Trojaner-Board - vermutlich Malware infiziert

OTL Logfile:

Code:

OTL logfile created on: 20.09.2010 18:25:14 - Run 3

OTL by OldTimer - Version 3.2.12.1     Folder = M:\Z Neu

64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free

8,00 Gb Paging File | 7,00 Gb Available in Paging File | 84,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 100,00 Gb Total Space | 78,95 Gb Free Space | 78,95% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Drive G: | 100,00 Gb Total Space | 30,16 Gb Free Space | 30,16% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Drive M: | 286,08 Gb Total Space | 57,98 Gb Free Space | 20,27% Space Free | Partition Type: NTFS

Drive P: | 99,99 Gb Total Space | 96,87 Gb Free Space | 96,88% Space Free | Partition Type: NTFS

 

Computer Name: TIMO-PC

Current User Name: Timo

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Include 64bit Scans

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Processes (SafeList) ==========

 

PRC - M:\Z Neu\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)

PRC - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)

PRC - P:\Wuala Dokan\mounter.exe ()

PRC - C:\Windows\SysWOW64\Ctxfihlp.exe (Creative Technology Ltd)

PRC - C:\Windows\SysWOW64\CTxfispi.exe (Creative Technology Ltd)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)

 

 
 ========== Modules (SafeList) ==========

 

MOD - M:\Z Neu\OTL.exe (OldTimer Tools)

MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)

SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)

SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)

SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)

SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)

SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (wDokanMounter) -- P:\Wuala Dokan\mounter.exe ()

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)

SRV - (FirebirdServerMAGIXInstance) -- P:\MAGIX\Common\Database\bin\fbserver.exe (The Firebird Project)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()

DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()

DRV:64bit: - (wDokan) -- C:\Windows\SysNative\drivers\wdokan.sys ()

DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)

DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)

DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)

DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)

DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)

DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)

DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)

DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)

DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)

DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)

DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)

DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)

DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)

DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)

DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia)

DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)

DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)

DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)

DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)

DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)

DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)

DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)

DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)

DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)

DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)

DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)

DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)

DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()

DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)

DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1850170355-1748966538-132828878-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\S-1-5-21-1850170355-1748966538-132828878-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-1850170355-1748966538-132828878-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKU\S-1-5-21-1850170355-1748966538-132828878-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 B5 7A C5 FA 04 CB 01  [binary data]

IE - HKU\S-1-5-21-1850170355-1748966538-132828878-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "www.google.de"

FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:21.1.10084.997

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.06.24 21:19:34 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: P:\Firefox\components [2010.09.16 23:39:04 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: P:\Firefox\plugins [2010.09.16 23:39:04 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Components: P:\Thunderbird\components [2010.08.06 15:00:42 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Plugins: P:\Thunderbird\plugins

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.06.24 21:19:34 | 000,000,000 | ---D | M]

 

[2010.06.08 18:11:38 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\mozilla\Extensions

[2010.06.08 18:11:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Timo\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010.06.29 18:57:21 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\mozilla\Firefox\Profiles\1o2obwe1.default\extensions

 

O1 HOSTS File: ([2010.06.07 14:51:06 | 000,000,998 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 im.adtech.de

O1 - Hosts: 127.0.0.1 adserver.adtech.de

O1 - Hosts: 127.0.0.1 adtech.de

O1 - Hosts: 127.0.0.1 atwola.com

O1 - Hosts: 127.0.0.1 adserver.71i.de

O1 - Hosts: 127.0.0.1 adicqserver.71i.de

O1 - Hosts: 127.0.0.1 71i.de

O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1850170355-1748966538-132828878-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-1850170355-1748966538-132828878-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010.08.22 15:39:09 | 000,000,000 | ---D | M] - P:\AutoGK -- [ NTFS ]

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.09.17 21:26:04 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Avira

