Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: malware,trojaner,oder doch nur paranoia ;)?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.12.2010, 11:09   #1
cronolux
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



hey leute,schaut euch das ma an und sacht mir was dazu, hab ich probleme ?
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:10:07, on 15.12.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe
C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
C:\Program Files (x86)\G Data\InternetSecurity\GUI\GDSC.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ixtreme_m5740&r=173602102216p0345v1i5y48330267
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ixtreme_m5740&r=173602102216p0345v1i5y48330267
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=ixtreme_m5740&r=173602102216p0345v1i5y48330267
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Software Suite SE] "C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe" /run
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix: 
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Filesystem Monitor (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 11263 bytes
         
--- --- ---

Alt 17.12.2010, 09:20   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



Zitat:
hab ich probleme
Wieso wirfst du und ein HJT-Log hier rein ohne Problembeschreibung? Irgendeinen Anlasse wird es ja geben und das musst du genau beschreiben!
__________________

__________________

Alt 17.12.2010, 11:45   #3
cronolux
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



ja hey,hey immer mit der ruhe...du weißt doch,freundlichkeit is ein boomerang .
es gab seitens meines kreditinstitutes nur die sorge,dass ich nen trojaner auf meiner maschine hab,da man sich während meiner abwesenheit wohl in mein online banking schleichen wollte . hab bitdefender,spybot,a-squared,g-data und Malwarebytes drüber laufen lassen,paar viren aufgespürt und vernichtet. wollte nun mal wissen,ob euch was in der richtung auffällt.mein pc zickt nicht rum,kriege keine mails oder hab layer auf der seite meiner bank, in denen ich aufgefordert werde meine tans einzugebn.
__________________

Alt 17.12.2010, 12:35   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



Zitat:
du weißt doch,freundlichkeit is ein boomerang
Und das Einhalten der Forenregeln zähle ich mal mit zu "Freundlichkeit"

Zitat:
es gab seitens meines kreditinstitutes nur die sorge,dass ich nen trojaner auf meiner maschine hab,da man sich während meiner abwesenheit wohl in mein online banking schleichen wollte
Das hättest du anfangs gleich mit erwähnen können oder sollen wir lieber die rauskramen?

Zitat:
und Malwarebytes drüber laufen lassen,paar viren aufgespürt und vernichtet
Und wieso lässt du diese Logs weg?
Bitte alles an vorhandenen Logs posten!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.12.2010, 22:27   #5
cronolux
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



malwarebytes

Malwarebytes' Anti-Malware 1.12
Datenbank Version: 722

Scan Art: Schnell Scan
Objekte gescannt: 30400
Scan Dauer: 2 minute(s), 24 second(s)

Infizierte Speicher Prozesse: 0
Infizierte Speicher Module: 0
Infizierte Registrierungsschlüssel: 21
Infizierte Registrierungswerte: 0
Infizierte Datei Objekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicher Prozesse:
(Keine Malware Objekte gefunden)

Infizierte Speicher Module:
(Keine Malware Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\asapcom.asapenvelope (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{286e500c-ef0a-4aa3-a94d-e495f653ef4b} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{319260ab-be0c-4025-8569-7a27ed2faab9} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ac5bc54-b13b-4642-99f9-0baa2d116184} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9809a6b4-70b1-4bb2-b3b5-b415763a534e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d5178f77-c5e6-4e8f-9787-48b5d7eccce8} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapenvelope.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmessage (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmessage.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapclass (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapclass.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmain (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmain.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asaprecipients (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asaprecipients.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21447c90-6ec1-4fc1-9379-bd515008aedb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{32c97a37-e2b8-4097-9330-5f3e1125e181} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b0c3de1b-e3ff-4dd0-9229-f452cf9c678e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d2d94732-a74d-433c-98f7-9ed740e82ae9} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{dfd5d79b-ef2f-4a51-9821-5b469f05262e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{bce2e826-d0f5-41c8-97be-28a6f540ceeb} (Adware.Hotbar) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine Malware Objekte gefunden)

Infizierte Datei Objekte der Registrierung:
(Keine Malware Objekte gefunden)

Infizierte Verzeichnisse:
(Keine Malware Objekte gefunden)

Infizierte Dateien:
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\asapsdk.dll (Adware.Hotbar) -> Quarantined and deleted successfully.


Alt 17.12.2010, 22:35   #6
cronolux
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



DSS


Deckard's System Scanner v20071014.68
Run by MediaMarkt on 2010-12-17 23:28:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

CreateFirstRunRp is disabled or missing; attempting to fix...success.
Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
9: 2010-12-17 10:21:06 UTC - RP131 - Windows Update
8: 2010-12-16 11:39:09 UTC - RP130 - Windows Update
7: 2010-12-14 08:36:11 UTC - RP129 - Windows Update
6: 2010-12-13 11:23:53 UTC - RP128 - Installiert Star Wars Battlefront II
5: 2010-12-13 11:15:47 UTC - RP127 - Windows-Sicherung


-- First Restore Point --
1: 2010-12-03 15:59:07 UTC - RP123 - Windows Update


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as MediaMarkt.exe) ------------------------------------------

HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:30:04, on 17.12.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe
C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files (x86)\a-squared Anti-Malware\a2guard.exe
C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
F:\Moi\BigT\VundoFix.exe
C:\PROGRA~2\FREEDO~1\fdm.exe
F:\OTL.exe
F:\Moi\BigT\dss.exe
C:\PROGRA~2\TRENDM~1\HIJACK~1\MediaMarkt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) -  - (no file)
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll
O4 - HKLM\..\Run: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [a-squared] "C:\Program Files (x86)\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"
O4 - HKCU\..\Run: [Software Suite SE] "C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe" /run
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix: 
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Filesystem Monitor (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11531 bytes
         
--- --- ---

-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - %SystemRoot%\System32\imageres.dll,-68
.cmd - cmdfile - DefaultIcon - %SystemRoot%\System32\imageres.dll,-68
.chm - chm.file - DefaultIcon - %SystemRoot%\hh.exe,0
.chm - chm.file - shell\open\command - "%SystemRoot%\hh.exe" %1
.cpl - cplfile - shell\cplopen\command - %SystemRoot%\System32\control.exe "%1",%*
.hlp - hlpfile - shell\open\command - %SystemRoot%\winhlp32.exe %1
.inf - inffile - DefaultIcon - %SystemRoot%\System32\imageres.dll,-69
.ini - inifile - DefaultIcon - imageres.dll,-69
.js - JSFile - DefaultIcon - C:\Windows\System32\WScript.exe,3
.js - JSFile - shell\open\command - C:\Windows\System32\WScript.exe "%1" %*
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.reg - regfile - shell\edit\command - %SystemRoot%\system32\notepad.exe "%1"
.scr - scrfile - shell\open\command - "%1" %*
.txt - txtfile - DefaultIcon - %SystemRoot%\system32\imageres.dll,-102
.vbs - VBSFile - shell\open\command - "%SystemRoot%\System32\WScript.exe" "%1" %*
.vbs - VBSFile - shell\edit\command - "%SystemRoot%\System32\Notepad.exe" %1


