Trojaner-Board - Antivir Echtzeit-Scanner wird blockiert nach Fund: TR/ATRAPS.GEN

Hi!
Erst einmal danke für die weiterführenden Schritte.
Ich habe OTL mal durchlaufenlassen.

Was neu ist, Windows zeigt ständig Fehlermeldungen, dass irgendwelche Dateien nicht mehr existieren oder fehlerhaft sind. So kann ich den Taskmanager auch nicht mehr starten weil "pcwum.dll" nicht zu finden.

Nunja wie dem auch sei, folgende Logfiles hat's gegeben:

Logfile 1(OTL)

Code:

OTL logfile created on: 05.08.2012 11:21:16 - Run 1

OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\Lukas\Downloads

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,95 Gb Total Physical Memory | 5,83 Gb Available Physical Memory | 73,29% Memory free

15,90 Gb Paging File | 13,67 Gb Available in Paging File | 85,97% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 387,54 Gb Total Space | 117,35 Gb Free Space | 30,28% Space Free | Partition Type: NTFS

 

Computer Name: NOTEBOOK_LUKAS | User Name: Lukas | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Lukas\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe (Adobe Systems, Inc.)

PRC - C:\Users\Lukas\lapqeteazore.exe ()

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Users\Lukas\Documents\xampp\apache\bin\httpd.exe (Apache Software Foundation)

PRC - C:\Users\Lukas\Documents\xampp\mysql\bin\mysqld.exe ()

PRC - C:\Users\Lukas\Documents\xampp\filezillaftp\filezillaserver.exe (FileZilla Project)

PRC - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (738ee479cdefbaee) -- C:\Windows\SysNative\drivers\738ee479cdefbaee.sys ()

SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (Apache2.2) -- C:\Users\Lukas\Documents\xampp\apache\bin\httpd.exe (Apache Software Foundation)

SRV - (mysql) -- C:\Users\Lukas\Documents\xampp\mysql\bin\mysqld.exe ()

SRV - (FileZilla Server) -- C:\Users\Lukas\Documents\xampp\filezillaftp\filezillaserver.exe (FileZilla Project)

SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)

SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)

SRV - (ose64) -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (NIHardwareService) -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (WTGService) -- C:\Program Files (x86)\Verbindungsassistent\WTGService.exe ()

SRV - (AAV UpdateService) -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()

SRV - (KMService) -- C:\Windows\SysWOW64\srvany.exe ()

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys ()

DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\DRIVERS\avkmgr.sys ()

DRV:64bit: - (738ee479cdefbaee) -- C:\Windows\SysNative\drivers\738ee479cdefbaee.sys ()

DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys ()

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys ()

DRV:64bit: - (Uim_IM) -- C:\Windows\SysNative\Drivers\Uim_IMx64.sys ()

DRV:64bit: - (UimBus) -- C:\Windows\SysNative\DRIVERS\uimx64.sys ()

DRV:64bit: - (Uim_VIM) -- C:\Windows\SysNative\Drivers\uim_vimx64.sys ()

DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\DRIVERS\IntcDAud.sys ()

DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys ()

DRV:64bit: - (netr28x) -- C:\Windows\SysNative\DRIVERS\netr28x.sys ()

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\DRIVERS\Rt64win7.sys ()

DRV:64bit: - (ak1avs) -- C:\Windows\SysNative\Drivers\ak1avs.sys ()

DRV:64bit: - (ak1usb_svc) -- C:\Windows\SysNative\Drivers\ak1usb.sys ()

DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\DRIVERS\VBoxNetAdp.sys ()

DRV:64bit: - (VClone) -- C:\Windows\SysNative\DRIVERS\VClone.sys ()

DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys ()

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys ()

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\tsusbflt.sys ()

DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys ()

DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\synth3dvsc.sys ()

DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys ()

DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys ()

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys ()

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys ()

DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys ()

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys ()

DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\DRIVERS\HECIx64.sys ()

DRV:64bit: - (InputFilter_Hid_FlexDef2b) -- C:\Windows\SysNative\DRIVERS\InputFilter_FlexDef2b.sys ()

DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\Drivers\TFsExDisk.sys ()

DRV:64bit: - (ss_bmdm) -- C:\Windows\SysNative\DRIVERS\ss_bmdm.sys ()

DRV:64bit: - (ss_bbus) -- C:\Windows\SysNative\DRIVERS\ss_bbus.sys ()

DRV:64bit: - (ss_bmdfl) -- C:\Windows\SysNative\DRIVERS\ss_bmdfl.sys ()

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys ()

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys ()

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys ()

DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys ()

DRV:64bit: - (StillCam) -- C:\Windows\SysNative\DRIVERS\serscan.sys ()

DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys ()

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys ()

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys ()

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys ()

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys ()

DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (hwdatacard) -- C:\Windows\SysWOW64\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\..\SearchScopes\{758B870D-DF78-4A6A-9955-DEDDCACF94DC}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 11 34 9E D1 D9 DA CC 01  [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

IE - HKCU\..\SearchScopes\{758B870D-DF78-4A6A-9955-DEDDCACF94DC}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..network.proxy.type: 4

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00:  File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5FE7198A-5950-4068-9FBF-1A60395CC4E9}: C:\Program Files (x86)\1&1\1&1 SoftPhone\Firefox [2012.05.01 19:00:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.03 21:35:42 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.03 21:35:40 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mail@gutscheinrausch.de: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\l1ehoxqn.default\extensions\mail@gutscheinrausch.de

 

[2012.01.29 10:25:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukas\AppData\Roaming\mozilla\Extensions

[2012.08.04 17:01:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukas\AppData\Roaming\mozilla\Firefox\Profiles\l1ehoxqn.default\extensions

[2012.08.03 21:35:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.08.03 21:35:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions

[2012.02.18 20:59:10 | 000,550,833 | ---- | M] () (No name found) -- C:\USERS\LUKAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L1EHOXQN.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI

[2012.08.02 16:21:41 | 000,013,136 | ---- | M] () (No name found) -- C:\USERS\LUKAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L1EHOXQN.DEFAULT\EXTENSIONS\INFO@ELIME.BE.XPI

[2012.07.19 21:42:07 | 000,017,492 | ---- | M] () (No name found) -- C:\USERS\LUKAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L1EHOXQN.DEFAULT\EXTENSIONS\NEWTABMOD@BYTEDISORDER.COM.XPI

[2012.03.22 23:58:49 | 000,129,384 | ---- | M] () (No name found) -- C:\USERS\LUKAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L1EHOXQN.DEFAULT\EXTENSIONS\SCILORSGROOVEUNLOCKER@SCILOR.COM.XPI

[2012.08.03 21:35:42 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.03.26 15:06:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2012.07.09 17:50:45 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.07.20 16:05:26 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.07.09 17:50:45 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.07.09 17:50:45 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.07.09 17:50:45 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.07.09 17:50:45 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - homepage: hxxp://www.google.com

CHR - homepage: hxxp://www.google.com

CHR - Extension: YouTube = C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\

CHR - Extension: Google-Suche = C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\

CHR - Extension: Google Mail = C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

 

O1 HOSTS File: ([2012.06.02 02:11:36 | 000,003,806 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 adobe.activate.com

O1 - Hosts: 127.0.0.1 practivate.adobe.com

O1 - Hosts: 127.0.0.1 ereg.adobe.com

O1 - Hosts: 127.0.0.1 adobeereg.com

O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com

O1 - Hosts: 127.0.0.1 wip3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com

O1 - Hosts: 127.0.0.1 activate-sea.adobe.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com

O1 - Hosts: 127.0.0.1 adobeereg.com

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 practivate.adobe.com

O1 - Hosts: 127.0.0.1 ereg.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com

O1 - Hosts: 127.0.0.1 wip3.adobe.com

O1 - Hosts: 71 more lines...

O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)

O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found

O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [NPSStartup]  File not found

O4 - HKLM..\Run: [Regedit32] C:\Windows\system32\regedit.exe File not found

O4 - HKCU..\Run: [AdobeBridge]  File not found

O4 - HKCU..\Run: [lapqeteazore] C:\Users\Lukas\lapqeteazore.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: In 1&&1 SoftPhone wählen - C:\ProgramData\1&1\1&1 SoftPhone\ContextMenuHandler.html ()

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: In 1&&1 SoftPhone wählen - C:\ProgramData\1&1\1&1 SoftPhone\ContextMenuHandler.html ()

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{870D15D3-C4C2-41E7-A5D0-442D5253584F}: DhcpNameServer = 192.168.42.129

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{928B21E6-80B6-4A09-B62F-9BDF205AAF96}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)

O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{3bd03c93-ac88-11e1-ab5d-ec9a743e8b9e}\Shell - "" = AutoRun

O33 - MountPoints2\{3bd03c93-ac88-11e1-ab5d-ec9a743e8b9e}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{3bd03c98-ac88-11e1-ab5d-ec9a743e8b9e}\Shell - "" = AutoRun

O33 - MountPoints2\{3bd03c98-ac88-11e1-ab5d-ec9a743e8b9e}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{9ca22313-4e27-11e1-9dee-ec9a743e8b9e}\Shell - "" = AutoRun

O33 - MountPoints2\{9ca22313-4e27-11e1-9dee-ec9a743e8b9e}\Shell\AutoRun\command - "" = E:\Startme.exe

O33 - MountPoints2\{fbd20e35-4734-11e1-945d-94503fe858b6}\Shell - "" = AutoRun

O33 - MountPoints2\{fbd20e35-4734-11e1-945d-94503fe858b6}\Shell\AutoRun\command - "" = F:\start.exe

O33 - MountPoints2\E\Shell - "" = AutoRun

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.08.04 23:06:42 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{E6A1A833-67B5-4859-8B6E-98149C1CB260}

[2012.08.04 23:06:31 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{581EFE1A-DB46-4D11-B00E-3FEAA8BA3920}

[2012.08.04 10:21:33 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{2BCE4CC4-5E8A-4A4F-B1C2-B3B3E0964A79}

[2012.08.04 10:21:21 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{62C426EA-18BA-4D04-8F3D-7C4583736989}

[2012.08.03 22:20:50 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{72524609-C62E-4334-8C66-D8CC90F3EC3F}

[2012.08.03 22:20:37 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{12AAB31E-ED88-47F2-AF6A-DA128B085057}

[2012.08.03 21:45:29 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Malwarebytes

[2012.08.03 21:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.08.03 21:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.08.03 21:45:17 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.08.03 21:45:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.08.03 21:40:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012.08.03 21:35:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2012.08.03 10:20:10 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{129BD54F-1ABA-48A4-B303-56C174971084}

[2012.08.03 10:19:58 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{3AABCFF9-28A6-4E10-9347-276329299A11}

[2012.08.02 20:07:08 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{0E7E3E8C-372B-4EE3-A508-1390D54579F3}

[2012.08.02 20:06:55 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{B14AEE14-A799-46D9-A59B-111A7320F369}

[2012.08.02 16:03:18 | 000,000,000 | ---D | C] -- C:\Users\Lukas\workspace

[2012.08.02 16:02:39 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Desktop\eclipse

[2012.08.02 08:06:29 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{759016A8-A494-40B6-BDDF-910EF9E4FE47}

[2012.08.02 08:06:17 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{718F61F3-B2D1-4C0B-ABEF-2259D01D0E90}

[2012.08.01 11:13:50 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{04285DDD-99F2-403D-9A48-055D277B390E}