[2010.09.17 21:15:42 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys

[2010.09.17 21:15:42 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys

[2010.09.17 21:15:42 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys

[2010.09.17 21:15:42 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys

[2010.09.17 21:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2010.09.17 21:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira

[2010.09.17 21:03:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2010.09.17 19:15:41 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Malwarebytes

[2010.09.17 19:15:31 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010.09.17 19:15:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010.09.16 23:45:18 | 000,106,224 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys

[2010.09.16 23:40:29 | 000,040,392 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys

[2010.09.16 23:40:14 | 000,057,288 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys

[2010.09.16 23:39:59 | 000,085,960 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys

[2010.09.16 23:39:58 | 000,048,584 | ---- | C] (G DATA Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys

[2010.09.16 23:39:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data

[2010.09.16 23:34:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Downloaded Installations

[2010.09.15 19:44:59 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll

[2010.09.15 00:46:13 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2010.09.15 00:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI

[2010.09.15 00:30:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ATI Technologies

[2010.09.15 00:30:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies

[2010.09.15 00:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI

[2010.09.15 00:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies

[2010.09.15 00:26:31 | 000,000,000 | ---D | C] -- C:\Programme\ATI

[2010.09.15 00:26:12 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies

[2010.09.15 00:25:42 | 000,000,000 | ---D | C] -- C:\ATI

[2010.09.13 19:17:28 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Creative

[2010.09.12 10:47:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Plugins

[2010.09.12 10:47:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ocr

[2010.09.07 18:28:51 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\dvdcss

[2010.09.02 18:58:17 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\NFS SHIFT

[2010.08.31 23:13:37 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\StarCraft II

[2010.08.31 23:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment

[2010.08.31 23:13:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment

[2010.08.29 10:40:32 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2010.08.22 15:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XviD

[2010.05.05 19:59:10 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.09.20 18:21:45 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.09.20 18:21:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.09.20 18:21:31 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys

[2010.09.20 18:20:57 | 000,062,092 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000001-00000000-00000009-00001102-00000005-00311102}.rfx

[2010.09.20 18:20:57 | 000,062,092 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000001-00000000-00000009-00001102-00000005-00311102}.rfx

[2010.09.20 18:20:57 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000001-00000000-00000009-00001102-00000005-00311102}.rfx

[2010.09.20 18:20:54 | 001,835,008 | -HS- | M] () -- C:\Users\Timo\NTUSER.DAT

[2010.09.20 18:20:51 | 004,161,993 | -H-- | M] () -- C:\Users\Timo\AppData\Local\IconCache.db

[2010.09.20 18:03:05 | 000,000,034 | ---- | M] () -- C:\Windows\cdplayer.ini

[2010.09.20 17:45:09 | 000,000,970 | ---- | M] () -- C:\Users\Timo\Desktop\Audiograbber.lnk

[2010.09.20 17:29:55 | 000,000,551 | ---- | M] () -- C:\Users\Timo\AppData\Roaming\AutoGK.ini

[2010.09.20 16:44:06 | 000,318,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010.09.20 16:43:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\atiicdxx.dat

[2010.09.17 18:35:18 | 000,057,288 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys

[2010.09.17 18:32:04 | 000,085,960 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys

[2010.09.17 18:32:04 | 000,040,392 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys

[2010.09.16 23:45:18 | 000,106,224 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys

[2010.09.16 23:39:58 | 000,048,584 | ---- | M] (G DATA Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys

[2010.09.13 19:18:17 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010.09.13 19:18:17 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010.09.08 14:02:22 | 000,000,082 | ---- | M] () -- C:\Windows\VideodeLuxe.INI

[2010.09.02 18:57:31 | 000,000,872 | ---- | M] () -- C:\Users\Timo\Desktop\NFS Shift.lnk

[2010.08.31 23:21:49 | 000,000,625 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk

[2010.08.31 07:19:12 | 002,441,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll