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys (file missing)
R0 adp94xx - c:\windows\system32\drivers\adp94xx.sys (file missing)
R0 adpahci - c:\windows\system32\drivers\adpahci.sys (file missing)
R0 adpu320 - c:\windows\system32\drivers\adpu320.sys (file missing)
R0 aliide - c:\windows\system32\drivers\aliide.sys (file missing)
R0 amdide - c:\windows\system32\drivers\amdide.sys (file missing)
R0 amdsata - c:\windows\system32\drivers\amdsata.sys (file missing)
R0 amdsbs - c:\windows\system32\drivers\amdsbs.sys (file missing)
R0 amdxata - c:\windows\system32\drivers\amdxata.sys (file missing)
R0 arc - c:\windows\system32\drivers\arc.sys (file missing)
R0 arcsas (Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver) - c:\windows\system32\drivers\arcsas.sys (file missing)
R0 atapi (IDE-Kanal) - c:\windows\system32\drivers\atapi.sys (file missing)
R0 bdfsfltr - c:\windows\system32\drivers\bdfsfltr.sys (file missing)
R0 CLFS (Gemeinsames Protokoll (CLFS)) - c:\windows\system32\clfs.sys (file missing)
R0 cmdide - c:\windows\system32\drivers\cmdide.sys (file missing)
R0 CNG - c:\windows\system32\drivers\cng.sys (file missing)
R0 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys (file missing)
R0 Disk (Laufwerktreiber) - c:\windows\system32\drivers\disk.sys (file missing)
R0 elxstor - c:\windows\system32\drivers\elxstor.sys (file missing)
R0 FileInfo (File Information FS MiniFilter) - c:\windows\system32\drivers\fileinfo.sys (file missing)
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing)
R0 fvevol (Filtertreiber der Bitlocker-Laufwerkverschlüsselung) - c:\windows\system32\drivers\fvevol.sys (file missing)
R0 GDBehave - c:\windows\system32\drivers\gdbehave.sys (file missing)
R0 HpSAMD - c:\windows\system32\drivers\hpsamd.sys (file missing)
R0 hwpolicy (Hardware Policy Driver) - c:\windows\system32\drivers\hwpolicy.sys (file missing)
R0 iaStorV (Intel RAID Controller Windows 7) - c:\windows\system32\drivers\iastorv.sys (file missing)
R0 iirsp - c:\windows\system32\drivers\iirsp.sys (file missing)
R0 intelide - c:\windows\system32\drivers\intelide.sys (file missing)
R0 isapnp - c:\windows\system32\drivers\isapnp.sys (file missing)
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing)
R0 KSecPkg - c:\windows\system32\drivers\ksecpkg.sys (file missing)
R0 LSI_FC - c:\windows\system32\drivers\lsi_fc.sys (file missing)
R0 LSI_SAS - c:\windows\system32\drivers\lsi_sas.sys (file missing)
R0 LSI_SAS2 - c:\windows\system32\drivers\lsi_sas2.sys (file missing)
R0 LSI_SCSI - c:\windows\system32\drivers\lsi_scsi.sys (file missing)
R0 megasas - c:\windows\system32\drivers\megasas.sys (file missing)
R0 MegaSR - c:\windows\system32\drivers\megasr.sys (file missing)
R0 mountmgr (Bereitstellungspunkt-Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing)
R0 mpio (Microsoft Multi-Path Bus Driver) - c:\windows\system32\drivers\mpio.sys (file missing)
R0 msahci - c:\windows\system32\drivers\msahci.sys (file missing)
R0 msdsm (Microsoft Multi-Path Device Specific Module) - c:\windows\system32\drivers\msdsm.sys (file missing)
R0 msisadrv - c:\windows\system32\drivers\msisadrv.sys (file missing)
R0 Mup - c:\windows\system32\drivers\mup.sys (file missing)
R0 NDIS (NDIS-Systemtreiber) - c:\windows\system32\drivers\ndis.sys (file missing)
R0 nfrd960 - c:\windows\system32\drivers\nfrd960.sys (file missing)
R0 nvraid - c:\windows\system32\drivers\nvraid.sys (file missing)
R0 nvstor - c:\windows\system32\drivers\nvstor.sys (file missing)
R0 partmgr (Partitions-Manager) - c:\windows\system32\drivers\partmgr.sys (file missing)
R0 pci (PCI-Bus-Treiber) - c:\windows\system32\drivers\pci.sys (file missing)
R0 pciide - c:\windows\system32\drivers\pciide.sys (file missing)
R0 pcw (Performance Counters for Windows Driver) - c:\windows\system32\drivers\pcw.sys (file missing)
R0 PxHlpa64 - c:\windows\system32\drivers\pxhlpa64.sys (file missing)
R0 ql2300 (QLogic Fibre Channel Miniport Driver) - c:\windows\system32\drivers\ql2300.sys (file missing)
R0 ql40xx (QLogic iSCSI Miniport Driver) - c:\windows\system32\drivers\ql40xx.sys (file missing)
R0 rdyboost (ReadyBoost) - c:\windows\system32\drivers\rdyboost.sys (file missing)
R0 sbp2port (SBP-2 Transport/Protocol Bus Driver) - c:\windows\system32\drivers\sbp2port.sys (file missing)
R0 SiSRaid2 - c:\windows\system32\drivers\sisraid2.sys (file missing)
R0 SiSRaid4 - c:\windows\system32\drivers\sisraid4.sys (file missing)
R0 spldr (Security Processor Loader Driver) - c:\windows\system32\drivers\spldr.sys (file missing)
R0 stexstor - c:\windows\system32\drivers\stexstor.sys (file missing)
R0 Tcpip (TCP/IP-Protokolltreiber) - c:\windows\system32\drivers\tcpip.sys (file missing)
R0 vdrvroot (Microsoft Virtual Drive Enumerator Driver) - c:\windows\system32\drivers\vdrvroot.sys (file missing)
R0 viaide - c:\windows\system32\drivers\viaide.sys (file missing)
R0 volmgr (Volume Manager Driver) - c:\windows\system32\drivers\volmgr.sys (file missing)
R0 volmgrx (Dynamischer Volume-Manager) - c:\windows\system32\drivers\volmgrx.sys (file missing)
R0 volsnap (Speichervolumes) - c:\windows\system32\drivers\volsnap.sys (file missing)
R0 vsmraid - c:\windows\system32\drivers\vsmraid.sys (file missing)
R0 Wd (Microsoft Watchdog Timer Driver) - c:\windows\system32\drivers\wd.sys (file missing)
R0 Wdf01000 (Kernel Mode Driver Frameworks service) - c:\windows\system32\drivers\wdf01000.sys (file missing)
R1 AFD (Ancillary Function Driver for Winsock) - c:\windows\system32\drivers\afd.sys (file missing)
R1 Beep - c:\windows\system32\drivers\beep.sys (file missing)
R1 blbdrive - c:\windows\system32\drivers\blbdrive.sys (file missing)
R1 cdrom (CD-ROM-Laufwerktreiber) - c:\windows\system32\drivers\cdrom.sys (file missing)
R1 DfsC (DFS Namespace Client Driver) - c:\windows\system32\drivers\dfsc.sys (file missing)
R1 discache (System Attribute Cache) - c:\windows\system32\drivers\discache.sys (file missing)
R1 gdwfpcd (G DATA WFP CD) - c:\windows\system32\drivers\gdwfpcd64.sys (file missing)
R1 GRD (G Data Rootkit Detector Driver) - c:\windows\system32\drivers\grd.sys (file missing)
R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing)
R1 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys (file missing)
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys (file missing)
R1 NetBT - c:\windows\system32\drivers\netbt.sys (file missing)
R1 Npfs - c:\windows\system32\drivers\npfs.sys (file missing)
R1 nsiproxy (NSI proxy service driver.) - c:\windows\system32\drivers\nsiproxy.sys (file missing)
R1 Null - c:\windows\system32\drivers\null.sys (file missing)
R1 Psched (QoS-Paketplaner) - c:\windows\system32\drivers\pacer.sys (file missing)
R1 rdbss (Umgeleitetes Puffersubsystem) - c:\windows\system32\drivers\rdbss.sys (file missing)
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing)
R1 RDPENCDD (RDP Encoder Mirror Driver) - c:\windows\system32\drivers\rdpencdd.sys (file missing)
R1 RDPREFMP (Reflector Display Driver used to gain access to graphics data) - c:\windows\system32\drivers\rdprefmp.sys (file missing)
R1 tdx (NetIO-Legacy-TDI-Supporttreiber) - c:\windows\system32\drivers\tdx.sys (file missing)
R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys (file missing)
R1 VgaSave - c:\windows\system32\drivers\vga.sys (file missing)
R1 Wanarpv6 (Remotezugriff-IPv6-ARP-Treiber) - c:\windows\system32\drivers\wanarp.sys (file missing)
R1 WfpLwf (WFP Lightweight Filter) - c:\windows\system32\drivers\wfplwf.sys (file missing)
R2 lltdio (Link-Layer Topology Discovery Mapper I/O Driver) - c:\windows\system32\drivers\lltdio.sys (file missing)
R2 luafv (UAC-Dateivirtualisierung) - c:\windows\system32\drivers\luafv.sys (file missing)
R2 PEAUTH - c:\windows\system32\drivers\peauth.sys (file missing)
R2 rspndr (Link-Layer Topology Discovery Responder) - c:\windows\system32\drivers\rspndr.sys (file missing)
R2 secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing)
R2 tcpipreg (TCP/IP Registry Compatibility) - c:\windows\system32\drivers\tcpipreg.sys (file missing)
R3 1394ohci (OHCI-konformer 1394-Hostcontroller) - c:\windows\system32\drivers\1394ohci.sys (file missing)
R3 a2exec (a-squared OnExecution scan driver.) - \??\c:\program files (x86)\a-squared anti-malware\a2exec64.sys
R3 BDFM - c:\windows\system32\drivers\bdfm.sys (file missing)
R3 bowser (Browsersupporttreiber) - c:\windows\system32\drivers\bowser.sys (file missing)
R3 CompositeBus (Composite Bus Enumerator Driver) - c:\windows\system32\drivers\compositebus.sys (file missing)
R3 DXGKrnl (LDDM Graphics Subsystem) - c:\windows\system32\drivers\dxgkrnl.sys (file missing)
R3 e1kexpress (Intel(R) PRO/1000 PCI Express Network Connection Driver K) - c:\windows\system32\drivers\e1k62x64.sys (file missing)
R3 fastfat (FAT12/16/32 File System Driver) - c:\windows\system32\drivers\fastfat.sys (file missing)
R3 GDMnIcpt - c:\windows\system32\drivers\miniicpt.sys (file missing)
R3 GDPkIcpt - c:\windows\system32\drivers\pkticpt.sys (file missing)
R3 GearAspiWDM - c:\windows\system32\drivers\gearaspiwdm.sys (file missing)
R3 HCW85BDA (Hauppauge WinTV 885 Video Capture) - c:\windows\system32\drivers\hcw85bda.sys (file missing)
R3 HDAudBus (Microsoft-UAA-Bustreiber für High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys (file missing)
R3 HidUsb (Microsoft HID Class-Treiber) - c:\windows\system32\drivers\hidusb.sys (file missing)
R3 HookCentre - c:\windows\system32\drivers\hookcentre.sys (file missing)
R3 HTTP - c:\windows\system32\drivers\http.sys (file missing)
R3 i8042prt (i8042-Tastatur- und PS/2-Mausanschluss-Treiber) - c:\windows\system32\drivers\i8042prt.sys (file missing)
R3 IntcAzAudAddService (Service for Realtek HD Audio (WDM)) - c:\windows\system32\drivers\rtkvhd64.sys (file missing)
R3 intelppm (Intel-Prozessortreiber) - c:\windows\system32\drivers\intelppm.sys (file missing)
R3 kbdclass (Tastaturklassentreiber) - c:\windows\system32\drivers\kbdclass.sys (file missing)
R3 ksthunk (Kernel Streaming Thunks) - c:\windows\system32\drivers\ksthunk.sys (file missing)
R3 monitor (Microsoft Monitor-Klassenfunktionstreiber-Dienst) - c:\windows\system32\drivers\monitor.sys (file missing)
R3 mouclass (Mausklassentreiber) - c:\windows\system32\drivers\mouclass.sys (file missing)
R3 mpsdrv (Windows-Firewallautorisierungstreiber) - c:\windows\system32\drivers\mpsdrv.sys (file missing)
R3 mrxsmb (SMB-Miniredirector-Wrapper und -Modul) - c:\windows\system32\drivers\mrxsmb.sys (file missing)
R3 mrxsmb10 (SMB 1.x-Miniredirector) - c:\windows\system32\drivers\mrxsmb10.sys (file missing)
R3 mrxsmb20 (SMB 2.0-Miniredirector) - c:\windows\system32\drivers\mrxsmb20.sys (file missing)
R3 NdisTapi (RAS-NDIS-TAPI-Treiber) - c:\windows\system32\drivers\ndistapi.sys (file missing)
R3 NdisWan (RAS-NDIS-WAN-Treiber) - c:\windows\system32\drivers\ndiswan.sys (file missing)
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys (file missing)
R3 Ntfs - c:\windows\system32\drivers\ntfs.sys (file missing)
R3 NVHDA (Service for NVIDIA High Definition Audio Driver) - c:\windows\system32\drivers\nvhda64v.sys (file missing)
R3 nvlddmkm - c:\windows\system32\drivers\nvlddmkm.sys (file missing)
R3 PptpMiniport (WAN-Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing)
R3 RasAgileVpn (WAN Miniport (IKEv2)) - c:\windows\system32\drivers\agilevpn.sys (file missing)
R3 Rasl2tp (WAN-Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing)
R3 RasPppoe (Remotezugriff-PPPOE-Treiber) - c:\windows\system32\drivers\raspppoe.sys (file missing)
R3 RasSstp (WAN-Miniport (SSTP)) - c:\windows\system32\drivers\rassstp.sys (file missing)
R3 srv (Server-SMB-Treiber 1.xxx) - c:\windows\system32\drivers\srv.sys (file missing)
R3 srv2 (Server-SMB-Treiber 2.xxx) - c:\windows\system32\drivers\srv2.sys (file missing)
R3 srvnet - c:\windows\system32\drivers\srvnet.sys (file missing)
R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys (file missing)
R3 tunnel (Microsoft-Tunnelminiport-Adaptertreiber) - c:\windows\system32\drivers\tunnel.sys (file missing)
R3 umbus (UMBusenumerator-Treiber) - c:\windows\system32\drivers\umbus.sys (file missing)
R3 usbccgp (Microsoft Standard-USB-Haupttreiber) - c:\windows\system32\drivers\usbccgp.sys (file missing)
R3 usbehci (Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller) - c:\windows\system32\drivers\usbehci.sys (file missing)
R3 usbhub (Microsoft USB-Standardhubtreiber) - c:\windows\system32\drivers\usbhub.sys (file missing)
R3 USBSTOR (USB-Massenspeichertreiber) - c:\windows\system32\drivers\usbstor.sys (file missing)
R3 WmBEnum (Logitech Virtual Bus Enumerator Driver) - c:\windows\system32\drivers\wmbenum.sys (file missing)
R3 WmiAcpi (Microsoft Windows Management Interface for ACPI) - c:\windows\system32\drivers\wmiacpi.sys (file missing)
R3 WmXlCore (Logitech Translation Layer Driver) - c:\windows\system32\drivers\wmxlcore.sys (file missing)
R3 WudfPf (User Mode Driver Frameworks Platform Driver) - c:\windows\system32\drivers\wudfpf.sys (file missing)
R3 WUDFRd - c:\windows\system32\drivers\wudfrd.sys (file missing)
R4 cdfs (CD/DVD File System Reader) - c:\windows\system32\drivers\cdfs.sys (file missing)