[2012.08.01 11:13:38 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{4ADB0A6D-64ED-4E3C-B1DC-39B0A9E87CD1}

[2012.07.31 21:35:05 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{F30C7FBA-1AA1-4D23-8E31-D3AD3FFE7C99}

[2012.07.31 21:34:53 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{5F60641C-D475-4446-BC09-E59286C0EA95}

[2012.07.31 09:34:28 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{78D7BDEB-F19D-4394-99CA-019F5CB863BD}

[2012.07.31 09:34:16 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{3BCAEB0B-D1CA-4400-B9D6-C888F9593A00}

[2012.07.30 19:51:25 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{D74EE2BC-1273-4759-ABD3-7CA145912AC8}

[2012.07.30 19:51:14 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{556AC4E3-94DA-4173-A61B-8FADF4EB49F0}

[2012.07.30 06:15:14 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{822FE345-12CB-4525-BD42-05104B1F3B31}

[2012.07.30 06:15:02 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{C0D91DEA-8ACC-4EC3-9272-26EB01C61473}

[2012.07.29 17:23:27 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{6F96333C-4018-4D28-8705-62AE94E7C62C}

[2012.07.29 17:23:16 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{00EDB114-582C-49C5-AA95-08CFAF3FF218}

[2012.07.29 13:58:53 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{EDCCD211-1681-4F24-97F2-300FBD7F8BD4}

[2012.07.29 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{C8F84DA0-D550-47CD-BCD2-F4D8D53F0D30}

[2012.07.29 00:01:06 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{D7EB7009-E53F-44CF-B488-CAC6D3C828A9}

[2012.07.29 00:00:55 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{5BD7DAA7-0550-487E-B355-8611052FE9EB}

[2012.07.28 10:46:44 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{04A29FB5-63B8-44A9-A3CC-E5B1C528B572}

[2012.07.28 10:46:30 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{C9D09AB7-9C69-475C-8078-D13C0E8E3773}

[2012.07.27 08:39:34 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{C5009F04-0C6D-4F67-8BED-BF7C510D7154}

[2012.07.27 08:39:23 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{1196D46D-40FA-4C06-B0D7-90012C97348B}

[2012.07.26 20:38:57 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{BB5A5EB4-C91A-4CD7-B515-360294FD89C6}

[2012.07.26 20:38:46 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{7F3714B2-A4C1-4706-9B2C-282E19145F00}

[2012.07.26 08:38:20 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{718A6A70-EE12-4571-B89D-4DFB1CB5819B}

[2012.07.26 08:38:08 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{3536EB19-266E-4692-889F-99716FF5C698}

[2012.07.25 20:13:02 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{49223E55-FD97-457E-86C3-19BE3C5651FF}

[2012.07.25 20:12:50 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{8FCCD218-E9FA-4A14-9F50-804B40DB2EC6}

[2012.07.25 08:12:25 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{65BD8A7E-AAAE-443F-9202-3C85648EB5AE}

[2012.07.25 08:12:13 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{7232195A-E579-4ED0-86AA-F1D603D3E011}

[2012.07.24 13:23:42 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{F47B9CEA-71DC-461D-AAD4-82F48344402E}

[2012.07.24 13:23:31 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{39B05986-9BCD-424A-8A7B-63EFC2271FB4}

[2012.07.24 01:23:06 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{0FFF76CF-391B-419B-A666-D83B900574DB}

[2012.07.24 01:22:54 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{52E7C5FE-65AF-4DC1-A201-F8FAD49CD603}

[2012.07.23 13:22:28 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{1BCE81D5-AA69-46D0-B9DE-00F034FBA3EB}

[2012.07.23 13:22:16 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{9C880A9C-F5EA-4FF2-ACCD-632B6A61C29A}

[2012.07.22 10:27:16 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{13476589-F464-4616-A87C-1105F032A5EC}

[2012.07.22 10:26:54 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{3BEB1EA8-34EA-4E58-A4FC-6AC7354C2EC3}

[2012.07.21 21:01:55 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{7A020665-F9C9-40E5-B91E-A8FA875D38D4}

[2012.07.21 21:01:29 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{017CF8F4-DB47-4E96-9478-472AF6DB5D01}

[2012.07.21 09:01:05 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{515B148A-4DCA-4B60-9B20-0326A23114E0}

[2012.07.21 09:00:44 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{1E03AAF5-254E-4219-8DC8-7A833B874420}

[2012.07.20 21:00:20 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{9829D301-43E7-4C4F-B9D6-1A968FE6814C}

[2012.07.20 20:59:58 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{ABDC4C02-4B66-43E6-A22F-649B4819B7F1}

[2012.07.20 08:59:34 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{4FDC1E79-A49C-4A6E-B6DE-82ACCE03EA77}

[2012.07.20 08:59:11 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{87D94C98-01AF-49AB-9294-650C570797D1}

[2012.07.19 20:58:44 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{098D84CC-CD23-4B49-B2C4-73C1C2047729}

[2012.07.19 20:58:18 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{0A77D450-90D8-4EBB-81F6-E4DE0E63D7EB}

[2012.07.19 08:57:01 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{2B29211A-FB42-4DC7-8DE8-376BE5520B73}

[2012.07.19 08:56:39 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{B0CD3E0B-779D-4A21-827A-46FDFBA0D99C}

[2012.07.18 20:56:15 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{56019E05-FF5F-49A2-8652-D41341B912FA}

[2012.07.18 20:55:53 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{A01DC020-83AD-484A-BE02-AF5D058565D1}

[2012.07.18 08:55:41 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{E4CA43A9-8D86-42D3-AE1C-000D10D10DD6}

[2012.07.18 08:55:19 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{55A4E710-18E3-4168-8297-2A09267FEDB5}

[2012.07.17 20:48:47 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{39AFFE83-9D1A-4D56-BABA-83377CA2B920}

