 | 000,001,019 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2010.10.02 12:40:25 | 000,438,272 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2010.09.28 20:08:09 | 000,374,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.09.28 13:46:29 | 000,138,184 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.09.28 13:46:08 | 000,215,016 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.09.27 18:54:12 | 000,138,056 | ---- | M] () -- C:\Users\Steffen\AppData\Roaming\PnkBstrK.sys
[2010.09.27 18:53:50 | 002,427,248 | ---- | M] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.09.23 20:46:32 | 000,000,794 | ---- | M] () -- C:\Users\Steffen\Desktop\Cheat Engine.lnk
[2010.09.23 14:44:26 | 000,670,934 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.23 14:44:26 | 000,631,636 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.23 14:44:26 | 000,144,082 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.23 14:44:26 | 000,118,262 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.21 15:03:36 | 000,006,756 | ---- | M] () -- C:\Users\Steffen\AppData\Local\d3d9caps.dat
[2010.09.20 18:58:06 | 000,008,192 | ---- | M] () -- C:\Users\Steffen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.20 18:32:47 | 000,001,398 | ---- | M] () -- C:\Users\Steffen\Desktop\DivX Movies.lnk
[2010.09.20 18:32:20 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.09.20 18:32:02 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.09.19 20:25:46 | 000,000,516 | ---- | M] () -- C:\Users\Steffen\Desktop\Fraps.lnk
[2010.09.19 12:59:29 | 000,009,554 | ---- | M] () -- C:\video.pass
[2010.09.18 17:13:14 | 000,000,842 | ---- | M] () -- C:\Users\Steffen\Desktop\HyperCam 3.lnk
[2010.09.18 17:08:16 | 000,000,813 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2010.09.15 17:34:33 | 736,407,212 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Steffen\Desktop\S4League.exe
[2010.09.15 16:53:55 | 000,001,699 | ---- | M] () -- C:\Users\Steffen\Desktop\Notepad.lnk
[2010.09.14 15:45:38 | 000,000,740 | ---- | M] () -- C:\Users\Steffen\Desktop\VTFEdit.lnk
[2010.09.14 14:30:59 | 000,000,291 | ---- | M] () -- C:\Users\Steffen\SciTE.session
[2010.09.14 14:08:34 | 000,031,076 | ---- | M] () -- C:\Users\Steffen\abbrev.properties
 