S1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys (file missing)
S3 AcpiPmi (ACPI Power Meter Driver) - c:\windows\system32\drivers\acpipmi.sys (file missing)
S3 agp440 (Intel AGP Bus Filter) - c:\windows\system32\drivers\agp440.sys (file missing)
S3 AmdK8 (AMD K8 Processor Driver) - c:\windows\system32\drivers\amdk8.sys (file missing)
S3 AmdPPM (AMD Processor Driver) - c:\windows\system32\drivers\amdppm.sys (file missing)
S3 AppID (Anwendungs-ID-Treiber) - c:\windows\system32\drivers\appid.sys (file missing)
S3 AsyncMac (Asynchroner RAS -Medientreiber) - c:\windows\system32\drivers\asyncmac.sys (file missing)
S3 b06bdrv (Broadcom NetXtreme II VBD) - c:\windows\system32\drivers\bxvbda.sys (file missing)
S3 b57nd60a (Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0) - c:\windows\system32\drivers\b57nd60a.sys (file missing)
S3 BrFiltLo (Brother USB Mass-Storage Lower Filter Driver) - c:\windows\system32\drivers\brfiltlo.sys (file missing)
S3 BrFiltUp (Brother USB Mass-Storage Upper Filter Driver) - c:\windows\system32\drivers\brfiltup.sys (file missing)
S3 Brserid (Brother MFC Serial Port Interface Driver (WDM)) - c:\windows\system32\drivers\brserid.sys (file missing)
S3 BrSerWdm (Brother WDM Serial driver) - c:\windows\system32\drivers\brserwdm.sys (file missing)
S3 BrUsbMdm (Brother MFC USB Fax Only Modem) - c:\windows\system32\drivers\brusbmdm.sys (file missing)
S3 BrUsbSer (Brother MFC USB Serial WDM Driver) - c:\windows\system32\drivers\brusbser.sys (file missing)
S3 BTHMODEM (Bluetooth Serial Communications Driver) - c:\windows\system32\drivers\bthmodem.sys (file missing)
S3 circlass (Consumer IR Devices) - c:\windows\system32\drivers\circlass.sys (file missing)
S3 CmBatt (Microsoft ACPI Control Method Battery Driver) - c:\windows\system32\drivers\cmbatt.sys (file missing)
S3 drmkaud (Microsoft Trusted Audio Drivers) - c:\windows\system32\drivers\drmkaud.sys (file missing)
S3 ebdrv (Broadcom NetXtreme II 10 GigE VBD) - c:\windows\system32\drivers\evbda.sys (file missing)
S3 ErrDev (Microsoft Hardware Error Device Driver) - c:\windows\system32\drivers\errdev.sys (file missing)
S3 exfat (exFAT File System Driver) - c:\windows\system32\drivers\exfat.sys (file missing)
S3 fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys (file missing)
S3 Filetrace - c:\windows\system32\drivers\filetrace.sys (file missing)
S3 flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys (file missing)
S3 FsDepends (File System Dependency Minifilter) - c:\windows\system32\drivers\fsdepends.sys (file missing)
S3 gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) - c:\windows\system32\drivers\gagp30kx.sys (file missing)
S3 hcw85cir (Hauppauge Consumer Infrared Receiver) - c:\windows\system32\drivers\hcw85cir.sys (file missing)
S3 HdAudAddService (Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst) - c:\windows\system32\drivers\hdaudio.sys (file missing)
S3 HidBatt (HID UPS Battery Driver) - c:\windows\system32\drivers\hidbatt.sys (file missing)
S3 HidBth (Microsoft Bluetooth HID Miniport) - c:\windows\system32\drivers\hidbth.sys (file missing)
S3 HidIr (Microsoft Infrared HID Driver) - c:\windows\system32\drivers\hidir.sys (file missing)
S3 IpFilterDriver (Filtertreiber für IP-Datenverkehr) - c:\windows\system32\drivers\ipfltdrv.sys (file missing)
S3 IPMIDRV - c:\windows\system32\drivers\ipmidrv.sys (file missing)
S3 IPNAT (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys (file missing)
S3 IRENUM (IR Bus Enumerator) - c:\windows\system32\drivers\irenum.sys (file missing)
S3 iScsiPrt (iScsiPort Driver) - c:\windows\system32\drivers\msiscsi.sys (file missing)
S3 kbdhid (Tastatur-HID-Treiber) - c:\windows\system32\drivers\kbdhid.sys (file missing)
S3 Modem - c:\windows\system32\drivers\modem.sys (file missing)
S3 mouhid (Maus-HID-Treiber) - c:\windows\system32\drivers\mouhid.sys (file missing)
S3 MRxDAV (Redirector-Treiber für WebDav-Client) - c:\windows\system32\drivers\mrxdav.sys (file missing)
S3 mshidkmdf (Pass-through HID to KMDF Filter Driver) - c:\windows\system32\drivers\mshidkmdf.sys (file missing)
S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys (file missing)
S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys (file missing)
S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys (file missing)
S3 MsRPC - c:\windows\system32\drivers\msrpc.sys (file missing)
S3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - c:\windows\system32\drivers\mstee.sys (file missing)
S3 MTConfig (Microsoft Input Configuration Driver) - c:\windows\system32\drivers\mtconfig.sys (file missing)
S3 NativeWifiP (NativeWiFi Filter) - c:\windows\system32\drivers\nwifi.sys (file missing)
S3 NdisCap (NDIS Capture LightWeight Filter) - c:\windows\system32\drivers\ndiscap.sys (file missing)
S3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys (file missing)
S3 nv_agp (NVIDIA nForce AGP Bus Filter) - c:\windows\system32\drivers\nv_agp.sys (file missing)
S3 ohci1394 (1394 OHCI Compliant Host Controller (Legacy)) - c:\windows\system32\drivers\ohci1394.sys (file missing)
S3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys (file missing)
S3 pcmcia - c:\windows\system32\drivers\pcmcia.sys (file missing)
S3 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys (file missing)
S3 QWAVEdrv (QWAVE-Treiber) - c:\windows\system32\drivers\qwavedrv.sys (file missing)
S3 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing)
S3 rdpbus (Remote Desktop Device Redirector Bus Driver) - c:\windows\system32\drivers\rdpbus.sys (file missing)
S3 RDPWD (RDP Winstation Driver) - c:\windows\system32\drivers\rdpwd.sys (file missing)
S3 scfilter (Filtertreiber für Smartcards der Plug & Play-Klasse) - c:\windows\system32\drivers\scfilter.sys (file missing)
S3 Serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys (file missing)
S3 sermouse (Serial Mouse Driver) - c:\windows\system32\drivers\sermouse.sys (file missing)
S3 sffdisk (SFF-Speicherklassentreiber) - c:\windows\system32\drivers\sffdisk.sys (file missing)
S3 sffp_mmc (SFF-Speicherprotokolltreiber für MMC) - c:\windows\system32\drivers\sffp_mmc.sys (file missing)
S3 sffp_sd (SFF-Speicherprotokolltreiber für SDBus) - c:\windows\system32\drivers\sffp_sd.sys (file missing)
S3 sfloppy (High-Capacity Floppy Disk Drive) - c:\windows\system32\drivers\sfloppy.sys (file missing)
S3 Smb (Nachrichtenorientiertes TCP/IP- und TCP/IPv6-Protokoll (SMB-Sitzung)) - c:\windows\system32\drivers\smb.sys (file missing)
S3 TCPIP6 (Microsoft IPv6 Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing)
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys (file missing)
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys (file missing)
S3 tssecsrv (Remote Desktop Services Security Filter Driver) - c:\windows\system32\drivers\tssecsrv.sys (file missing)
S3 uagp35 (Microsoft AGPv3.5 Filter) - c:\windows\system32\drivers\uagp35.sys (file missing)
S3 uliagpkx (Uli AGP Bus Filter) - c:\windows\system32\drivers\uliagpkx.sys (file missing)
S3 UmPass (Microsoft UMPass Driver) - c:\windows\system32\drivers\umpass.sys (file missing)
S3 usbcir (eHome Infrared Receiver (USBCIR)) - c:\windows\system32\drivers\usbcir.sys (file missing)
S3 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys (file missing)
S3 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys (file missing)
S3 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys (file missing)
S3 vga - c:\windows\system32\drivers\vgapnp.sys (file missing)
S3 vhdmp - c:\windows\system32\drivers\vhdmp.sys (file missing)
S3 vwifibus (Virtueller WiFi-Bustreiber) - c:\windows\system32\drivers\vwifibus.sys (file missing)
S3 WacomPen (Wacom Serial Pen HID Driver) - c:\windows\system32\drivers\wacompen.sys (file missing)
S3 WANARP (Remotezugriff-IP-ARP-Treiber) - c:\windows\system32\drivers\wanarp.sys (file missing)
S3 WmFilter (Logitech Gaming HID Filter Driver) - c:\windows\system32\drivers\wmfilter.sys (file missing)
S3 WmVirHid (Logitech Virtual Hid Device Driver) - c:\windows\system32\drivers\wmvirhid.sys (file missing)
S4 avc3 - c:\windows\system32\drivers\avc3.sys (file missing)
S4 avckf - c:\windows\system32\drivers\avckf.sys (file missing)
S4 crcdisk (Crcdisk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing)
S4 udfs - c:\windows\system32\drivers\udfs.sys (file missing)
S4 ws2ifsl (Winsock-IFS-Treiber) - c:\windows\system32\drivers\ws2ifsl.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 a2AntiMalware (a-squared Anti-Malware Service) - "c:\program files (x86)\a-squared anti-malware\a2service.exe" <Not Verified; Emsi Software GmbH; a-squared>
R2 AVKService (G Data Scheduler) - c:\program files (x86)\g data\internetsecurity\avk\avkservice.exe
R2 AVKWCtl (G Data Filesystem Monitor) - c:\program files (x86)\g data\internetsecurity\avk\avkwctlx64.exe
R2 Greg_Service (GRegService) - c:\program files (x86)\packard bell\registration\greghsrw.exe
R2 Nero BackItUp Scheduler 4.0 - c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe
R2 nvsvc (NVIDIA Display Driver Service) - c:\windows\system32\nvvsvc.exe (file missing)
R2 SamSs (Sicherheitskonto-Manager) - c:\windows\system32\lsass.exe (file missing)
R2 Spooler (Druckwarteschlange) - c:\windows\system32\spoolsv.exe (file missing)
R3 GDFwSvc (G Data Personal Firewall) - c:\program files (x86)\g data\internetsecurity\firewall\gdfwsvcx64.exe
R3 VSS (Volumeschattenkopie) - c:\windows\system32\vssvc.exe (file missing)