[2012.07.17 20:48:25 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{5F7CEED3-9F0E-46D9-9833-5B522BD3E9C3}

[2012.07.17 08:48:01 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{3A16DF7D-EB51-4F80-912F-0E4C2B4ACB21}

[2012.07.17 08:47:37 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{CDEBACFE-CC39-4301-B028-7B688B3AC9C1}

[2012.07.16 19:47:03 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{8F8EF716-C8A4-42B4-8CBF-9A9C6109C746}

[2012.07.16 19:44:15 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{E062145F-82F2-4914-8A09-55684B574C82}

[2012.07.16 07:43:50 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{2EC456B0-B388-455C-AB38-563E95DC6EA4}

[2012.07.16 07:43:38 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{F27C71A8-0BEE-4C92-BFE8-64E656C2DBA1}

[2012.07.15 19:43:26 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{4E81E0CE-135B-4035-BB3C-8F0E89827F40}

[2012.07.15 19:43:14 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{AF8C7AC6-E61B-4630-A751-1614F4AB225F}

[2012.07.14 22:07:00 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{CDCB0FC7-B0C5-4215-A974-11488EDB4077}

[2012.07.14 22:06:48 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{3EF88E5A-222A-4B30-AF44-476C34A96D44}

[2012.07.14 10:06:22 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{0644D0F1-95A1-4AAF-A56C-E9CBBE84274B}

[2012.07.14 10:06:09 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{41D0A550-7CB4-4531-BA2F-A0C013B77C23}

[2012.07.13 09:42:47 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{929042B4-CCF8-43C9-9750-68A236934A37}

[2012.07.13 09:42:35 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{F2FD00B7-041D-46FE-AD57-FE4AFA9A6478}

[2012.07.12 21:42:10 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{02DD909C-5188-4520-8DE4-67579D99DB7D}

[2012.07.12 21:41:58 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{92BD13E5-1988-4647-8DFA-E18148EB3C3D}

[2012.07.12 09:41:32 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{E6ED21C7-1AB4-4D73-9CEE-58751D56882B}

[2012.07.12 09:41:20 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{659ADFA2-0A6C-4CC1-94ED-64E249F99293}

[2012.07.11 00:23:41 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{1C379E1C-C17C-4907-934B-F669A5E08AA2}

[2012.07.11 00:23:30 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{3EC773CF-7F18-4A6A-B1D3-BED26CAE3ED4}

[2012.07.10 12:23:04 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{809FEE29-95A7-491B-B453-B30222B6C1D5}

[2012.07.10 12:22:52 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{D665E085-726D-4410-BDF3-73A55A585ACD}

[2012.07.09 21:42:58 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{68737564-B661-49F5-AD5E-3AAEE629D471}

[2012.07.09 21:42:46 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{1252D90F-FD16-4A0D-95E5-A68B5B6AF090}

[2012.07.09 09:42:21 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{95B9D38D-453A-4B2C-9150-AD0A5FFBBC08}

[2012.07.09 09:42:10 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{8271BEAC-EB2C-4CB9-B73B-E9E51AE36B44}

[2012.07.08 13:25:25 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{62C5A8C4-FCBA-4980-A0C7-C2EF84594C9B}

[2012.07.08 13:25:12 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{4AB9461B-A78D-4B53-9579-48C9D39C58FE}

[2012.07.07 16:41:06 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{505D0D58-1C84-4451-966F-274E79E222AF}

[2012.07.07 16:40:46 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\{B0F8BCC0-3592-4184-8C23-62E173ADAA74}

[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.08.05 11:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.08.05 10:41:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.08.04 20:41:41 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.08.04 20:41:41 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.08.04 20:41:41 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.08.04 20:41:41 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.08.04 20:41:41 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.08.04 20:40:12 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.08.04 20:37:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.08.04 20:37:11 | 2106,478,591 | -HS- | M] () -- C:\hiberfil.sys

[2012.08.04 14:01:52 | 000,132,832 | ---- | M] () -- C:\Windows\SysNative\drivers\avipbb.sys

[2012.08.04 14:01:52 | 000,027,760 | ---- | M] () -- C:\Windows\SysNative\drivers\avkmgr.sys

[2012.08.03 21:45:18 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.08.03 00:17:13 | 000,000,132 | ---- | M] () -- C:\Users\Lukas\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2012.08.02 22:12:19 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012.08.02 22:12:19 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012.08.02 08:32:00 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk

[2012.08.01 16:07:38 | 000,205,524 | ---- | M] () -- C:\Users\Lukas\Documents\ver4.pdf

[2012.08.01 16:07:31 | 000,221,133 | ---- | M] () -- C:\Users\Lukas\Documents\ver3.pdf

[2012.08.01 16:07:26 | 000,419,018 | ---- | M] () -- C:\Users\Lukas\Documents\ver2.pdf

[2012.08.01 16:07:22 | 000,841,321 | ---- | M] () -- C:\Users\Lukas\Documents\ver.pdf

[2012.08.01 15:14:28 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.08.01 15:14:28 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.08.01 14:47:42 | 000,083,912 | ---- | M] () -- C:\Windows\SysNative\drivers\738ee479cdefbaee.sys

[2012.08.01 14:45:03 | 000,090,584 | ---- | M] () -- C:\Users\Lukas\lapqeteazore.exe

[2012.07.23 21:37:50 | 000,002,037 | ---- | M] () -- C:\Users\Lukas\Desktop\JDownloader.lnk

[2012.07.18 08:27:50 | 004,998,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.07.17 09:40:02 | 000,000,132 | ---- | M] () -- C:\Users\Lukas\AppData\Roaming\Adobe AIFF Format CS5 Prefs

[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.08.04 14:02:02 | 000,027,760 | ---- | C] () -- C:\Windows\SysNative\drivers\avkmgr.sys