========== Files Created - No Company Name ==========
 
[2010.10.12 10:33:48 | 001,186,460 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2010.10.12 10:29:40 | 000,507,360 | ---- | C] () -- C:\Users\Steffen\Desktop\sdsetup.exe
[2010.10.11 22:21:21 | 000,001,532 | -HS- | C] () -- C:\Windows\setup_9.0.0.722_10.10.2010_06-36drv.spi
[2010.10.11 22:12:46 | 000,002,169 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_10.10.2010_06-36.lnk
[2010.10.11 21:54:36 | 000,000,303 | ---- | C] () -- C:\Windows\ST6UNST.000
[2010.10.09 16:50:00 | 000,011,975 | ---- | C] () -- C:\Users\Steffen\Documents\selbst gemachte limonade machen(^-^).docx
[2010.10.09 16:44:28 | 000,001,744 | ---- | C] () -- C:\Users\Steffen\Desktop\Mozilla Firefox.lnk
[2010.10.08 21:05:03 | 000,001,580 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2010.10.05 13:38:46 | 000,000,788 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.10.04 21:32:49 | 000,000,841 | ---- | C] () -- C:\Users\Steffen\Desktop\Hurrican.lnk
[2010.10.03 17:38:31 | 000,001,019 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2010.10.02 16:33:18 | 000,001,114 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001UA.job
[2010.10.02 16:33:16 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3256610812-1698582216-1686267213-1001Core.job
[2010.10.02 16:28:15 | 1779,088,160 | -H-- | C] () -- C:\Users\Steffen\Desktop\LOCO_Setup.exe.part
[2010.09.27 18:53:49 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.09.23 20:44:18 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\Registry Reviver-Steffen-Startup.job
[2010.09.20 18:32:47 | 000,001,398 | ---- | C] () -- C:\Users\Steffen\Desktop\DivX Movies.lnk
[2010.09.20 18:32:20 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.09.20 18:32:02 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.09.19 20:25:46 | 000,000,516 | ---- | C] () -- C:\Users\Steffen\Desktop\Fraps.lnk
[2010.09.18 17:13:14 | 000,000,842 | ---- | C] () -- C:\Users\Steffen\Desktop\HyperCam 3.lnk
[2010.09.18 17:08:16 | 000,000,813 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2010.09.15 16:53:55 | 000,001,699 | ---- | C] () -- C:\Users\Steffen\Desktop\Notepad.lnk
[2010.09.14 15:45:38 | 000,000,740 | ---- | C] () -- C:\Users\Steffen\Desktop\VTFEdit.lnk
[2010.09.14 15:05:50 | 000,000,794 | ---- | C] () -- C:\Users\Steffen\Desktop\Cheat Engine.lnk
[2010.09.14 15:05:48 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.09.14 14:30:59 | 000,000,291 | ---- | C] () -- C:\Users\Steffen\SciTE.session
[2010.09.14 14:08:34 | 000,031,076 | ---- | C] () -- C:\Users\Steffen\abbrev.properties
[2010.09.09 13:05:37 | 000,008,192 | ---- | C] () -- C:\Users\Steffen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.01 19:00:53 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010.08.20 16:15:50 | 000,000,552 | ---- | C] () -- C:\Users\Steffen\AppData\Local\d3d8caps.dat
[2010.07.24 19:58:48 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.24 19:58:47 | 000,138,056 | ---- | C] () -- C:\Users\Steffen\AppData\Roaming\PnkBstrK.sys
[2010.07.09 21:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.06.15 10:27:16 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2010.06.15 10:27:13 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2010.06.15 10:15:51 | 000,006,756 | ---- | C] () -- C:\Users\Steffen\AppData\Local\d3d9caps.dat
[2010.06.14 21:35:23 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1576.dll
[2009.08.07 19:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.05.08 10:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009.04.30 16:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
========== LOP Check ==========
 
[2010.10.08 18:50:22 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\ICQ
[2010.10.05 14:41:48 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\Teeworlds
[2010.08.04 23:06:42 | 000,000,000 | ---D | M] -- C:\Users\Kike\AppData\Roaming\UseNeXT
[2010.09.16 14:15:25 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\bearsharemediabartb
[2010.09.01 19:01:33 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\Leadertech
[2010.07.20 01:43:25 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\MusicNet
[2010.09.23 20:42:12 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\OpenCandy
[2010.09.16 14:14:38 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\PriceGong
[2010.08.04 22:54:40 | 000,000,000 | ---D | M] -- C:\Users\Steffen\AppData\Roaming\Uniblue
[2010.07.20 01:31:58 | 000,000,296 | ---- | M] () -- C:\Windows\Tasks\BearShare NAG.job
[2010.10.11 22:04:52 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\Registry Reviver-Steffen-Startup.job
[2010.10.11 22:03:09 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2010.10.11 22:02:03 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
<  >
 
========== Files - Unicode (All) ==========
[2010.10.09 10:42:32 | 000,000,000 | ---D | M](C:\Users\Steffen\Documents\?? ???) -- C:\Users\Steffen\Documents\넥슨 플러그
[2010.10.09 10:42:32 | 000,000,000 | ---D | C](C:\Users\Steffen\Documents\?? ???) -- C:\Users\Steffen\Documents\넥슨 플러그
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
         
--- --- ---





Extras.Txt:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12.10.2010 13:24:11 - Run 1
OTL by OldTimer - Version 3.2.15.1     Folder = c:\Users\Steffen\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218,20 Gb Total Space | 74,24 Gb Free Space | 34,02% Space Free | Partition Type: NTFS
Drive D: | 14,65 Gb Total Space | 8,61 Gb Free Space | 58,77% Space Free | Partition Type: NTFS
 