S2 sppsvc (Software Protection) - c:\windows\system32\sppsvc.exe (file missing)
S3 AdobeActiveFileMonitor7.0 (Adobe Active File Monitor V7) - c:\program files (x86)\adobe\photoshop elements 7.0\photoshopelementsfileagent.exe
S3 ALG (Gatewaydienst auf Anwendungsebene) - c:\windows\system32\alg.exe (file missing)
S3 EFS (Verschlüsselndes Dateisystem (EFS)) - c:\windows\system32\lsass.exe (file missing)
S3 FLEXnet Licensing Service - "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 KeyIso (CNG-Schlüsselisolation) - c:\windows\system32\lsass.exe (file missing)
S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe (file missing)
S3 Netlogon (Anmeldedienst) - c:\windows\system32\lsass.exe (file missing)
S3 ProtectedStorage (Geschützter Speicher) - c:\windows\system32\lsass.exe (file missing)
S3 RpcLocator (RPC-Locator) - c:\windows\system32\locator.exe (file missing)
S3 SNMPTRAP (SNMP-Trap) - c:\windows\system32\snmptrap.exe (file missing)
S3 Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe /runasservice
S3 UI0Detect (Erkennung interaktiver Dienste) - c:\windows\system32\ui0detect.exe (file missing)
S3 VaultSvc (Anmeldeinformationsverwaltung) - c:\windows\system32\lsass.exe (file missing)
S3 vds (Virtueller Datenträger) - c:\windows\system32\vds.exe (file missing)
S3 wbengine (Blockebenen-Sicherungsmodul) - "c:\windows\system32\wbengine.exe" (file missing)
S3 wmiApSrv (WMI-Leistungsadapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
S4 Fax - c:\windows\system32\fxssvc.exe (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2010-12-17 23:05:50 1112 --a------ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2010-12-17 12:31:00 1116 --a------ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job


-- Files created between 2010-11-17 and 2010-12-17 -----------------------------

2010-12-17 23:20:01 0 d-------- C:\VundoFix Backups
2010-12-15 23:06:29 0 d-------- C:\Users\All Users\BitDefender
2010-12-15 23:06:23 58897 --a------ C:\Users\All Users\bdinstall.bin
2010-12-15 23:04:30 0 d-------- C:\Program Files (x86)\a-squared Anti-Malware
2010-12-15 12:10:02 0 d-------- C:\Program Files (x86)\Trend Micro
2010-12-13 12:23:51 0 d-------- C:\Program Files (x86)\LucasArts
2010-11-24 05:17:01 0 d-------- C:\Program Files (x86)\Almightysoft


-- Find3M Report ---------------------------------------------------------------

2010-12-17 23:29:25 0 d-------- C:\Users\MediaMarkt\AppData\Roaming\Free Download Manager
2010-12-17 23:19:12 0 d-------- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-16 13:02:41 0 d-------- C:\Program Files (x86)\Windows Mail
2010-12-16 12:41:00 0 d-------- C:\Program Files (x86)\Microsoft Silverlight
2010-12-16 12:40:17 0 d-------- C:\Program Files (x86)\Microsoft Works
2010-12-16 12:29:41 0 d-------- C:\Program Files (x86)\Steam
2010-12-15 23:18:05 0 d-------- C:\Users\MediaMarkt\AppData\Roaming\BitDefender
2010-12-15 23:06:47 0 d-------- C:\Users\MediaMarkt\AppData\Roaming\QuickScan
2010-12-14 23:03:09 0 d-------- C:\Users\MediaMarkt\AppData\Roaming\ICQ
2010-12-13 12:24:15 0 d--h----- C:\Program Files (x86)\InstallShield Installation Information
2010-12-10 17:43:06 0 d-------- C:\Program Files (x86)\JDownloader
2010-11-24 23:54:00 0 d-------- C:\Program Files (x86)\Microsoft.NET
2010-11-18 10:23:43 0 d-------- C:\Program Files (x86)\Common Files\Steam
2010-11-14 19:08:01 0 d-------- C:\Program Files (x86)\ICQ7.2
2010-10-31 17:31:05 0 d-------- C:\Program Files (x86)\Common Files
2010-10-31 17:30:36 0 d-------- C:\Program Files (x86)\Java
2010-10-18 12:16:53 0 d-------- C:\Users\MediaMarkt\AppData\Roaming\AVG


-- Registry Dump ---------------------------------------------------------------



-- End of Deckard's System Scanner: finished at 2010-12-17 23:32:30 ------------


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows 7 Home Premium (build 7600)
Architecture: X64; Language: German

CPU 0: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of Memory in Use: 30%
Physical Memory (total/avail): 6135.11 MiB / 4275.31 MiB
Pagefile Memory (total/avail): 12268.36 MiB / 10138.46 MiB
Virtual Memory (total/avail): 4095.88 MiB / 3804.34 MiB

C: is Fixed (NTFS) - 457.95 GiB total, 358.55 GiB free.
D: is Fixed (NTFS) - 458.46 GiB total, 223.47 GiB free.
E: is CDROM (CDFS)
F: is Fixed (FAT32) - 931.28 GiB total, 772.06 GiB free.
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
K: is Removable (No Media)

\\.\PHYSICALDRIVE0 - WDC WD10EADS-00M2B0 ATA Device - 931.51 GiB - 4 partitions
\PARTITION0 - Unknown - 15 GiB
\PARTITION1 (bootable) - Installierbares Dateisystem - 100 MiB
\PARTITION2 - Installierbares Dateisystem - 457.95 GiB - C:
\PARTITION3 - Installierbares Dateisystem - 458.46 GiB - D:

\\.\PHYSICALDRIVE2 - Generic- Compact Flash USB Device

\\.\PHYSICALDRIVE6 - Generic- MicroSD USB Device

\\.\PHYSICALDRIVE5 - Generic- MS/MS-Pro/HG USB Device

\\.\PHYSICALDRIVE4 - Generic- SD/MMC USB Device

\\.\PHYSICALDRIVE3 - Generic- xD-Picture USB Device

\\.\PHYSICALDRIVE1 - WD 10EACS External USB Device - 931.51 GiB - 1 partition
\PARTITION0 - Unknown - 931.51 GiB - F:



-- Security Center -------------------------------------------------------------

Windows Internal Firewall is disabled.


[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\MediaMarkt\AppData\Roaming
CLASSPATH=.;C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
CommonProgramFiles=C:\Program Files (x86)\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\MediaMarkt
LOCALAPPDATA=C:\Users\MediaMarkt\AppData\Local
LOGONSERVER=\\PC
NUMBER_OF_PROCESSORS=4
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_ARCHITEW6432=AMD64
PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=1e05
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files (x86)
ProgramFiles(x86)=C:\Program Files (x86)
ProgramW6432=C:\Program Files
PROMPT=$P$G
PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\MEDIAM~1\AppData\Local\Temp
TMP=C:\Users\MEDIAM~1\AppData\Local\Temp
USERDOMAIN=PC
USERNAME=MediaMarkt
USERPROFILE=C:\Users\MediaMarkt
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