[2012.08.04 14:02:01 | 000,132,832 | ---- | C] () -- C:\Windows\SysNative\drivers\avipbb.sys

[2012.08.03 21:45:18 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.08.01 16:23:00 | 000,023,552 | ---- | C] () -- C:\Windows\Installer\{53ead68d-40ec-2adc-a57c-6f72105897c5}\U\800000cb.@

[2012.08.01 16:22:57 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{53ead68d-40ec-2adc-a57c-6f72105897c5}\U\80000000.@

[2012.08.01 16:07:38 | 000,205,524 | ---- | C] () -- C:\Users\Lukas\Documents\ver4.pdf

[2012.08.01 16:07:31 | 000,221,133 | ---- | C] () -- C:\Users\Lukas\Documents\ver3.pdf

[2012.08.01 16:07:26 | 000,419,018 | ---- | C] () -- C:\Users\Lukas\Documents\ver2.pdf

[2012.08.01 16:07:22 | 000,841,321 | ---- | C] () -- C:\Users\Lukas\Documents\ver.pdf

[2012.08.01 14:47:42 | 000,083,912 | ---- | C] () -- C:\Windows\SysNative\drivers\738ee479cdefbaee.sys

[2012.08.01 14:45:29 | 000,090,584 | ---- | C] () -- C:\Users\Lukas\lapqeteazore.exe

[2012.08.01 14:45:14 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{53ead68d-40ec-2adc-a57c-6f72105897c5}\U\00000001.@

[2012.07.29 13:57:42 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.07.23 21:37:50 | 000,002,037 | ---- | C] () -- C:\Users\Lukas\Desktop\JDownloader.lnk

[2012.07.17 09:40:02 | 000,000,132 | ---- | C] () -- C:\Users\Lukas\AppData\Roaming\Adobe AIFF Format CS5 Prefs

[2012.06.02 15:18:18 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{53ead68d-40ec-2adc-a57c-6f72105897c5}\@

[2012.06.02 15:18:18 | 000,002,048 | -HS- | C] () -- C:\Users\Lukas\AppData\Local\{53ead68d-40ec-2adc-a57c-6f72105897c5}\@

[2012.05.02 22:25:26 | 000,000,132 | ---- | C] () -- C:\Users\Lukas\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2012.03.02 20:39:39 | 000,000,473 | ---- | C] () -- C:\Windows\zelscope.ini

[2012.02.27 07:10:49 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll

[2012.02.18 18:52:12 | 000,000,700 | ---- | C] () -- C:\Windows\wiso.ini

[2012.02.07 08:53:31 | 000,003,584 | ---- | C] () -- C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.01.29 10:25:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2012.01.26 01:21:57 | 000,078,717 | ---- | C] () -- C:\Windows\hpqins05.dat

[2012.01.26 00:45:59 | 000,184,150 | ---- | C] () -- C:\Windows\hpoins46.dat.temp

[2012.01.26 00:45:59 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp

[2012.01.25 23:26:16 | 000,211,056 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL

[2012.01.25 14:15:32 | 000,217,119 | ---- | C] () -- C:\Windows\hpoins46.dat

[2012.01.25 14:15:32 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat

[2012.01.25 11:56:03 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe

[2012.01.24 23:00:32 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat

[2012.01.24 22:36:19 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2012.01.24 22:33:20 | 001,591,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.08.26 12:54:00 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2011.08.26 12:53:54 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2011.08.26 12:53:50 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

[2011.08.26 12:53:48 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

[2011.08.26 12:53:48 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 16 bytes -> C:\Users\Lukas\Downloads:Shareaza.GUID
 

< End of report >

Logfile 2

Code:

OTL Extras logfile created on: 05.08.2012 11:21:16 - Run 1

OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\Lukas\Downloads

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,95 Gb Total Physical Memory | 5,83 Gb Available Physical Memory | 73,29% Memory free

15,90 Gb Paging File | 13,67 Gb Available in Paging File | 85,97% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 387,54 Gb Total Space | 117,35 Gb Free Space | 30,28% Space Free | Partition Type: NTFS

 

Computer Name: NOTEBOOK_LUKAS | User Name: Lukas | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

.reg[@ = regfile] -- C:\Windows\regedit.exe ()

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.reg [@ = regfile] -- C:\Windows\regedit.exe ()

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [open] -- regedit.exe "%1" ()

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [ID3-TagIT] -- "C:\Program Files (x86)\ID3-TagIT 3\ID3-TagIT.exe" "/P=%1" ( )

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [userfull] -- cmd.exe /c takeown /f "%1" /r /d j && icacls "%1" /grant Benutzer:F /T /C /L (Microsoft Corporation)

Directory [usernormal] -- cmd.exe /c icacls "%1" /reset /T /C /L (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [open] -- regedit.exe "%1" ()

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [ID3-TagIT] -- "C:\Program Files (x86)\ID3-TagIT 3\ID3-TagIT.exe" "/P=%1" ( )

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [userfull] -- cmd.exe /c takeown /f "%1" /r /d j && icacls "%1" /grant Benutzer:F /T /C /L (Microsoft Corporation)

Directory [usernormal] -- cmd.exe /c icacls "%1" /reset /T /C /L (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2380258265-3006174749-279724184-1001]

"EnableNotifications" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== System Restore Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 4

 
 ========== Firewall Settings ==========

 
 ========== Authorized Applications List ==========

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor

"{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}" = HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6

"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)

"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64

"{82E3FBCE-9BA2-44E3-9FF9-EFE9E8B70131}" = Oracle VM VirtualBox 4.0.4

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010

"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010

"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010

"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010

"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010

"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010

"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010

"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010

"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010

"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010

"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010

"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010

"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010

"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64

"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer

"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"CCleaner" = CCleaner

"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Office14.PROPLUS" = Microsoft Office Professional Plus 2010

"SpeedCommander 13 (x64)" = SpeedCommander 13 (x64)