Computer Name: KIKE-PC | User Name: Steffen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4C8B1755-A67D-421A-A1C2-826F3EF80FCA}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface | 
"{633F1973-8B42-4096-BABC-FB39393B3BDC}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{84CA6922-08B6-48E1-8343-708D274C5170}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{9624AB2E-F324-452E-B995-C2A459CA479A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{C09B7C51-8FE6-41C6-8EDE-C214A30152F5}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03910F00-6DE6-43C5-B7E2-E5B034F59DBE}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"{04025BF5-06D2-46C4-8B37-A036C16741E9}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{0738C38C-A8DC-4DBE-A8CE-63E5B5C16B71}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | 
"{08665967-A5A0-44B2-94EC-00CB732F5C3B}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe | 
"{127FDA84-6990-4614-B509-56114A822423}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{201220D0-5350-43EB-84A3-9B2DA7FC6775}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{20C86574-F1CD-48BF-BA3E-AAB8888D975C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{21775559-A821-452E-BE2E-A563D3578317}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{2ACD5085-6AE9-495E-AA3A-973BC6455B48}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe | 
"{36F10B03-DAF4-46C3-9E02-BA2F5954F2A6}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{3E5BBF84-F048-48A0-A7ED-A491F4D69546}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\america's army 3\binaries\aa3game.exe | 
"{3F1A093F-0D90-47A3-A301-82D3E654104F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{4089CD84-0AC6-4E61-9622-7FAE9B5FC7DC}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{4C7ADFA8-0F8A-45FB-A3A5-51D36678C702}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{4DF08CAB-B385-4A70-AA2D-755FEF8B91B5}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | 
"{5937D2CF-2B27-4041-862B-87A0CE8C7A57}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{63334128-68AD-4A74-AFC2-F96D71673435}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{68F1021E-434E-4E0E-9B1F-C0D0FAB51DC8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{6942EC95-AE6C-4C5B-9BB2-A2E10E8E2266}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{738D68D6-791F-4092-85EB-961FF992CE8B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{77ACF2EB-97D5-436A-AA0E-BBE628476776}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{78813B60-E022-48C5-AC8A-13F9EDD9CFF6}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{78B32F87-8223-4687-A64A-8B83C78F6039}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe | 
"{89855C7B-1624-412F-9A22-F1E85FD0466D}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"{9B679BB9-206B-4149-803D-EF71DEC85531}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{9EC0FFDE-A034-425D-AC82-37825E7249D0}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{ABBC2E29-792F-4A3D-A787-E6FE20D4929E}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{B19B7414-08A7-4554-90CF-F275CDC52F48}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{B6BE9ABE-0595-442A-8C04-A60C3850A1F8}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"{B6CA0FB9-08D0-4438-AE82-E35D8886C3B0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B7150442-7A73-48D5-9D3D-01579C484D98}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{B7DCAB15-A08C-4971-A93B-07BE313DA8BC}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{C4AFE685-1F9A-4836-BEF4-07B2A0E9A02F}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"{D2E3F04B-E133-4CDB-8645-7447C94B81A1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{DE31BFBF-746F-48E1-ABA9-CEF5AD84F161}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{E2CA6A41-6D90-455B-97C8-B837949617C8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E93E100A-AFA1-4AD1-A529-AE8E8CD60AA4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{EF4075CB-489D-46B3-B8A7-DC4E4F4FBD02}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 
"{F5D9C5D7-7A8A-4701-87B2-433797BA4640}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"TCP Query User{29D2B9DC-E2CE-43DE-B7EE-CA2A255DC941}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe | 
"TCP Query User{4A0FC996-1921-42BB-8A6A-067C24921906}C:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe | 
"TCP Query User{C3BB8354-C1B5-47E1-B6FD-BAA384622A61}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"TCP Query User{EAC525EE-CA27-408F-AC08-32521FD7D7BD}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
"UDP Query User{0CF276FB-FB9F-4408-BA12-2C9CEE2E94C6}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe | 
"UDP Query User{236957ED-EA89-4AA2-8C8C-3C6BB70F7953}C:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\users\kike\appdata\roaming\icq\application\icq7.2\icq.exe | 
"UDP Query User{7F3AC2AA-E66E-4506-BE8B-06AC37FF4BD6}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | 
"UDP Query User{B7C1BB9C-A722-4C58-AED6-14C02557AF64}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1B3EC2E9-67E3-4D10-B1B8-BD71D7DC8930}" = Eternia LastChaos
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{310945EF-6EC9-4D54-9E67-36EAF4AF7A95}" = S4 League_EU
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CBEA715-B6DD-4943-B505-5E435C2B6126}" = S4 League_EU
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{BC27061D-FFCE-4931-A05F-AC964CC026CA}" = Registry Reviver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D66F2695-E97D-4D42-A793-2F02ACB7E2A4}" = S4 League_EU
"{DB52432E-3AD8-41A5-A586-0F065FB6A31E}" = Game Cam
"{E285F3B1-A840-414F-9A95-47627A16E633}" = AvalonHeroesEU
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{EE53A1EB-B273-4657-B39E-93E0B29FA880}" = S4 League_EU
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"Akamai" = Akamai NetSession Interface
"AutoItv3" = AutoIt v3.3.6.1
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BearShare" = BearShare
"BearShare MediaBar" = MediaBar
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"CamStudio" = CamStudio
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"Cheatbook 07.2009" = Cheatbook 07.2009
"Combat Arms EU" = Combat Arms EU
"conduitEngine" = Conduit Engine
"Cross Fire_is1" = Cross Fire En
"Digital DJ Pro" = Digital DJ Pro 1.7.0
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FlorensiaEN" = FlorensiaEN 1.0
"Fraps" = Fraps (remove only)
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.0
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.8
"Game Cam" = Game Cam 2.54.0.47
"GameBox" = GameBox Toolbar
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Hurrican_is1" = Hurrican 1.0.0.4
"HyperCam 2" = HyperCam 2
"HyperCam 3" = HyperCam 3
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"OPERATION7" = OPERATION7
"PC Optimizer Pro" = PC Optimizer Pro
"PriceGong" = PriceGong 2.1.0
"PunkBusterSvc" = PunkBuster Services
"RegistryReviver" = Registry Reviver
"SciTE4AutoIt3" = SciTE4AutoIt3 2/28/2010
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Spyware Doctor" = Spyware Doctor 8.0
"ST6UNST #1" = OMFGZ Infinite Dll Injector
"Steam App 13140" = America's Army 3
"Steam App 310" = Team Fortress 2 Dedicated Server
"ToggleEN Toolbar" = ToggleEN Toolbar
"TweakUAC_is1" = TweakUAC
"Uninstall_is1" = Uninstall 1.0.0.1
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 1.1.4
"VTFEdit_is1" = VTFEdit 1.2.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12.10.2010 07:18:14 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:18:14 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:18:25 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:28:20 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:28:20 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
Error - 12.10.2010 07:28:29 | Computer Name = Kike-PC | Source = VSS | ID = 12289
Description = 
 