MediaMarkt


-- Add/Remove Programs ---------------------------------------------------------

--> MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
2007 Microsoft Office Suite Service Pack 2 (SP2) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
a-squared Anti-Malware 3.5 - 9x Edition --> "C:\Program Files (x86)\a-squared Anti-Malware\unins000.exe"
Acrobat.com --> MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR --> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR --> MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX --> C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin --> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Photoshop Elements 7.0 --> msiexec /i {5511C07D-A83C-45AD-92B6-42DF99729A3C}
Adobe Photoshop Elements 7.0 --> msiexec /i {CB6075D9-F912-40AE-BEA6-E590DA24F16B}
Adobe Photoshop Elements 7.0 --> msiexec /i {CB6075D9-F912-40AE-BEA6-E590DA24F16B}
Adobe Reader 9.1 MUI --> MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001}
Advertising Center --> MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
Apple Application Support --> MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
Apple Software Update --> MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVG PC Tuneup 2011 --> "C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\unins000.exe"
Choice Guard --> MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Compatibility Pack für 2007 Office System --> MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE}
Desktop-Lupe 1.8 --> C:\Program Files (x86)\Almightysoft\DesktopLupe\uninst.exe
Free Download Manager 2.5 --> "C:\Program Files (x86)\Free Download Manager\unins000.exe"
G Data InternetSecurity SE --> MsiExec.exe /I{D729E05E-B2B9-4DC4-AF57-47310576EDE0}
Google Earth --> MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Toolbar for Internet Explorer --> "C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall
Google Toolbar for Internet Explorer --> MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper --> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2 --> "C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
ICQ7.2 --> "C:\Program Files (x86)\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Identity Card --> C:\Program Files (x86)\Packard Bell\Identity Card\Uninstall.exe
Java(TM) 6 Update 22 --> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
JDownloader --> C:\Program Files (x86)\JDownloader\uninstall.exe
Junk Mail filter update --> MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
MAGIX Fotobuch 3.6 --> C:\Program Files (x86)\MAGIX\MAGIX Fotobuch\uninstall.exe
MAGIX Media Suite --> C:\Program Files (x86)\MAGIX\MediaSuite2009\unwise.exe
MAGIX Ringtone Maker SE --> C:\Program Files (x86)\MAGIX\Ringtone_Maker_2007_SE\unwise.exe
Malwarebytes' Anti-Malware --> "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Medieval II Total War --> C:\Program Files (x86)\InstallShield Installation Information\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\Setup.exe -runfromtemp -l0x0007 -removeonly
Metaboli --> C:\Program Files (x86)\Packard Bell\metaboli\Uninstall.exe
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-002A-0407-1000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0100-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0101-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office Access MUI (German) 2007 --> MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007 --> MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007 --> MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007 --> MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 - German/Deutsch --> "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall OMUI.DE-DE /dll OSETUP.DLL
Microsoft Office O MUI (German) 2007 --> MsiExec.exe /X{90120000-0100-0407-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (German) 2007 --> MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007 --> MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007 --> MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (German) --> MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007 --> MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007 --> MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Publisher MUI (German) 2007 --> MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007 --> MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) --> msiexec /package {90120000-0017-0407-0000-0000000FF1CE} /uninstall {0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}
Microsoft Office SharePoint Designer MUI (German) 2007 --> MsiExec.exe /X{90120000-0017-0407-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant --> MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007 --> MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Office X MUI (German) 2007 --> MsiExec.exe /X{90120000-0101-0407-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 --> MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 --> MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 --> MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works --> MsiExec.exe /I{62F7DA7E-CCCB-439C-A760-00C3926E761F}
Mozilla Firefox (3.6.13) --> C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MP3 Ringtone Extractor 1.1 --> "C:\Program Files (x86)\MP3 Ringtone Extractor\unins000.exe"
MSVCRT --> MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430) --> MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688) --> MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
mufin player --> C:\Program Files (x86)\MAGIX\mufin_player\unwise.exe
Napoleon: Total War --> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/34030
Nero 9 Essentials --> C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="2M02-K09C-T30X-9E87-48UX-1MAM-EA5W-8AA2-TWPP-P288-2T15-1Z5L-7M8L-8H4Z-8800"
Nero ControlCenter --> MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
Nero ControlCenter --> MsiExec.exe /X{f4041dce-3fe1-4e18-8a9e-9de65231ee36}
Nero DiscSpeed --> MsiExec.exe /X{869200db-287a-4dc0-b02b-2b6787fbcd4c}
Nero DiscSpeed Help --> MsiExec.exe /X{cc019e3f-59d2-4486-8d4b-878105b62a71}
Nero DriveSpeed --> MsiExec.exe /X{33cf58f5-48d8-4575-83d6-96f574e4d83a}
Nero DriveSpeed Help --> MsiExec.exe /X{e5c7d048-f9b4-4219-b323-8bdb01a2563d}
Nero Express Help --> MsiExec.exe /X{83202942-84b3-4c50-8622-b8c0aa2d2885}
Nero InfoTool --> MsiExec.exe /X{fbcdfd61-7dcf-4e71-9226-873ba0053139}
Nero InfoTool Help --> MsiExec.exe /X{20400dbd-e6db-45b8-9b6b-1dd7033818ec}
Nero Installer --> MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
Nero Move it --> MsiExec.exe /X{248e4799-db04-4b1a-902c-194669f995ce}
Nero Move it Essentials --> C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="4M08-80A5-CUL8-55XT-M40W-X4E5-2MCZ-T0TL"
Nero Move it Help --> MsiExec.exe /X{defa5390-8533-47b5-81f7-3816916bdc6f}
Nero Online Upgrade --> MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d}
Nero StartSmart --> MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
Nero StartSmart Help --> MsiExec.exe /X{2348b586-c9ae-46ce-936c-a68e9426e214}
Nero StartSmart OEM --> MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
NeroExpress --> MsiExec.exe /X{595a3116-40bb-4e0f-a2e8-d7951da56270}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA PhysX --> MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
Packard Bell InfoCentre --> C:\Program Files (x86)\Packard Bell\InfoCentre\Uninstall.exe
Packard Bell Photo Frame 4.2.3.10 --> C:\Program Files (x86)\Packard Bell Photo Frame\uninst.exe
Packard Bell Recovery Management --> "C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x407 -removeonly
Packard Bell Registration --> C:\Program Files (x86)\Packard Bell\Registration\Uninstall.exe
Packard Bell ScreenSaver --> C:\Program Files (x86)\Packard Bell\Screensaver\Uninstall.exe
Packard Bell Software Suite SE --> C:\Program Files (x86)\Packard Bell\Software Suite SE\Uninstall.exe
Packard Bell Updater --> "C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x407 -removeonly
QuickTime --> MsiExec.exe /I{E7004147-2CCA-431C-AA05-2AB166B9785D}
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
S.T.A.L.K.E.R. - Shadow of Chernobyl --> "C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
Security Update for 2007 Microsoft Office System (KB2288621) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2289158) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}
Security Update for 2007 Microsoft Office System (KB2344875) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
Security Update for 2007 Microsoft Office System (KB2345043) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB969559) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) --> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft Office Excel 2007 (KB2345035) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}
Security Update for Microsoft Office InfoPath 2007 (KB979441) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB982158) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office PowerPoint Viewer (KB2413381) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}
Security Update for Microsoft Office system 2007 (972581) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Serif DrawPlus X2 --> MsiExec.exe /I{3A438F62-00EE-4422-906B-6D9E107FC33F}
Serif PhotoPlus X2 --> MsiExec.exe /I{9DCFC564-606E-424F-8A1C-56DD14908AF6}
Sid Meier's Civilization V --> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/8930
Spybot - Search & Destroy --> "C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Star Wars Battlefront II --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3D374523-CFDE-461A-827E-2A102E2AB365}\Setup.exe" -l0x7 -removeonly
StarCraft II --> C:\Program Files (x86)\Common Files\Blizzard Entertainment\StarCraft II\Uninstall.exe
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Update für Microsoft Office Excel 2007 Help (KB963678) --> msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Outlook 2007 Help (KB963677) --> msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
Update für Microsoft Office Powerpoint 2007 Help (KB963669) --> msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665) --> msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
Update for 2007 Microsoft Office System (KB2284654) --> msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
Update for 2007 Microsoft Office System (KB967642) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Excel 2007 Help (KB963678) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office OneNote 2007 (KB980729) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office OneNote 2007 Help (KB963670) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Powerpoint 2007 Help (KB963669) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Script Editor Help (KB963671) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
VLC media player 1.1.4 --> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Welcome Center --> C:\Program Files (x86)\Packard Bell\Welcome Center\Uninstall.exe
Winamp --> "C:\Program Files (x86)\Winamp\UninstWA.exe"
Winamp Erkennungs-Plug-in --> C:\Program Files (x86)\Winamp Detect\UninstWaDetect.exe
Windows Live-Uploadtool --> MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Communications Platform --> MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials --> C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials --> MsiExec.exe /I{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}
Windows Live Fotogalerie --> MsiExec.exe /X{119B7481-0216-40D2-A5CC-C3E1F461ECC1}
Windows Live Mail --> MsiExec.exe /I{5A166C0B-9557-4364-A057-F946D674E6AC}
Windows Live Sync --> MsiExec.exe /X{ED636101-1959-4360-8BF7-209436E7DEE4}
Windows Live Writer --> MsiExec.exe /X{81821BF8-DA20-4F8C-AA87-F70A274828D4}


-- Application Event Log -------------------------------------------------------

Event Record #/Type15705 / Success
Event Submitted/Written: 12/17/2010 11:13:58 PM
Event ID/Source: 903 / Software Protection Platform Service
Event Description:
Der Softwareschutzdienst wurde beendet.

Event Record #/Type15704 / Success
Event Submitted/Written: 12/17/2010 11:08:58 PM
Event ID/Source: 902 / Software Protection Platform Service
Event Description:
Der Softwareschutzdienst wurde gestartet.
6.1.7600.16385

Event Record #/Type15692 / Success
Event Submitted/Written: 12/17/2010 11:05:50 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type15691 / Success
Event Submitted/Written: 12/17/2010 11:05:50 PM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type15680 / Success
Event Submitted/Written: 12/17/2010 00:10:39 PM
Event ID/Source: 903 / Software Protection Platform Service
Event Description:
Der Softwareschutzdienst wurde beendet.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type55857 / Error
Event Submitted/Written: 12/17/2010 11:26:20 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Der Dienst "MBAMCatchMe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Event Record #/Type55856 / Error
Event Submitted/Written: 12/17/2010 11:26:20 PM
Event ID/Source: 1060 / Application Popup
Event Description:
Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\mbamcatchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Event Record #/Type55852 / Error
Event Submitted/Written: 12/17/2010 11:22:10 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Der Dienst "MBAMCatchMe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Event Record #/Type55851 / Error
Event Submitted/Written: 12/17/2010 11:22:10 PM
Event ID/Source: 1060 / Application Popup
Event Description:
Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\mbamcatchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Event Record #/Type55845 / Warning
Event Submitted/Written: 12/17/2010 11:14:05 PM
Event ID/Source: 4101 / Display
Event Description:
Der Anzeigetreiber "nvlddmkm" reagiert nicht mehr und wurde wiederhergestellt.



-- End of Deckard's System Scanner: finished at 2010-12-17 23:32:30 ------------

Alt 17.12.2010, 22:36   #7
cronolux
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



OTLOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 17.12.2010 23:25:16 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = F:\
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 72,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,95 Gb Total Space | 358,78 Gb Free Space | 78,34% Space Free | Partition Type: NTFS
Drive D: | 458,46 Gb Total Space | 223,47 Gb Free Space | 48,74% Space Free | Partition Type: NTFS
Drive E: | 3,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 931,28 Gb Total Space | 771,47 Gb Free Space | 82,84% Space Free | Partition Type: FAT32
 
Computer Name: PC | User Name: MediaMarkt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.12.17 23:23:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2010.12.10 19:32:50 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.09.23 12:13:06 | 000,751,432 | ---- | M] (AVG) -- C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
PRC - [2009.12.07 14:38:02 | 001,128,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
PRC - [2009.11.26 12:50:52 | 000,302,152 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
PRC - [2009.09.24 09:50:56 | 001,124,424 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
PRC - [2009.09.18 14:49:08 | 000,924,232 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
PRC - [2009.09.10 11:41:38 | 002,356,256 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
PRC - [2009.09.04 02:56:13 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009.08.08 11:33:28 | 000,397,896 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
PRC - [2009.07.20 22:07:10 | 000,124,416 | ---- | M] (IOI) -- C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe
PRC - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2009.06.15 04:22:00 | 000,537,120 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
PRC - [2009.06.04 21:48:00 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.06.04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
PRC - [2009.03.05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.09.21 12:52:40 | 002,131,600 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\a-squared Anti-Malware\a2guard.exe
PRC - [2008.09.21 12:52:40 | 000,380,536 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe
PRC - [2008.05.27 23:07:10 | 000,214,528 | ---- | M] (Atribune.org) -- F:\Moi\BigT\VundoFix.exe
PRC - [2008.05.05 20:46:30 | 001,179,256 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2008.01.22 14:13:52 | 002,449,455 | ---- | M] (FreeDownloadManager.ORG) -- C:\PROGRA~2\FREEDO~1\fdm.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.12.17 23:23:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
MOD - [2010.12.15 23:20:55 | 000,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_net.m32
MOD - [2010.12.15 23:20:54 | 000,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_extra.m32
MOD - [2010.12.15 23:20:53 | 000,286,720 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_nt.m32
MOD - [2010.12.15 23:20:53 | 000,155,648 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_base.m32
MOD - [2010.12.15 23:20:52 | 000,667,648 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_fragments.m32
MOD - [2010.12.15 23:20:52 | 000,249,864 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\midas32.dll
MOD - [2010.12.15 23:20:52 | 000,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\plugin_registry.m32
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.12.08 19:03:42 | 000,116,224 | ---- | M] (BitDefender SRL) -- C:\Programme\BitDefender\BitDefender 2011\Active Virus Control\Midas_00059_002\leaktests.m32
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.12.15 23:20:14 | 002,612,208 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV:64bit: - [2010.12.15 23:19:48 | 000,051,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv)
SRV - [2010.11.17 23:34:50 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.10.11 18:48:24 | 000,467,248 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Programme\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.07 14:38:02 | 001,128,008 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2009.11.26 12:50:52 | 000,302,152 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan)
SRV - [2009.11.25 02:07:32 | 001,731,504 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2009.11.25 02:05:05 | 001,664,560 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2009.10.28 22:05:19 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.08.08 11:33:28 | 000,397,896 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2009.07.04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 21:48:00 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.06.04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2008.12.08 15:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008.09.21 12:52:40 | 000,380,536 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe -- (a2AntiMalware)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2010.08.24 19:30:21 | 000,074,184 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2010.08.24 19:30:08 | 000,057,288 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2010.08.24 11:57:34 | 000,048,584 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2010.08.24 11:57:29 | 000,034,760 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2010.07.09 14:08:16 | 000,388,168 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2010.06.28 11:55:44 | 001,040,976 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2010.06.28 11:55:38 | 000,692,816 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2010.05.13 15:52:08 | 000,162,896 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfm.sys -- (BDFM)
DRV:64bit: - [2009.10.28 21:59:10 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2009.09.04 03:14:27 | 000,042,952 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2009.07.14 17:46:48 | 001,708,800 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.26 08:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.06.22 04:05:58 | 000,273,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.06.16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008.02.23 02:54:00 | 000,019,496 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM)
DRV:64bit: - [2008.01.24 23:08:34 | 000,057,352 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2008.01.24 23:08:24 | 000,015,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2008.01.24 23:08:04 | 000,032,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2008.01.24 23:07:54 | 000,022,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010.08.20 17:42:04 | 000,099,408 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Programme\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2008.04.11 09:20:06 | 000,010,608 | ---- | M] (Emsi Software GmbH) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\a-squared Anti-Malware\a2exec64.sys -- (a2exec)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=181099"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.studivz.net/"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.8.1
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2010.12.15 23:18:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.10 19:32:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.10 19:32:53 | 000,000,000 | ---D | M]
 