[2010.08.27 23:27:49 | 000,000,553 | ---- | M] () -- C:\Users\Timo\Desktop\CCleaner.lnk

 
 ========== Files Created - No Company Name ==========

 

[2010.09.20 17:45:09 | 000,000,970 | ---- | C] () -- C:\Users\Timo\Desktop\Audiograbber.lnk

[2010.09.20 16:43:57 | 000,318,040 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010.09.20 16:43:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat

[2010.09.20 16:43:21 | 000,062,092 | ---- | C] () -- C:\Windows\SysNative\BMXStateBkp-{00000001-00000000-00000009-00001102-00000005-00311102}.rfx

[2010.09.20 16:43:21 | 000,062,092 | ---- | C] () -- C:\Windows\SysNative\BMXState-{00000001-00000000-00000009-00001102-00000005-00311102}.rfx

[2010.09.20 16:43:21 | 000,000,788 | ---- | C] () -- C:\Windows\SysNative\DVCState-{00000001-00000000-00000009-00001102-00000005-00311102}.rfx

[2010.09.02 18:57:31 | 000,000,872 | ---- | C] () -- C:\Users\Timo\Desktop\NFS Shift.lnk

[2010.08.31 23:13:37 | 000,000,625 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk

[2010.08.27 23:27:49 | 000,000,553 | ---- | C] () -- C:\Users\Timo\Desktop\CCleaner.lnk

[2010.08.22 15:55:12 | 000,000,551 | ---- | C] () -- C:\Users\Timo\AppData\Roaming\AutoGK.ini

[2010.07.17 11:56:40 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini

[2010.06.29 18:32:19 | 000,000,082 | ---- | C] () -- C:\Windows\VideodeLuxe.INI

[2010.06.29 18:27:07 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\cpuinf32.dll

[2010.06.29 18:20:54 | 000,002,856 | ---- | C] () -- C:\Windows\mgxoschk.ini

[2010.06.15 21:57:38 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL

[2010.06.15 21:57:38 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

[2010.06.15 21:57:26 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL

[2010.06.10 18:19:05 | 000,007,597 | ---- | C] () -- C:\Users\Timo\AppData\Local\resmon.resmoncfg

[2010.06.06 04:24:16 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll

[2010.06.06 01:32:43 | 000,000,109 | ---- | C] () -- C:\Windows\disney.ini

[2010.05.20 13:51:12 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\wdokannp.dll

[2010.05.20 13:51:02 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\wdokanusr.dll

[2010.05.05 20:37:52 | 000,021,204 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini

[2010.05.05 20:37:50 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini

[2010.05.05 19:56:46 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.07.06 13:47:08 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini

[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

[2009.01.25 23:10:48 | 000,179,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2009.01.09 01:01:22 | 000,629,760 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2008.11.22 10:11:04 | 000,001,607 | ---- | C] () -- C:\Windows\SysWow64\Load.ini

[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2008.06.29 15:24:32 | 000,311,128 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll

[2008.06.29 15:24:32 | 000,168,960 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2008.06.29 15:24:31 | 001,526,468 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll

[2008.04.28 14:55:27 | 000,162,816 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll

 
 ========== LOP Check ==========

 

[2010.06.06 01:58:08 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Auslogics

[2010.06.21 23:45:11 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\bizarre creations

[2010.06.06 03:39:23 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\DAEMON Tools Lite

[2010.06.06 21:07:03 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\DeepBurner

[2010.09.20 18:21:52 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\ICQ

[2010.06.24 22:27:38 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Nokia

[2010.06.24 22:27:38 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Nokia Ovi Suite

[2010.06.12 18:38:08 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\OpenOffice.org

[2010.06.24 22:19:07 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\PC Suite

[2010.06.21 17:21:48 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\SoundSpectrum

[2010.06.08 18:11:38 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Thunderbird

[2010.06.06 03:38:15 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Ubisoft