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"WinRAR archiver" = WinRAR 4.00 (64-Bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0215A652-E081-4B09-9333-DC85AAB67FFA}" = Adobe Dreamweaver CS5.5

"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan

"{07EF3970-F8E5-4A27-A5A3-230484D35026}" = Microsoft Expression Encoder 4

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{08D605B4-DCD1-451F-ABD7-52E6BB868E4E}" = Microsoft Expression Design 4

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer 2012

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6

"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant

"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection

"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK

"{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31

"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox

"{2B11BA9C-7F97-4C16-970F-1491FD77969B}_is1" = GutscheinRausch.de - AddOn für Firefox

"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component

"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5

"{4C6D5779-A766-45DF-9938-D6F595A66F2B}" = Microsoft Expression Blend 4

"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content

"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01

"{59E13EA0-9604-47DF-BEB7-3651E6E09221}" = Scope

"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter

"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1)

"{5F8D931D-B230-47F3-A9C0-0C8CA459A332}" = Microsoft Expression Web 4

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX

"{801B0DA3-A3FF-46CC-B97F-D76D510AF5AE}" = Microsoft Silverlight 4 SDK

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{85498904-0748-45AA-9482-6DB8EA971B91}" = DJ_AIO_06_F4500_SW_MIN

"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT5390 802.11b/g/n WiFi Adapter

"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum

"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6

"{990036E7-D647-45A4-8F7F-1CB277EF0ABD}" = RollerCoaster Tycoon 3 Demo

"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A06FE62B-CEBC-4E94-AED8-92DCC33BC8EA}" = Microsoft Expression Studio 4

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch

"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set

"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

"{B91D6B0B-296F-421D-B697-EE5F4F09AB18}" = Zelscope

"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2

"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content

"{BDD94A53-3F42-48ED-BB61-B3F85AE93EEE}_is1" = Chicken Invaders 4 Osteredition Version 4.13int

"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser

"{BF127B80-CFD5-4379-9752-E8AF1A5D0141}" = Microsoft Expression Encoder 4 Screen Capture Codec

"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery™ 2012 Free

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5

"{C9BEFDFB-A2DD-4D88-881C-3B303CCE384E}" = ActiveState Komodo Edit 7.0.2

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D4911E92-A059-4901-8AB3-8638B6D96456}_is1" = Groovedown Version 0.84

"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player

"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set

"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne

"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics

"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01

"{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}" = Microsoft Expression Web 4 Service Pack 2

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"1&1 SoftPhone" = 1&1 SoftPhone

"5513-1208-7298-9440" = JDownloader 0.9

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)

"Avira AntiVir Desktop" = Avira Free Antivirus

"Blend_4.0.20525.0" = Microsoft Expression Blend 4

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"Cheat Engine 6.1_is1" = Cheat Engine 6.1

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser

"Debut" = Debut Video Capture Software

"Design_7.0.20516.0" = Microsoft Expression Design 4

"Emperor" = Emperor - Schlacht um Dune

"Encoder_4.0.1639.0" = Microsoft Expression Encoder 4

"ESET Online Scanner" = ESET Online Scanner v3

"ExpressionStudio_4.0.20525.0" = Microsoft Expression Studio 4

"FileZilla Client" = FileZilla Client 3.5.3

"Foxit Reader_is1" = Foxit Reader 5.1

"Game Booster_is1" = Game Booster

"Google Chrome" = Google Chrome

"HashCheck Shell Extension" = HashCheck Shell Extension (x86-32)

"ID3-TagIT 3_is1" = ID3-TagIT 3

"ImgBurn" = ImgBurn

"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10

"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"LAME for Audacity_is1" = LAME v3.98.3 for Audacity

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300

"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Native Instruments Controller Editor" = Native Instruments Controller Editor

"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4

"Native Instruments Service Center" = Native Instruments Service Center

"Nvu_is1" = Nvu 1.0

"Totalcmd" = Total Commander (Remove or Repair)

"Verbindungsassistent" = Verbindungsassistent

"VGEE" = Vista Game Explorer Editor

"Virtual Guitarist" = Steinberg Virtual Guitarist

"VirtualCloneDrive" = VirtualCloneDrive

"VLC media player" = VLC media player 1.1.7

"Web_4.0.1303.0" = Microsoft Expression Web 4

"WinGimp-2.0_is1" = GIMP 2.6.11

"WinLiveSuite" = Windows Live Essentials

"WOLAPI" = Gemeinsam genutzte Internet-Komponenten von Westwood

"World of Warcraft" = World of Warcraft

"X - Beyond the Frontier" = X - Beyond the Frontier

"xampp" = XAMPP 1.7.7

"Youtube Music Downloader_is1" = Youtube Music Downloader V3.7.9

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"VirtuaGirl_is1" = VirtuaGirl Version 1.1.0.12

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 04.08.2012 22:25:34 | Computer Name = Notebook_Lukas | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bd026  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,

 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc06d007f  Fehleroffset: 0x000000000000cacd

ID

 des fehlerhaften Prozesses: 0xfb8  Startzeit der fehlerhaften Anwendung: 0x01cd72b198075cdd

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: d5b8aa7e-dea4-11e1-8584-ec9a743e8b9e

 

Error - 04.08.2012 22:45:30 | Computer Name = Notebook_Lukas | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bd026  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,

 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc06d007f  Fehleroffset: 0x000000000000cacd

ID

 des fehlerhaften Prozesses: 0x4ec  Startzeit der fehlerhaften Anwendung: 0x01cd72b460611263

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 9e14c164-dea7-11e1-8584-ec9a743e8b9e

 

Error - 04.08.2012 22:45:30 | Computer Name = Notebook_Lukas | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bd026  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,

 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc06d007f  Fehleroffset: 0x000000000000cacd