[2010.08.24 12:00:27 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Extensions
[2010.12.17 11:36:27 | 000,000,000 | ---D | M] -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\iy2umqg8.default\extensions
[2010.12.04 21:45:29 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\iy2umqg8.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010.10.22 10:11:45 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\iy2umqg8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.12.14 23:19:25 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\iy2umqg8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.12.10 17:13:10 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\MediaMarkt\AppData\Roaming\mozilla\Firefox\Profiles\iy2umqg8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.10.31 17:30:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.10.25 18:08:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.31 17:30:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.07.23 01:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 01:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.23 01:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.23 01:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.23 01:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIEx64.dll (G Data Software AG)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIEx64.dll (G Data Software AG)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Programme\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Programme\BitDefender\BitDefender 2011\Antispam32\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [a-squared] C:\Program Files (x86)\a-squared Anti-Malware\a2guard.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G DATA Software AG)
O4 - HKLM..\Run: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe (IOI)
O4 - HKCU..\Run: [Software Suite SE] C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe (Acer Incorporated)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.230 80.69.100.174
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe) - c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe ()
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.09.02 20:21:51 | 000,000,051 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{d666f874-c403-11de-a303-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d666f874-c403-11de-a303-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LaunchBFII.exe -- [2005.09.23 23:54:10 | 000,557,056 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) -  File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.17 23:20:01 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010.12.16 12:38:32 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.12.16 12:38:32 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.12.16 12:38:32 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.12.16 12:38:32 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.12.16 12:38:17 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.12.16 12:38:17 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.12.16 12:38:16 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010.12.16 12:38:16 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.12.16 12:38:16 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.12.16 12:38:16 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.12.16 12:38:16 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.12.16 12:38:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.12.16 12:38:16 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010.12.16 12:38:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.12.16 12:38:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010.12.16 12:38:16 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.12.16 12:38:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.12.16 12:38:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.12.16 12:37:36 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2010.12.16 12:37:07 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2010.12.16 12:37:07 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2010.12.16 12:36:58 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2010.12.16 12:36:58 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2010.12.16 12:36:58 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2010.12.16 12:36:58 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2010.12.16 12:36:58 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2010.12.16 12:36:58 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2010.12.16 12:36:58 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2010.12.16 12:36:58 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2010.12.15 23:18:05 | 000,000,000 | ---D | C] -- C:\Users\MediaMarkt\AppData\Roaming\BitDefender
[2010.12.15 23:17:50 | 000,000,000 | ---D | C] -- C:\Programme\BitDefender
[2010.12.15 23:06:47 | 000,000,000 | ---D | C] -- C:\Users\MediaMarkt\AppData\Roaming\QuickScan
[2010.12.15 23:06:29 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\BitDefender
[2010.12.15 23:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2010.12.15 23:06:23 | 000,388,168 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdfsfltr.sys
[2010.12.15 23:04:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\a-squared Anti-Malware
[2010.12.15 23:04:30 | 000,000,000 | ---D | C] -- C:\Users\MediaMarkt\Documents\a-squared
[2010.12.15 12:10:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010.12.13 12:23:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LucasArts
[2010.11.24 05:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Almightysoft
[2010.06.02 04:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\DSETUP.dll
[2009.09.03 15:13:01 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.17 23:19:12 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.17 23:13:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.17 23:13:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.17 23:05:50 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.17 23:05:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.17 23:05:39 | 529,879,039 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.17 12:31:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.16 13:05:24 | 000,469,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.12.16 12:40:17 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010.12.15 23:22:36 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\imblacklist.dat
[2010.12.15 23:21:38 | 000,058,897 | ---- | M] () -- C:\ProgramData\bdinstall.bin
[2010.12.15 23:19:22 | 000,000,415 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2010.12.15 23:18:08 | 000,002,108 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk
[2010.12.15 23:04:39 | 000,001,018 | ---- | M] () -- C:\Users\Public\Desktop\a-squared Anti-Malware.lnk
[2010.12.15 12:10:02 | 000,002,105 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\HijackThis.lnk
[2010.12.13 12:36:36 | 000,002,663 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\Launch Gaming Software Profiler.lnk
[2010.12.13 12:36:30 | 000,001,064 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\Star Wars Battlefront II spielen.lnk
[2010.12.05 02:37:57 | 500,629,830 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.11.29 21:00:51 | 002,933,472 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.29 21:00:51 | 001,279,824 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.29 21:00:51 | 000,835,576 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.29 21:00:51 | 000,740,060 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.29 21:00:51 | 000,005,218 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.24 05:17:03 | 000,001,175 | ---- | M] () -- C:\Users\MediaMarkt\Desktop\Desktop-Lupe.lnk
 