[2010.07.09 16:59:16 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Wuala

[2010.08.05 16:46:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:80E965A3

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:538B96B5

< End of report >

--- --- ---

OTL Logfile:

Code:

OTL Extras logfile created on: 20.09.2010 18:25:14 - Run 3

OTL by OldTimer - Version 3.2.12.1     Folder = M:\Z Neu

64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free

8,00 Gb Paging File | 7,00 Gb Available in Paging File | 84,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 100,00 Gb Total Space | 78,95 Gb Free Space | 78,95% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Drive G: | 100,00 Gb Total Space | 30,16 Gb Free Space | 30,16% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Drive M: | 286,08 Gb Total Space | 57,98 Gb Free Space | 20,27% Space Free | Partition Type: NTFS

Drive P: | 99,99 Gb Total Space | 96,87 Gb Free Space | 96,88% Space Free | Partition Type: NTFS

 

Computer Name: TIMO-PC

Current User Name: Timo

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Include 64bit Scans

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1850170355-1748966538-132828878-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- P:\Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [AddToPlaylistVLC] -- "P:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "P:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "P:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "P:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{28A0318C-B98D-B6B1-64D1-4E4755A8E668}" = AMD Drag and Drop Transcoding

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2

"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8E3FABF5-C3B9-7F7E-4AAE-977D77D48C51}" = ATI Catalyst Install Manager

"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64

"{B93D47B2-0862-E2E6-8115-B5DAF7AE3C01}" = ccc-utility64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"CPUID CPU-Z_is1" = CPUID CPU-Z 1.54

"Defraggler" = Defraggler

"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack

"WinRAR archiver" = WinRAR

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404

"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution

"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club

"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.2 Build #3127 Banner Remover 1.0

"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration

"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform

"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = oZone3D.Net FurMark v1.8.2

"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15

"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine

"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2

"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404

"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV

"{5662D815-DB58-5082-315B-0326B37EB7CB}" = CCC Help English

"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV

"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable

"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2

"{7B01FD07-1790-4EE9-B5E0-149527D70C7D}" = Nokia Ovi Suite

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding

"{8C65C65C-530F-B2DB-BBD7-AF554ABEBBA1}" = Catalyst Control Center Graphics Previews Common

"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2

"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)

"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater

"{AA468551-1794-42FE-B504-C41D75EEBDF2}_is1" = Partition Wizard Home Edition 5.0

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT

"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo

"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5

"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage

"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser

"{D69D4AE5-717C-5E56-A56F-542EF5F6A84C}" = Catalyst Control Center Graphics Previews Vista

"{DB837E02-82D0-3888-6DEC-D29587CCDC2F}" = ccc-core-static

"{F86B6849-38E0-7818-F21E-6DC637932076}" = Catalyst Control Center InstallProxy

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"ALchemy" = Creative ALchemy

"AudioCS" = Creative Audio-Systemsteuerung

"Audiograbber" = Audiograbber 1.83 SE 

"Audiograbber-Lame" = Audiograbber MP3-Plugin

"AutoGK" = Auto Gordian Knot 2.55

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"AviSynth" = AviSynth 2.5

"CCleaner" = CCleaner

"Console Launcher" = Creative Konsole Starter

"Creative Software AutoUpdate" = Creative Software AutoUpdate

"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition

"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20

"Firebird SQL Server D" = Firebird SQL Server (D)

"Fraps" = Fraps

"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)

"JDownloader" = JDownloader

"MAGIX Foto Manager 2006 D" = MAGIX Foto Manager 2006 (D)

"MAGIX Music Manager D" = MAGIX Music Manager (D)

"MAGIX Online Druck Service" = MAGIX Online Druck Service

"MAGIX Video deLuxe 2006 D" = MAGIX Video deLuxe 2006 (D)

"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)

"Mozilla Thunderbird (3.0.6)" = Mozilla Thunderbird (3.0.6)