ID

 des fehlerhaften Prozesses: 0xfe4  Startzeit der fehlerhaften Anwendung: 0x01cd72b4606a97e4

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 9e1e46e5-dea7-11e1-8584-ec9a743e8b9e

 

Error - 04.08.2012 23:06:33 | Computer Name = Notebook_Lukas | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bd026  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,

 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc06d007f  Fehleroffset: 0x000000000000cacd

ID

 des fehlerhaften Prozesses: 0x544  Startzeit der fehlerhaften Anwendung: 0x01cd72b7514d944e

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 8f03a4af-deaa-11e1-8584-ec9a743e8b9e

 

Error - 04.08.2012 23:06:33 | Computer Name = Notebook_Lukas | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bd026  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,

 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc06d007f  Fehleroffset: 0x000000000000cacd

ID

 des fehlerhaften Prozesses: 0x1094  Startzeit der fehlerhaften Anwendung: 0x01cd72b7515719cf

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 8f0ac8d0-deaa-11e1-8584-ec9a743e8b9e

 

Error - 04.08.2012 23:21:10 | Computer Name = Notebook_Lukas | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bd026  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,

 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc06d007f  Fehleroffset: 0x000000000000cacd

ID

 des fehlerhaften Prozesses: 0x1294  Startzeit der fehlerhaften Anwendung: 0x01cd72b95c1cecf5

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 99d2fd56-deac-11e1-8584-ec9a743e8b9e

 

Error - 04.08.2012 23:21:10 | Computer Name = Notebook_Lukas | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bd026  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,

 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc06d007f  Fehleroffset: 0x000000000000cacd

ID

 des fehlerhaften Prozesses: 0x4b4  Startzeit der fehlerhaften Anwendung: 0x01cd72b95c267276

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 99da2177-deac-11e1-8584-ec9a743e8b9e

 

Error - 05.08.2012 00:16:31 | Computer Name = Notebook_Lukas | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bd026  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,

 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc06d007f  Fehleroffset: 0x000000000000cacd

ID

 des fehlerhaften Prozesses: 0x1258  Startzeit der fehlerhaften Anwendung: 0x01cd72c1179d54f2

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 55536553-deb4-11e1-8584-ec9a743e8b9e

 

Error - 05.08.2012 00:16:31 | Computer Name = Notebook_Lukas | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bd026  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,

 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc06d007f  Fehleroffset: 0x000000000000cacd

ID

 des fehlerhaften Prozesses: 0x1100  Startzeit der fehlerhaften Anwendung: 0x01cd72c117a6da73

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 555a8974-deb4-11e1-8584-ec9a743e8b9e

 

Error - 05.08.2012 00:37:41 | Computer Name = Notebook_Lukas | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bd026  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,

 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc06d007f  Fehleroffset: 0x000000000000cacd

ID

 des fehlerhaften Prozesses: 0x10a0  Startzeit der fehlerhaften Anwendung: 0x01cd72c40c85b50e

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 4a39640f-deb7-11e1-8584-ec9a743e8b9e

 

Error - 05.08.2012 00:37:41 | Computer Name = Notebook_Lukas | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnscfg.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bd026  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,

 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xc06d007f  Fehleroffset: 0x000000000000cacd

ID

 des fehlerhaften Prozesses: 0xde0  Startzeit der fehlerhaften Anwendung: 0x01cd72c40c8cd92f

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnscfg.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 4a408830-deb7-11e1-8584-ec9a743e8b9e

 

[ System Events ]

Error - 06.05.2012 10:12:56 | Computer Name = Notebook_Lukas | Source = atapi | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

 

Error - 06.05.2012 10:12:56 | Computer Name = Notebook_Lukas | Source = atapi | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

 

Error - 06.05.2012 10:12:56 | Computer Name = Notebook_Lukas | Source = atapi | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

 

Error - 06.05.2012 10:12:56 | Computer Name = Notebook_Lukas | Source = atapi | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

 

Error - 06.05.2012 10:12:56 | Computer Name = Notebook_Lukas | Source = atapi | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

 

Error - 06.05.2012 10:12:56 | Computer Name = Notebook_Lukas | Source = atapi | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

 

Error - 06.05.2012 10:12:56 | Computer Name = Notebook_Lukas | Source = atapi | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

 

Error - 08.05.2012 05:36:58 | Computer Name = Notebook_Lukas | Source = Service Control Manager | ID = 7030

Description = Der Dienst "FileZilla Server FTP server" ist als interaktiver Dienst

 gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste

 nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 09.05.2012 11:57:57 | Computer Name = Notebook_Lukas | Source = Service Control Manager | ID = 7011

Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung

 von Dienst Wlansvc erreicht.

 

Error - 10.05.2012 00:43:34 | Computer Name = Notebook_Lukas | Source = Service Control Manager | ID = 7024

Description = Der Dienst "Apache2.2" wurde mit folgendem dienstspezifischem Fehler

 beendet: %%1.

 

 

< End of report >

Hi!
Taskmanager lässt sich wieder öffnen, Antivir Echtzeit-Scanner geht nach wie vor nicht - leider. Dennoch schonmal vielen Dank für die wirkungsvolle Hilfe!

Hier der Logfile vom Fixen im OTL:

Code:

All processes killed

========== OTL ==========

Unable to kill active process lapqeteazore.exe!

Error: No service named 738ee479cdefbaee was found to stop!

Service\Driver key 738ee479cdefbaee not found.

File  C:\Windows\SysNative\drivers\738ee479cdefbaee.sys  not found.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{758B870D-DF78-4A6A-9955-DEDDCACF94DC}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{758B870D-DF78-4A6A-9955-DEDDCACF94DC}\ not found.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{758B870D-DF78-4A6A-9955-DEDDCACF94DC}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{758B870D-DF78-4A6A-9955-DEDDCACF94DC}\ not found.

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!

Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems

Prefs.js: 4 removed from network.proxy.type

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00\ deleted successfully.

C:\USERS\LUKAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L1EHOXQN.DEFAULT\EXTENSIONS\NEWTABMOD@BYTEDISORDER.COM.XPI moved successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5.5ServiceManager deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\lapqeteazore deleted successfully.

File C:\Users\Lukas\lapqeteazore.exe not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bd03c93-ac88-11e1-ab5d-ec9a743e8b9e}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3bd03c93-ac88-11e1-ab5d-ec9a743e8b9e}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bd03c93-ac88-11e1-ab5d-ec9a743e8b9e}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3bd03c93-ac88-11e1-ab5d-ec9a743e8b9e}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bd03c98-ac88-11e1-ab5d-ec9a743e8b9e}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3bd03c98-ac88-11e1-ab5d-ec9a743e8b9e}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bd03c98-ac88-11e1-ab5d-ec9a743e8b9e}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3bd03c98-ac88-11e1-ab5d-ec9a743e8b9e}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ca22313-4e27-11e1-9dee-ec9a743e8b9e}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ca22313-4e27-11e1-9dee-ec9a743e8b9e}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ca22313-4e27-11e1-9dee-ec9a743e8b9e}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ca22313-4e27-11e1-9dee-ec9a743e8b9e}\ not found.

File E:\Startme.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fbd20e35-4734-11e1-945d-94503fe858b6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fbd20e35-4734-11e1-945d-94503fe858b6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fbd20e35-4734-11e1-945d-94503fe858b6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fbd20e35-4734-11e1-945d-94503fe858b6}\ not found.

File F:\start.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.

File E:\AutoRun.exe not found.

C:\Windows\SysWow64\REN8759.tmp deleted successfully.

C:\Windows\SysWow64\REN875A.tmp deleted successfully.

C:\Windows\SysWow64\REN875B.tmp deleted successfully.

File C:\Users\Lukas\lapqeteazore.exe not found.

Unable to delete ADS C:\Users\Lukas\Downloads:Shareaza.GUID .

C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\Windows\Installer\{53ead68d-40ec-2adc-a57c-6f72105897c5}\U\00000001.@ moved successfully.

C:\Windows\Installer\{53ead68d-40ec-2adc-a57c-6f72105897c5}\U\800000cb.@ moved successfully.

C:\Windows\Installer\{53ead68d-40ec-2adc-a57c-6f72105897c5}\U\80000000.@ moved successfully.

C:\Users\Lukas\AppData\Local\{EDCCD211-1681-4F24-97F2-300FBD7F8BD4} folder moved successfully.

C:\Users\Lukas\AppData\Local\{C8F84DA0-D550-47CD-BCD2-F4D8D53F0D30} folder moved successfully.

C:\Windows\Installer\{53ead68d-40ec-2adc-a57c-6f72105897c5}\@ moved successfully.

C:\Users\Lukas\AppData\Local\{53ead68d-40ec-2adc-a57c-6f72105897c5}\@ moved successfully.

========== FILES ==========
 < ipconfig /flushdns /c >

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

C:\Users\Lukas\Downloads\cmd.bat deleted successfully.

C:\Users\Lukas\Downloads\cmd.txt deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56502 bytes

 

User: Default User

 

User: Lukas

->Temp folder emptied: 3197976507 bytes

->Temporary Internet Files folder emptied: 445485213 bytes

->Java cache emptied: 2432235 bytes

->FireFox cache emptied: 1117782774 bytes

->Google Chrome cache emptied: 7658869 bytes

->Flash cache emptied: 61986 bytes

 

User: Public

 

User: Silvia

->Temp folder emptied: 34655 bytes

->Temporary Internet Files folder emptied: 824206 bytes

->Flash cache emptied: 56502 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 83872264 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 66647883 bytes

%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 758 bytes

RecycleBin emptied: 16096460753 bytes

 

Total Files Cleaned = 20.046,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

->Flash cache emptied: 0 bytes

 

User: Default User

 

User: Lukas

->Flash cache emptied: 0 bytes

 

User: Public

 

User: Silvia

->Flash cache emptied: 0 bytes

 

Total Flash Files Cleaned = 0,00 mb

 

 

OTL by OldTimer - Version 3.2.56.0 log created on 08052012_154511
 

Files\Folders moved on Reboot...

File\Folder C:\Users\Lukas\AppData\Local\Temp\etilqs_63I2Wso1E6w2zcE not found!

C:\Users\Lukas\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File\Folder C:\Users\Lukas\AppData\Local\Temp\~DF96DC2F3D7933B121.TMP not found!

File\Folder C:\Users\Lukas\AppData\Local\Temp\~DFEA6804C92BC69DD2.TMP not found!

C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\startupCache\startupCache.4.little moved successfully.

C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\Cache\_CACHE_001_ moved successfully.

C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\Cache\_CACHE_002_ moved successfully.

C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\Cache\_CACHE_003_ moved successfully.

C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\Cache\_CACHE_MAP_ moved successfully.

C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\urlclassifier3.sqlite moved successfully.
 

PendingFileRenameOperations files...

File C:\Users\Lukas\AppData\Local\Temp\etilqs_63I2Wso1E6w2zcE not found!

File C:\Users\Lukas\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

File C:\Users\Lukas\AppData\Local\Temp\~DF96DC2F3D7933B121.TMP not found!

File C:\Users\Lukas\AppData\Local\Temp\~DFEA6804C92BC69DD2.TMP not found!

File C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\startupCache\startupCache.4.little not found!

File C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\Cache\_CACHE_001_ not found!

File C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\Cache\_CACHE_002_ not found!

File C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\Cache\_CACHE_003_ not found!

File C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\Cache\_CACHE_MAP_ not found!

File C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\l1ehoxqn.default\urlclassifier3.sqlite not found!
 

Registry entries deleted on Reboot...