========== Files Created - No Company Name ==========
 
[2010.12.17 23:19:11 | 000,027,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\mbamcatchme.sys
[2010.12.17 23:19:11 | 000,015,864 | ---- | C] () -- C:\Windows\SysWow64\drivers\mbam.sys
[2010.12.15 23:22:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\imblacklist.dat
[2010.12.15 23:19:22 | 000,000,415 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2010.12.15 23:18:08 | 000,002,108 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk
[2010.12.15 23:06:23 | 000,058,897 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2010.12.15 23:04:39 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\a-squared Anti-Malware.lnk
[2010.12.15 12:10:02 | 000,002,105 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\HijackThis.lnk
[2010.12.13 12:36:36 | 000,002,663 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\Launch Gaming Software Profiler.lnk
[2010.12.13 12:36:30 | 000,001,064 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\Star Wars Battlefront II spielen.lnk
[2010.12.05 02:37:57 | 500,629,830 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.11.24 05:17:03 | 000,001,175 | ---- | C] () -- C:\Users\MediaMarkt\Desktop\Desktop-Lupe.lnk
[2010.10.04 12:16:00 | 000,003,584 | ---- | C] () -- C:\Users\MediaMarkt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.04 12:13:43 | 000,421,888 | ---- | C] () -- C:\Windows\SysWow64\OpenQuicktimeLib.dll
[2010.10.04 12:13:43 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\libfaac.dll
[2010.10.04 12:13:42 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll
[2010.09.10 16:35:47 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.07.08 09:37:14 | 000,101,544 | ---- | C] () -- C:\Programme\Common Files\LinkInstaller.exe
[2010.06.02 04:22:54 | 001,412,902 | ---- | C] () -- C:\Program Files (x86)\OCT2006_d3dx9_31_x64.cab
[2010.06.02 04:22:54 | 001,127,217 | ---- | C] () -- C:\Program Files (x86)\OCT2006_d3dx9_31_x86.cab
[2010.06.02 04:22:54 | 000,273,960 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XAudio_x64.cab
[2010.06.02 04:22:54 | 000,272,611 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XAudio_x86.cab
[2010.06.02 04:22:54 | 000,182,361 | ---- | C] () -- C:\Program Files (x86)\OCT2006_XACT_x64.cab
[2010.06.02 04:22:54 | 000,138,017 | ---- | C] () -- C:\Program Files (x86)\OCT2006_XACT_x86.cab
[2010.06.02 04:22:54 | 000,086,037 | ---- | C] () -- C:\Program Files (x86)\Oct2005_xinput_x64.cab
[2010.06.02 04:22:54 | 000,045,359 | ---- | C] () -- C:\Program Files (x86)\Oct2005_xinput_x86.cab
[2010.06.02 04:22:52 | 001,906,878 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx9_40_x64.cab
[2010.06.02 04:22:52 | 001,550,796 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx9_40_x86.cab
[2010.06.02 04:22:52 | 000,965,421 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx10_40_x86.cab
[2010.06.02 04:22:52 | 000,121,794 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XACT_x64.cab
[2010.06.02 04:22:52 | 000,092,684 | ---- | C] () -- C:\Program Files (x86)\Nov2008_XACT_x86.cab
[2010.06.02 04:22:52 | 000,054,522 | ---- | C] () -- C:\Program Files (x86)\Nov2008_X3DAudio_x64.cab
[2010.06.02 04:22:52 | 000,021,851 | ---- | C] () -- C:\Program Files (x86)\Nov2008_X3DAudio_x86.cab
[2010.06.02 04:22:50 | 000,994,154 | ---- | C] () -- C:\Program Files (x86)\Nov2008_d3dx10_40_x64.cab
[2010.06.02 04:22:50 | 000,196,762 | ---- | C] () -- C:\Program Files (x86)\NOV2007_XACT_x64.cab
[2010.06.02 04:22:50 | 000,148,264 | ---- | C] () -- C:\Program Files (x86)\NOV2007_XACT_x86.cab
[2010.06.02 04:22:50 | 000,046,144 | ---- | C] () -- C:\Program Files (x86)\NOV2007_X3DAudio_x64.cab
[2010.06.02 04:22:50 | 000,018,496 | ---- | C] () -- C:\Program Files (x86)\NOV2007_X3DAudio_x86.cab
[2010.06.02 04:22:48 | 001,802,058 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx9_36_x64.cab
[2010.06.02 04:22:48 | 001,709,360 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx9_36_x86.cab
[2010.06.02 04:22:48 | 000,864,600 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx10_36_x64.cab
[2010.06.02 04:22:48 | 000,803,884 | ---- | C] () -- C:\Program Files (x86)\Nov2007_d3dx10_36_x86.cab
[2010.06.02 04:22:48 | 000,273,018 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XAudio_x86.cab
[2010.06.02 04:22:46 | 000,275,044 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XAudio_x64.cab
[2010.06.02 04:22:46 | 000,121,506 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XACT_x64.cab
[2010.06.02 04:22:46 | 000,092,740 | ---- | C] () -- C:\Program Files (x86)\Mar2009_XACT_x86.cab
[2010.06.02 04:22:38 | 000,054,600 | ---- | C] () -- C:\Program Files (x86)\Mar2009_X3DAudio_x64.cab
[2010.06.02 04:22:38 | 000,021,298 | ---- | C] () -- C:\Program Files (x86)\Mar2009_X3DAudio_x86.cab
[2010.06.02 04:22:36 | 001,973,702 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx9_41_x64.cab
[2010.06.02 04:22:36 | 001,612,446 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx9_41_x86.cab
[2010.06.02 04:22:36 | 001,067,160 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx10_41_x64.cab
[2010.06.02 04:22:36 | 001,040,745 | ---- | C] () -- C:\Program Files (x86)\Mar2009_d3dx10_41_x86.cab
[2010.06.02 04:22:36 | 000,251,194 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XAudio_x64.cab
[2010.06.02 04:22:36 | 000,226,250 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XAudio_x86.cab
[2010.06.02 04:22:36 | 000,122,336 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XACT_x64.cab
[2010.06.02 04:22:36 | 000,093,734 | ---- | C] () -- C:\Program Files (x86)\Mar2008_XACT_x86.cab
[2010.06.02 04:22:34 | 001,769,862 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx9_37_x64.cab
[2010.06.02 04:22:34 | 001,443,282 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx9_37_x86.cab
[2010.06.02 04:22:34 | 000,818,260 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx10_37_x86.cab
[2010.06.02 04:22:34 | 000,055,058 | ---- | C] () -- C:\Program Files (x86)\Mar2008_X3DAudio_x64.cab
[2010.06.02 04:22:34 | 000,021,867 | ---- | C] () -- C:\Program Files (x86)\Mar2008_X3DAudio_x86.cab
[2010.06.02 04:22:32 | 000,937,246 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx9_43_x64.cab
[2010.06.02 04:22:32 | 000,844,884 | ---- | C] () -- C:\Program Files (x86)\Mar2008_d3dx10_37_x64.cab
[2010.06.02 04:22:32 | 000,768,036 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx9_43_x86.cab
[2010.06.02 04:22:32 | 000,278,060 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XAudio_x86.cab
[2010.06.02 04:22:32 | 000,277,338 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XAudio_x64.cab
[2010.06.02 04:22:32 | 000,124,596 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XACT_x64.cab
[2010.06.02 04:22:32 | 000,093,686 | ---- | C] () -- C:\Program Files (x86)\Jun2010_XACT_x86.cab
[2010.06.02 04:22:30 | 000,762,188 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dcsx_43_x86.cab
[2010.06.02 04:22:30 | 000,235,955 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx10_43_x64.cab
[2010.06.02 04:22:30 | 000,197,283 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx10_43_x86.cab
[2010.06.02 04:22:30 | 000,138,205 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx11_43_x64.cab
[2010.06.02 04:22:30 | 000,109,445 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dx11_43_x86.cab
[2010.06.02 04:22:28 | 000,944,460 | ---- | C] () -- C:\Program Files (x86)\Jun2010_D3DCompiler_43_x64.cab
[2010.06.02 04:22:28 | 000,931,471 | ---- | C] () -- C:\Program Files (x86)\Jun2010_D3DCompiler_43_x86.cab
[2010.06.02 04:22:28 | 000,752,783 | ---- | C] () -- C:\Program Files (x86)\Jun2010_d3dcsx_43_x64.cab
[2010.06.02 04:22:20 | 000,269,024 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XAudio_x86.cab
[2010.06.02 04:22:18 | 001,792,608 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx9_38_x64.cab
[2010.06.02 04:22:18 | 001,463,878 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx9_38_x86.cab
[2010.06.02 04:22:18 | 000,867,828 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx10_38_x64.cab
[2010.06.02 04:22:18 | 000,849,919 | ---- | C] () -- C:\Program Files (x86)\JUN2008_d3dx10_38_x86.cab
[2010.06.02 04:22:18 | 000,269,628 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XAudio_x64.cab
[2010.06.02 04:22:18 | 000,152,909 | ---- | C] () -- C:\Program Files (x86)\JUN2007_XACT_x86.cab
[2010.06.02 04:22:18 | 000,121,054 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XACT_x64.cab
[2010.06.02 04:22:18 | 000,093,128 | ---- | C] () -- C:\Program Files (x86)\JUN2008_XACT_x86.cab
[2010.06.02 04:22:18 | 000,055,154 | ---- | C] () -- C:\Program Files (x86)\JUN2008_X3DAudio_x64.cab
[2010.06.02 04:22:18 | 000,021,905 | ---- | C] () -- C:\Program Files (x86)\JUN2008_X3DAudio_x86.cab
[2010.06.02 04:22:16 | 001,607,774 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx9_34_x64.cab
[2010.06.02 04:22:16 | 001,607,286 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx9_34_x86.cab
[2010.06.02 04:22:16 | 001,064,925 | ---- | C] () -- C:\Program Files (x86)\Jun2005_d3dx9_26_x86.cab
[2010.06.02 04:22:16 | 000,699,044 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx10_34_x64.cab
[2010.06.02 04:22:16 | 000,698,472 | ---- | C] () -- C:\Program Files (x86)\JUN2007_d3dx10_34_x86.cab
[2010.06.02 04:22:16 | 000,197,122 | ---- | C] () -- C:\Program Files (x86)\JUN2007_XACT_x64.cab
[2010.06.02 04:22:16 | 000,180,785 | ---- | C] () -- C:\Program Files (x86)\JUN2006_XACT_x64.cab
[2010.06.02 04:22:16 | 000,133,671 | ---- | C] () -- C:\Program Files (x86)\JUN2006_XACT_x86.cab
[2010.06.02 04:22:14 | 001,336,002 | ---- | C] () -- C:\Program Files (x86)\Jun2005_d3dx9_26_x64.cab
[2010.06.02 04:22:14 | 000,277,191 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XAudio_x86.cab
[2010.06.02 04:22:14 | 000,276,960 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XAudio_x64.cab
[2010.06.02 04:22:14 | 000,122,446 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XACT_x64.cab
[2010.06.02 04:22:14 | 000,093,180 | ---- | C] () -- C:\Program Files (x86)\Feb2010_XACT_x86.cab
[2010.06.02 04:22:12 | 000,194,675 | ---- | C] () -- C:\Program Files (x86)\FEB2007_XACT_x64.cab
[2010.06.02 04:22:12 | 000,147,983 | ---- | C] () -- C:\Program Files (x86)\FEB2007_XACT_x86.cab
[2010.06.02 04:22:12 | 000,054,678 | ---- | C] () -- C:\Program Files (x86)\Feb2010_X3DAudio_x64.cab
[2010.06.02 04:22:12 | 000,020,713 | ---- | C] () -- C:\Program Files (x86)\Feb2010_X3DAudio_x86.cab
[2010.06.02 04:22:10 | 000,178,359 | ---- | C] () -- C:\Program Files (x86)\Feb2006_XACT_x64.cab
[2010.06.02 04:22:10 | 000,132,409 | ---- | C] () -- C:\Program Files (x86)\Feb2006_XACT_x86.cab
[2010.06.02 04:22:04 | 001,084,720 | ---- | C] () -- C:\Program Files (x86)\Feb2006_d3dx9_29_x86.cab
[2010.06.02 04:22:02 | 001,801,048 | ---- | C] () -- C:\Program Files (x86)\dsetup32.dll
[2010.06.02 04:22:02 | 001,574,376 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx9_32_x86.cab
[2010.06.02 04:22:02 | 001,362,796 | ---- | C] () -- C:\Program Files (x86)\Feb2006_d3dx9_29_x64.cab
[2010.06.02 04:22:02 | 001,247,499 | ---- | C] () -- C:\Program Files (x86)\Feb2005_d3dx9_24_x64.cab
[2010.06.02 04:22:02 | 001,013,225 | ---- | C] () -- C:\Program Files (x86)\Feb2005_d3dx9_24_x86.cab
[2010.06.02 04:22:02 | 000,537,432 | ---- | C] () -- C:\Program Files (x86)\DXSETUP.exe
[2010.06.02 04:22:02 | 000,192,475 | ---- | C] () -- C:\Program Files (x86)\DEC2006_XACT_x64.cab
[2010.06.02 04:22:02 | 000,145,599 | ---- | C] () -- C:\Program Files (x86)\DEC2006_XACT_x86.cab
[2010.06.02 04:22:02 | 000,094,011 | ---- | C] () -- C:\Program Files (x86)\dxupdate.cab
[2010.06.02 04:22:02 | 000,042,410 | ---- | C] () -- C:\Program Files (x86)\dxdllreg_x86.cab
[2010.06.02 04:22:00 | 001,571,154 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx9_32_x64.cab
[2010.06.02 04:22:00 | 001,357,976 | ---- | C] () -- C:\Program Files (x86)\Dec2005_d3dx9_28_x64.cab
[2010.06.02 04:22:00 | 001,079,456 | ---- | C] () -- C:\Program Files (x86)\Dec2005_d3dx9_28_x86.cab
[2010.06.02 04:22:00 | 000,273,264 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XAudio_x64.cab
[2010.06.02 04:22:00 | 000,272,642 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XAudio_x86.cab
[2010.06.02 04:22:00 | 000,212,807 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx10_00_x64.cab
[2010.06.02 04:22:00 | 000,191,720 | ---- | C] () -- C:\Program Files (x86)\DEC2006_d3dx10_00_x86.cab
[2010.06.02 04:22:00 | 000,122,408 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XACT_x64.cab
[2010.06.02 04:22:00 | 000,093,106 | ---- | C] () -- C:\Program Files (x86)\Aug2009_XACT_x86.cab
[2010.06.02 04:21:58 | 000,930,116 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx9_42_x64.cab
[2010.06.02 04:21:58 | 000,728,456 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx9_42_x86.cab
[2010.06.02 04:21:58 | 000,232,635 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx10_42_x64.cab
[2010.06.02 04:21:58 | 000,192,131 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx10_42_x86.cab
[2010.06.02 04:21:58 | 000,136,301 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx11_42_x64.cab
[2010.06.02 04:21:58 | 000,105,044 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dx11_42_x86.cab
[2010.06.02 04:21:56 | 003,319,740 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dcsx_42_x86.cab
[2010.06.02 04:21:56 | 003,112,111 | ---- | C] () -- C:\Program Files (x86)\Aug2009_d3dcsx_42_x64.cab
[2010.06.02 04:21:56 | 000,900,598 | ---- | C] () -- C:\Program Files (x86)\Aug2009_D3DCompiler_42_x86.cab
[2010.06.02 04:21:46 | 000,919,044 | ---- | C] () -- C:\Program Files (x86)\Aug2009_D3DCompiler_42_x64.cab
[2010.06.02 04:21:46 | 000,271,412 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XAudio_x64.cab
[2010.06.02 04:21:46 | 000,271,038 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XAudio_x86.cab
[2010.06.02 04:21:44 | 001,794,084 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx9_39_x64.cab
[2010.06.02 04:21:44 | 001,464,672 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx9_39_x86.cab
[2010.06.02 04:21:44 | 000,849,167 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx10_39_x86.cab
[2010.06.02 04:21:44 | 000,198,096 | ---- | C] () -- C:\Program Files (x86)\AUG2007_XACT_x64.cab
[2010.06.02 04:21:44 | 000,153,012 | ---- | C] () -- C:\Program Files (x86)\AUG2007_XACT_x86.cab
[2010.06.02 04:21:44 | 000,121,772 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XACT_x64.cab
[2010.06.02 04:21:44 | 000,092,996 | ---- | C] () -- C:\Program Files (x86)\Aug2008_XACT_x86.cab
[2010.06.02 04:21:42 | 001,800,160 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx9_35_x64.cab
[2010.06.02 04:21:42 | 001,708,152 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx9_35_x86.cab
[2010.06.02 04:21:42 | 000,867,612 | ---- | C] () -- C:\Program Files (x86)\Aug2008_d3dx10_39_x64.cab
[2010.06.02 04:21:42 | 000,852,286 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx10_35_x64.cab
[2010.06.02 04:21:42 | 000,796,867 | ---- | C] () -- C:\Program Files (x86)\AUG2007_d3dx10_35_x86.cab
[2010.06.02 04:21:40 | 001,350,542 | ---- | C] () -- C:\Program Files (x86)\Aug2005_d3dx9_27_x64.cab
[2010.06.02 04:21:40 | 001,077,644 | ---- | C] () -- C:\Program Files (x86)\Aug2005_d3dx9_27_x86.cab
[2010.06.02 04:21:40 | 000,182,903 | ---- | C] () -- C:\Program Files (x86)\AUG2006_XACT_x64.cab
[2010.06.02 04:21:40 | 000,137,235 | ---- | C] () -- C:\Program Files (x86)\AUG2006_XACT_x86.cab
[2010.06.02 04:21:40 | 000,087,142 | ---- | C] () -- C:\Program Files (x86)\AUG2006_xinput_x64.cab
[2010.06.02 04:21:40 | 000,053,302 | ---- | C] () -- C:\Program Files (x86)\APR2007_xinput_x86.cab
[2010.06.02 04:21:40 | 000,046,058 | ---- | C] () -- C:\Program Files (x86)\AUG2006_xinput_x86.cab
[2010.06.02 04:21:38 | 001,606,039 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx9_33_x86.cab
[2010.06.02 04:21:38 | 000,195,766 | ---- | C] () -- C:\Program Files (x86)\APR2007_XACT_x64.cab
[2010.06.02 04:21:38 | 000,151,225 | ---- | C] () -- C:\Program Files (x86)\APR2007_XACT_x86.cab
[2010.06.02 04:21:38 | 000,096,817 | ---- | C] () -- C:\Program Files (x86)\APR2007_xinput_x64.cab
[2010.06.02 04:21:36 | 001,607,358 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx9_33_x64.cab
[2010.06.02 04:21:36 | 000,698,612 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx10_33_x64.cab
[2010.06.02 04:21:36 | 000,695,865 | ---- | C] () -- C:\Program Files (x86)\APR2007_d3dx10_33_x86.cab
[2010.06.02 04:21:34 | 000,046,010 | ---- | C] () -- C:\Program Files (x86)\Apr2006_xinput_x86.cab
[2010.06.02 04:21:20 | 000,087,101 | ---- | C] () -- C:\Program Files (x86)\Apr2006_xinput_x64.cab
[2010.06.02 04:21:18 | 004,162,630 | ---- | C] () -- C:\Program Files (x86)\Apr2006_MDX1_x86_Archive.cab
[2010.06.02 04:21:18 | 000,916,430 | ---- | C] () -- C:\Program Files (x86)\Apr2006_MDX1_x86.cab
[2010.06.02 04:21:18 | 000,179,133 | ---- | C] () -- C:\Program Files (x86)\Apr2006_XACT_x64.cab
[2010.06.02 04:21:18 | 000,133,103 | ---- | C] () -- C:\Program Files (x86)\Apr2006_XACT_x86.cab
[2010.06.02 04:21:16 | 001,397,830 | ---- | C] () -- C:\Program Files (x86)\Apr2006_d3dx9_30_x64.cab
[2010.06.02 04:21:16 | 001,347,354 | ---- | C] () -- C:\Program Files (x86)\Apr2005_d3dx9_25_x64.cab
[2010.06.02 04:21:16 | 001,115,221 | ---- | C] () -- C:\Program Files (x86)\Apr2006_d3dx9_30_x86.cab
[2010.06.02 04:21:16 | 001,078,962 | ---- | C] () -- C:\Program Files (x86)\Apr2005_d3dx9_25_x86.cab
[2009.09.03 15:19:59 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009.09.03 15:12:41 | 000,776,614 | ---- | C] () -- C:\Program Files (x86)\Common Files\packardbell.ico
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
         