"Nokia Ovi Suite" = Nokia Ovi Suite

"OpenAL" = OpenAL

"SpeedFan" = SpeedFan (remove only)

"StarCraft II" = StarCraft II

"Steam App 240" = Counter-Strike: Source

"Steam App 340" = Half-Life 2: Lost Coast

"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)

"VLC media player" = VLC media player 1.0.5

"VobSub" = VobSub v2.23 (Remove Only)

"WaveStudio 7" = Creative WaveStudio 7

"WhiteCap" = WhiteCap

"Wuala Dokan" = Wuala Dokan

"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-1850170355-1748966538-132828878-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Wuala" = Wuala

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 20.09.2010 10:44:10 | Computer Name = Timo-PC | Source = ATIeRecord | ID = 16386

Description = ATI EEU Client has failed to start

 

Error - 20.09.2010 10:44:11 | Computer Name = Timo-PC | Source = Winlogon | ID = 4103

Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

 

Error - 20.09.2010 10:47:47 | Computer Name = Timo-PC | Source = ATIeRecord | ID = 16386

Description = ATI EEU Client has failed to start

 

Error - 20.09.2010 10:47:48 | Computer Name = Timo-PC | Source = Winlogon | ID = 4103

Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

 

Error - 20.09.2010 11:13:35 | Computer Name = Timo-PC | Source = ATIeRecord | ID = 16386

Description = ATI EEU Client has failed to start

 

Error - 20.09.2010 11:13:36 | Computer Name = Timo-PC | Source = Winlogon | ID = 4103

Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

 

Error - 20.09.2010 11:20:58 | Computer Name = Timo-PC | Source = ATIeRecord | ID = 16386

Description = ATI EEU Client has failed to start

 

Error - 20.09.2010 11:20:59 | Computer Name = Timo-PC | Source = Winlogon | ID = 4103

Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

 

Error - 20.09.2010 12:21:43 | Computer Name = Timo-PC | Source = ATIeRecord | ID = 16386

Description = ATI EEU Client has failed to start

 

Error - 20.09.2010 12:21:45 | Computer Name = Timo-PC | Source = Winlogon | ID = 4103

Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

 

[ System Events ]

Error - 18.09.2010 13:29:25 | Computer Name = Timo-PC | Source = DCOM | ID = 10001

Description = 

 

Error - 18.09.2010 17:32:33 | Computer Name = Timo-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6

Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 

im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich

 an den Computerhersteller, um aktualisierte Firmware zu erhalten.

 

Error - 18.09.2010 17:34:59 | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.

 

Error - 19.09.2010 03:43:52 | Computer Name = Timo-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6

Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 

im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich

 an den Computerhersteller, um aktualisierte Firmware zu erhalten.

 

Error - 19.09.2010 03:46:20 | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.

 

Error - 19.09.2010 03:51:15 | Computer Name = Timo-PC | Source = Microsoft-Windows-Time-Service | ID = 4

Description = Der Zeitanbieter "VMICTimeProvider" wurde aufgrund des folgenden Fehlers

 nicht gestartet: Das angegebene Modul wurde nicht gefunden. (0x8007007E)

 

Error - 19.09.2010 13:12:30 | Computer Name = Timo-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6

Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 

im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich

 an den Computerhersteller, um aktualisierte Firmware zu erhalten.

 

Error - 19.09.2010 13:15:02 | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.

 

Error - 19.09.2010 13:15:49 | Computer Name = Timo-PC | Source = DCOM | ID = 10001

Description = 

 

Error - 19.09.2010 13:15:56 | Computer Name = Timo-PC | Source = Microsoft-Windows-Time-Service | ID = 4

Description = Der Zeitanbieter "VMICTimeProvider" wurde aufgrund des folgenden Fehlers

 nicht gestartet: Das angegebene Modul wurde nicht gefunden. (0x8007007E)

 

 

< End of report >

--- --- ---