Ergebnis 1 bis 6 von 6

Thema: Hohe Auslastung

  1. #1
    Einsteiger
    Registriert seit
    04.07.2010
    Beiträge
    3

    Hohe Auslastung

    Hey!
    Ich hab in letzter Zeit Probleme mit meiner CPU Auslastung, sie ist permanent auf ca. 90%.
    Ich hab mir den Logfile schon automatisch auswerten lassen und es schien alles in Ordnung zu sein.
    Hier ist er noch einmal:

    Code:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:46:40, on 04.07.2010
    Platform: Unknown Windows (WinNT 6.01.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal
    
    Running processes:
    C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
    C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    C:\Program Files (x86)\Safari\Safari.exe
    C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\vbexpress.exe
    C:\Program Files (x86)\TuneUp Utilities 2010\Integrator.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\SysWOW64\DllHost.exe
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.Teachshop.ru/redirect/free
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Users/--Wthout Reasons--/AppData/Local/RapidSolution/Mediaraptor/WebRip/profile/rrproxy_ie_4bb6519e.pac
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: 74.208.10.249 gs.apple.com
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Videoraptor_WebRipPlugin Class - {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - C:\Program Files (x86)\RapidSolution\Mediaraptor\plugins\IE\MR_WebRipIePlugin.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
    O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
    O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\Windows\system32\rundll32.exe" "C:\Users\--WTHO~1\AppData\Local\Temp\nos_uninstall_Adobe.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe" /q preferences
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O13 - Gopher Prefix: 
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{ADCDD490-1B52-4513-AB8D-5563733D2B37}: NameServer = 192.168.100.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
    O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: Dragon Age: Origins - Inhaltsupdater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    --
    End of file - 10658 bytes
    Wärt mir echt eine Hilfe!

  2. #2
    Senior Team-Mitglied Avatar von pc-jedi
    Registriert seit
    17.07.2009
    Beiträge
    3.644

    AW: Hohe Auslastung

    Willkommen im HijackThis.de Supportforum Cytec,

    ein System zu bereinigen ist unter Umständen aufwändig und mit einiger Arbeit für Dich verbunden.
    Bitte folgende Punkte beachten:
    • Respektiere unsere Forenregeln und sei nicht zu ungeduldig, wenn es mal etwas länger dauert.
    • Während der Bereinigung alle vorhandenen externen Speichermedien (USB Sticks, Festplatten) anschließen,
    • und keine Programme ohne Absprache installieren oder deinstallieren.
    • Programme ausschließlich von den in unserer Anleitung angegebenen Links herunterladen!
    • Logfiles in Code-Tags posten und ggfs. persönliche Daten anonymisieren.
    • Arbeite jeden Punkt der Reihe nach ab und berichte, dass Du ihn erledigt hast.
    • Wenn es ein Problem gibt, stoppen und es so genau wie möglich beschreiben.


    • Achtung: Das Verschwinden der Symptome bedeutet nicht das Dein Rechner schon sauber ist.
      Bitte arbeite solange mit bis wir sagen, dass der Rechner sauber ist.
    • Nur Anleitungen/Anweisungen eines hier aufgeführten Team-Mitglieds ausführen.
    • Es gibt grundsätzlich keinen Support per PN oder Mail.
    • Wir bereinigen keine Rechner, die geschäftlich genutzt werden.
    • Der Besitz legaler Software ist Vorraussetzung für die Support.
      Sollten wir illegale Software finden, wird der Support eingestellt.

    Vista und Win7 User:
    • Alle Programme und Tools, die wir anordnen, immer mit Rechtsklick und Als Administrator ausführen.


    Schritt 1
    Systemscan mit OTL

    Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
    • Doppelklick auf die OTL.exe
    • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
    • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal-Ausgabe
    • Unter Extra-Registrierung, wähle bitte Benutze SafeList
    • Klicke nun auf Scan links oben
    • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
    • Poste die Logfiles in Code-Tags hier in den Thread.


    Schritt 2
    Gmer scannen lassen
    • Lade Dir Gmer von dieser Seite herunter
      (auf den Button Download EXE drücken) und das Programm auf dem Desktop speichern.
    • Gmer ist geeignet für => NT/W2K/XP/VISTA.
    • Alle anderen Programme sollen geschlossen sein.
    • Starte gmer.exe (Programm hat einen willkürlichen Programm-Namen).
    • Vista-User mit Rechtsklick und als Administrator starten.
    • Sollte sich ein Fenster mit folgender Warnung öffnen:
      WARNING !!!
      GMER has found system modification, which might have been caused by ROOTKIT activity.
      Do you want to fully scan your system ?
      Unbedingt auf "No" klicken.
    • Starte den Scan mit "Scan". Mache nichts am Computer während der Scan läuft.
    • Wenn der Scan fertig ist klicke auf "Copy" um das Log in die Zwischenablage zu kopieren. Mit "Ok" wird Gmer beendet.
    • Füge das Log aus der Zwischenablage in Deine Antwort hier ein.

    Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

    Nun das Logfile in Code-Tags posten.

    Poste bitte bei deiner nächsten Antwort

    • OTL Logfiles
    • GMER Logfile
    mfg pc-jedi

    Wenn nicht innerhalb von 48 Stunden antworte schickt mir bitte eine Nachricht mit einem Link zu eurem Thread.
    Neu hier?

  3. #3
    Einsteiger
    Registriert seit
    04.07.2010
    Beiträge
    3

    AW: Hohe Auslastung

    Hier sind die OTL Logfiles:

    Code:
    OTL logfile created on: 05.07.2010 12:34:37 - Run 1
    OTL by OldTimer - Version 3.2.7.1     Folder = C:\Users\--Wthout Reasons--\Desktop
    64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
    8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 931,51 Gb Total Space | 284,73 Gb Free Space | 30,57% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    Drive E: | 3,73 Gb Total Space | 0,93 Gb Free Space | 24,85% Space Free | Partition Type: FAT32
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
     
    Computer Name: BYSHADOW
    Current User Name: --Wthout Reasons--
    Logged in as Administrator.
     
    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal
     
    ========== Processes (SafeList) ==========
     
    PRC - C:\Users\--Wthout Reasons--\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
    PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
    PRC - C:\Program Files (x86)\Safari\Safari.exe (Apple Inc.)
    PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
    PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
    PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    PRC - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
    PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
    PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
     
     
    ========== Modules (SafeList) ==========
     
    MOD - C:\Users\--Wthout Reasons--\Desktop\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\SysWOW64\rsaenh.dll (Microsoft Corporation)
    MOD - C:\Windows\SysWOW64\WindowsCodecs.dll (Microsoft Corporation)
    MOD - C:\Windows\SysWOW64\srvcli.dll (Microsoft Corporation)
    MOD - C:\Windows\SysWOW64\slc.dll (Microsoft Corporation)
    MOD - C:\Windows\SysWOW64\RpcRtRemote.dll (Microsoft Corporation)
    MOD - C:\Windows\SysWOW64\ntshrui.dll (Microsoft Corporation)
    MOD - C:\Windows\SysWOW64\EhStorShell.dll (Microsoft Corporation)
    MOD - C:\Windows\SysWOW64\cscapi.dll (Microsoft Corporation)
    MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
     
     
    ========== Win32 Services (SafeList) ==========
     
    SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
    SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
    SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
    SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
    SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
    SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
    SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
    SRV - (Akamai) -- c:\program files (x86)\common files\akamai\rswin_3725.dll ()
    SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
    SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
    SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
    SRV - (GJService) -- C:\ProgramData\{DC9CA319-9193-4E44-BF92-477C9963436E}\Server.exe (SlySoft Inc.)
    SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
    SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
    SRV - (DAUpdaterSvc) -- C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe (BioWare)
    SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
    SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
    SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
    SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
    SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - (NSNDIS5) -- C:\Windows\SysNative\NSNDIS5.SYS File not found
    DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
    DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
    DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G DATA Software AG)
    DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (KLBG) -- C:\Windows\SysNative\drivers\klbg.sys (Kaspersky Lab)
    DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
    DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
    DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab)
    DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab)
    DRV:64bit: - (NvStUSB) -- C:\Windows\SysNative\drivers\nvstusb.sys ()
    DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
    DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
    DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
    DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
    DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
    DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
    DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (AF15BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech                  )
    DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
    DRV:64bit: - (GearAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH)
    DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin)
    DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
    DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
    DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\VMM.sys (Microsoft Corporation)
    DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\drivers\VMNetSrv.sys (Microsoft Corporation)
    DRV:64bit: - (SQ931) -- C:\Windows\SysNative\drivers\Capt931a.sys ()
    DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
    DRV - (truecrypt) -- C:\Windows\SysWOW64\drivers\truecrypt.sys (TrueCrypt Foundation)
    DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
    DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.Teachshop.ru/redirect/free
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 11 6F 98 9B F0 2B CA 01  [binary data]
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:/Users/--Wthout Reasons--/AppData/Local/RapidSolution/Mediaraptor/WebRip/profile/rrproxy_ie_4bb6519e.pac
     
    ========== FireFox ==========
     
    FF - prefs.js..extensions.enabledItems: mediaraptor-firefox-surf-and-catch-extension@audials.com:1.4.7700.0
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
    FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
    FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.7
    FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
    FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0625
    FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..network.proxy.type: 2
     