[ Broadcom Wireless LAN Events ]
Error - 20.08.2010 08:47:24 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 14:47:24, Fri, Aug 20, 10 Error - Unable to gain access to user store

 
Error - 29.08.2010 07:53:29 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 13:53:28, Sun, Aug 29, 10 Error - Unable to gain access to user store

 
Error - 30.08.2010 10:28:52 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 16:28:51, Mon, Aug 30, 10 Error - Unable to gain access to user store

 
Error - 06.09.2010 15:02:04 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 21:02:03, Mon, Sep 06, 10 Error - Unable to gain access to user store

 
Error - 07.09.2010 10:39:25 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 16:39:25, Tue, Sep 07, 10 Error - Unable to gain access to user store

 
Error - 26.09.2010 12:57:19 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 18:57:18, Sun, Sep 26, 10 Error - Unable to gain access to user store

 
Error - 01.10.2010 02:51:57 | Computer Name = Kike-PC | Source = WLAN-Tray | ID = 0
Description = 08:51:56, Fri, Oct 01, 10 Error - Unable to gain access to user store

 
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---


was soll ich jetzt tun?
endschuldigen wegen so vielen posts auf einmal^^

Alt 12.10.2010, 14:42   #8
markusg
/// Malware-holic
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



du willst ja neu formatieren, hast du eine windows vista cd zur hand? bzw eine recovery cd?

Alt 12.10.2010, 14:44   #9
Kike1807
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



ich vermute schon... wenn ich die CD habe was muss ich dann machen einfach durchlaufen lassen?

Alt 12.10.2010, 14:48   #10
markusg
/// Malware-holic
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



also du musst erst mal alles an daten sichern, was du so benötigst. auf nen usb stick etc. dann schau erst mal ob du ne windows cd hast. und obs ne recovery cd ist oder einfach nur ne windows cd.