--- --- ---

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 17.12.2010 23:25:16 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = F:\
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 72,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,95 Gb Total Space | 358,78 Gb Free Space | 78,34% Space Free | Partition Type: NTFS
Drive D: | 458,46 Gb Total Space | 223,47 Gb Free Space | 48,74% Space Free | Partition Type: NTFS
Drive E: | 3,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 931,28 Gb Total Space | 771,47 Gb Free Space | 82,84% Space Free | Partition Type: FAT32
 
Computer Name: PC | User Name: MediaMarkt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %* File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{340A2AD6-0679-46DA-9180-DABBD5B36FD1}" = BitDefender Antivirus Pro 2011
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ECDF0939-A653-44D0-8B8E-597B890F45EC}" = Logitech Gaming Software 5.02
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"BitDefender" = BitDefender Antivirus Pro 2011
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{248e4799-db04-4b1a-902c-194669f995ce}" = Nero Move it
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{3A438F62-00EE-4422-906B-6D9E107FC33F}" = Serif DrawPlus X2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3f6c76b9-ad6f-4674-82f6-46e491b21791}" = Nero 9 Essentials
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6e345bf7-2af5-4adc-901c-72941b68258b}" = Nero Move it Essentials
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DCFC564-606E-424F-8A1C-56DD14908AF6}" = Serif PhotoPlus X2
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{D729E05E-B2B9-4DC4-AF57-47310576EDE0}" = G Data InternetSecurity SE
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{defa5390-8533-47b5-81f7-3816916bdc6f}" = Nero Move it Help
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"a-squared Anti-Malware_is1" = a-squared Anti-Malware 3.5 - 9x Edition
"Desktop-Lupe" = Desktop-Lupe 1.8
"Free Download Manager_is1" = Free Download Manager 2.5
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"JDownloader" = JDownloader
"MAGIX Fotobuch" = MAGIX Fotobuch 3.6
"MAGIX Media Suite D" = MAGIX Media Suite
"MAGIX Ringtone Maker SE D" = MAGIX Ringtone Maker SE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Metaboli" = Metaboli
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MP3 Ringtone Extractor_is1" = MP3 Ringtone Extractor 1.1
"mufin player D" = mufin player
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Photo Frame" = Packard Bell Photo Frame 4.2.3.10
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Software Suite SE" = Packard Bell Software Suite SE
"Packard Bell Welcome Center" = Welcome Center
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"StarCraft II" = StarCraft II
"Steam App 34030" = Napoleon: Total War
"Steam App 8930" = Sid Meier's Civilization V
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 18.11.2010 06:44:36 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CivilizationV.exe, Version: 1.0.0.62,
 Zeitstempel: 0x4cc5a14e  Name des fehlerhaften Moduls: MSVCP90.dll, Version: 9.0.30729.4926,
 Zeitstempel: 0x4a1743c5  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000d929  ID des fehlerhaften
 Prozesses: 0xba8  Startzeit der fehlerhaften Anwendung: 0x01cb87025b7609fd  Pfad der
 fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\sid meier's
 civilization v\CivilizationV.exe  Pfad des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\MSVCP90.dll
Berichtskennung:
 d56f0aac-f300-11df-8547-00016c71130c
 
Error - 18.11.2010 18:34:17 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 18.11.2010 18:34:17 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 18.11.2010 18:34:17 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error - 19.11.2010 18:21:56 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 19.11.2010 18:21:57 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 19.11.2010 18:21:57 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error - 20.11.2010 07:43:26 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 20.11.2010 07:43:26 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 20.11.2010 07:43:26 | Computer Name = PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
[ System Events ]
Error - 29.11.2010 15:50:32 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
 
Error - 29.11.2010 15:50:33 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
 
Error - 29.11.2010 15:50:33 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
 
Error - 29.11.2010 15:50:34 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
 
Error - 29.11.2010 16:04:46 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 04.12.2010 21:38:07 | Computer Name = PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?12.?2010 um 02:35:25 unerwartet heruntergefahren.
 
Error - 04.12.2010 21:38:17 | Computer Name = PC | Source = BugCheck | ID = 1001
Description = 
 
Error - 11.12.2010 10:43:34 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 11.12.2010 10:43:34 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 11.12.2010 10:43:35 | Computer Name = PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
 
< End of report >
         
--- --- ---

Alt 17.12.2010, 22:43   #8
cronolux
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Datenbank Version: 5346

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

17.12.2010 23:43:17
mbam-log-2010-12-17 (23-43-17).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 156094
Laufzeit: 1 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Alt 19.12.2010, 14:30   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



Zitat:
Art des Suchlaufs: Quick-Scan
Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 19.12.2010, 16:16   #10
cronolux
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



Malwarebytes' Anti-Malware 1.50
Malwarebytes

Datenbank Version: 5346

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

19.12.2010 17:11:02
mbam-log-2010-12-19 (17-11-02).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)
Durchsuchte Objekte: 304857
Laufzeit: 49 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Alt 19.12.2010, 16:18   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



Sieht alles unauffällig aus.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.12.2010, 06:45   #12
cronolux
 
malware,trojaner,oder doch nur paranoia ;)? - Standard

malware,trojaner,oder doch nur paranoia ;)?



danke,für die hilfe,arne.ich weiß deine mühe und den zeitaufwand zuschätzen. wünsche dir nen frohes fest,rutsch jut rein. bis denne

cronolux

Antwort

Themen zu malware,trojaner,oder doch nur paranoia ;)?
adobe, antivirus, avg, avg pc tuneup, bho, download, excel, explorer, firefox, firewall, frame, free download, google, hijack, hijackthis, internet, internet explorer, malware, mozilla, nvidia, packard bell, photoshop, proxy, security, software, system, syswow64, trojaner, windows, wmp



Ähnliche Themen: malware,trojaner,oder doch nur paranoia ;)?


  1. IncrediMail: Malware-Schleuder oder doch gebrauchbar?
    Diskussionsforum - 10.08.2014 (8)
  2. Frage zu Adware (oder doch Trojaner?)
    Plagegeister aller Art und deren Bekämpfung - 08.04.2014 (6)
  3. Irgendwo ist da was im System...? (oder Paranoia)
    Log-Analyse und Auswertung - 03.02.2011 (40)
  4. Trojaner oder doch Nero?
    Log-Analyse und Auswertung - 11.11.2010 (1)
  5. Kompromittierung! ...oder Paranoia?
    Log-Analyse und Auswertung - 23.10.2010 (1)
  6. Virus/Trojaner oder doch Wurm
    Plagegeister aller Art und deren Bekämpfung - 06.07.2010 (9)
  7. Virus, Trojaner oder doch Hardwaredefekt?
    Plagegeister aller Art und deren Bekämpfung - 31.07.2009 (2)
  8. Malware.trace network\UID Zlob oder doch anderer Virus?
    Plagegeister aller Art und deren Bekämpfung - 26.08.2008 (1)
  9. IBM Thinkpad - Infiziert oder Paranoia??!?
    Log-Analyse und Auswertung - 23.04.2008 (5)
  10. trojaner oder doch bloß paranoia ?!
    Log-Analyse und Auswertung - 14.01.2008 (18)
  11. Phisbank.ATD! Hab nun einen Trojaner oder doch nicht?
    Log-Analyse und Auswertung - 11.03.2007 (1)
  12. hab ich was oder habich paranoia
    Log-Analyse und Auswertung - 28.02.2007 (4)
  13. trojaner oder doch was anderes??
    Plagegeister aller Art und deren Bekämpfung - 17.01.2007 (6)
  14. Trojaner, oder doch nicht (Win32.Small.dna)???
    Plagegeister aller Art und deren Bekämpfung - 18.08.2006 (1)
  15. Trojaner Rdriv.sys entgangen - oder doch nicht?
    Log-Analyse und Auswertung - 25.07.2005 (5)
  16. Noch ein Trojaner-Opfer -oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 21.03.2005 (4)
  17. Trojaner? Oder doch was anderes?
    Plagegeister aller Art und deren Bekämpfung - 30.12.2003 (10)

Zum Thema malware,trojaner,oder doch nur paranoia ;)? - hey leute,schaut euch das ma an und sacht mir was dazu, hab ich probleme ? HiJackthis Logfile: Code: Alles auswählen Aufklappen ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved - malware,trojaner,oder doch nur paranoia ;)?...
Archiv
Du betrachtest: malware,trojaner,oder doch nur paranoia ;)? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.