Alt 12.10.2010, 15:02   #11
Kike1807
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



hab die recovery cd

Alt 12.10.2010, 15:04   #12
Kike1807
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



hab die recovery cd^^

Alt 12.10.2010, 15:13   #13
Kike1807
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



und was soll ich jetzt machen?^^

Alt 12.10.2010, 15:26   #14
markusg
/// Malware-holic
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



erst mal abwarten, du bist schließlich nicht der einzige nutzer.
hast du deine daten gesichert oder nicht?

Alt 12.10.2010, 15:34   #15
Kike1807
 
trojaner der alles heranzoomt  habe keine ahnung:'( - Standard

trojaner der alles heranzoomt habe keine ahnung:'(



ja und jetzt soll ich etwas aussuchen... bei der inspiron resource cd. und ich weiss nicht was ich tun soll und sry das ich dich so nerve^^"

Antwort

Themen zu trojaner der alles heranzoomt habe keine ahnung:'(
ahnung, arbeiten, blöd, brauch, festplatte, formatiere, formatieren, geld, laptop, neu, pctools, platte, screenshots, troja, trojaner



Ähnliche Themen: trojaner der alles heranzoomt habe keine ahnung:'(


  1. Alles probiert, komme nicht weiter, habe keine Ahnung, schwarzer Bildschirm nach Windowsupdate
    Log-Analyse und Auswertung - 20.02.2015 (22)
  2. Ich, (weiblich .und habe eigentlich keine Ahnung ;) habe mir Keylogger und änliches eingefangen
    Plagegeister aller Art und deren Bekämpfung - 01.03.2013 (3)
  3. Bitte Hilfe - Ich habe keine Ahnung!
    Plagegeister aller Art und deren Bekämpfung - 24.02.2009 (19)
  4. Hjackthis Post, Habe leider keine Ahnung davon..
    Log-Analyse und Auswertung - 17.03.2008 (4)
  5. Habe einen Trojaner/Virus und keine Ahnung von soetwas :( Läst sich nicht entfernen
    Log-Analyse und Auswertung - 22.10.2007 (2)
  6. Bitte Helfen;habe Keine Ahnung!!!
    Plagegeister aller Art und deren Bekämpfung - 13.12.2006 (11)
  7. habe seltsame Dateien - und keine Ahnung!!
    Plagegeister aller Art und deren Bekämpfung - 11.12.2006 (2)
  8. Hilfe!Habe Trojaner! Hab keine Ahnung wie zu löschen
    Log-Analyse und Auswertung - 29.08.2006 (6)
  9. Ich brauch dringend Hilfe, habe allerdings keine Ahnung von Computern...
    Log-Analyse und Auswertung - 20.08.2006 (2)
  10. Habe Trojaner problem aber keine Ahnung :-o
    Log-Analyse und Auswertung - 27.07.2006 (2)
  11. Mein Log-File...von dem ich keine Ahnung habe was es aussagt!!!
    Log-Analyse und Auswertung - 15.06.2006 (3)
  12. habe keine ahnung, aber irgendwas ist falsch
    Log-Analyse und Auswertung - 27.05.2006 (3)
  13. Habe keine Ahnung was los ist Hilfe bitte
    Log-Analyse und Auswertung - 11.10.2005 (6)
  14. Einmal bitte durchgucken.Habe leider keine Ahnung
    Log-Analyse und Auswertung - 16.08.2005 (2)
  15. Trojan.StartPage. Habe überhaupt keine Ahnung
    Plagegeister aller Art und deren Bekämpfung - 09.03.2005 (4)
  16. Habe keine Ahnung von Viren, o.ä. und habe ein Problem mit about:blank als Startseite
    Plagegeister aller Art und deren Bekämpfung - 01.02.2005 (8)
  17. Logfile, habe keine Ahnung..
    Log-Analyse und Auswertung - 07.08.2004 (2)

Zum Thema trojaner der alles heranzoomt habe keine ahnung:'( - ich habe einen trojaner auf meinem pc der ist echt blöd:'( alles ist heran gezoomt um die 300% mehr!! Ich kann so nich arbeiten auf meinem laptop habs schon mit - trojaner der alles heranzoomt habe keine ahnung:'(...
Archiv
Du betrachtest: trojaner der alles heranzoomt habe keine ahnung:'( auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.