    FF - HKLM\software\mozilla\Firefox\Extensions\\mediaraptor-firefox-surf-and-catch-extension@audials.com: C:\Program Files (x86)\RapidSolution\Mediaraptor\plugins\GeckoBased\mediaraptor-firefox-surf-and-catch-extension@audials.com\ [2009.12.06 22:53:42 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Users\--Wthout Reasons--\Desktop\Desktop\Mozilla Firefox\components [2010.06.28 23:04:13 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Users\--Wthout Reasons--\Desktop\Desktop\Mozilla Firefox\plugins [2010.06.28 23:04:13 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.02.12 19:28:56 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010.02.12 19:28:11 | 000,000,000 | ---D | M]
     
    [2009.11.21 19:25:24 | 000,000,000 | ---D | M] -- C:\Users\--Wthout Reasons--\AppData\Roaming\mozilla\Extensions
    [2010.07.04 13:20:04 | 000,000,000 | ---D | M] -- C:\Users\--Wthout Reasons--\AppData\Roaming\mozilla\Firefox\Profiles\hz911nh1.default\extensions
    [2010.04.28 16:25:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\--Wthout Reasons--\AppData\Roaming\mozilla\Firefox\Profiles\hz911nh1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010.01.23 15:04:41 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\--Wthout Reasons--\AppData\Roaming\mozilla\Firefox\Profiles\hz911nh1.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
    [2010.06.26 14:15:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\--Wthout Reasons--\AppData\Roaming\mozilla\Firefox\Profiles\hz911nh1.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
    [2010.05.26 18:15:08 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\--Wthout Reasons--\AppData\Roaming\mozilla\Firefox\Profiles\hz911nh1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010.01.23 14:04:25 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\--Wthout Reasons--\AppData\Roaming\mozilla\Firefox\Profiles\hz911nh1.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
    [2010.04.14 13:46:27 | 000,000,000 | ---D | M] -- C:\Users\--Wthout Reasons--\AppData\Roaming\mozilla\Firefox\Profiles\hz911nh1.default\extensions\personas@christopher.beard
    [2009.10.09 06:46:51 | 000,002,921 | ---- | M] () -- C:\Users\--Wthout Reasons--\AppData\Roaming\Mozilla\FireFox\Profiles\hz911nh1.default\searchplugins\daemon-search.xml
     
    O1 HOSTS File: ([2010.05.24 13:03:29 | 000,000,369 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 activate.adobe.com
    O1 - Hosts: 127.0.0.1 practivate.adobe.com
    O1 - Hosts: 127.0.0.1 adobeereg.com
    O1 - Hosts: 127.0.0.1 http://www.adobeereg.com
    O1 - Hosts: 127.0.0.1 activate.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
    O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
    O1 - Hosts: 127.0.0.1 192.150.18.108
    O1 - Hosts: 127.0.0.1 activate.adobe.com:443
    O1 - Hosts: 74.208.10.249 gs.apple.com
    O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll (Kaspersky Lab)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
    O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
    O2 - BHO: (Videoraptor_WebRipPlugin Class) - {3C0372C2-04C3-4100-BAB1-1D42C552BC48} - C:\Program Files (x86)\RapidSolution\Mediaraptor\plugins\IE\MR_WebRipIePlugin.dll (RapidSolution Software)
    O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
    O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
    O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
    O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
    O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation)
    O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKCU..\Run: [TrueCrypt] C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
    O4 - HKLM..\RunOnce: [Uninstall Adobe Download Manager] C:\Benutzer\WithoutReason\AppData\Local\Temp\nos_uninstall_Adobe.dll File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictCpl = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 1 = Windows-Firewall
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 2 = System
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 1 = Anzeige
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
    O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
    O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
    O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
    O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
    O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
    O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
    O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab)
    O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
    O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
    O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O24 - Desktop WallPaper: C:\Users\--Wthout Reasons--\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
    O24 - Desktop BackupWallPaper: C:\Users\--Wthout Reasons--\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{1903e068-f79d-11de-b545-001a4f47d70c}\Shell - "" = AutoRun
    O33 - MountPoints2\{1903e068-f79d-11de-b545-001a4f47d70c}\Shell\AutoRun\command - "" = G:\CHERRY_SETUP.exe -- File not found
    O33 - MountPoints2\{5f57e37d-0da0-11df-ad80-001a4f47d70c}\Shell - "" = AutoRun
    O33 - MountPoints2\{5f57e37d-0da0-11df-ad80-001a4f47d70c}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found
    O33 - MountPoints2\{aa592a57-8c94-11de-901a-00248c42a6f1}\Shell - "" = AutoRun
    O33 - MountPoints2\{aa592a57-8c94-11de-901a-00248c42a6f1}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2010.07.05 12:32:29 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\--Wthout Reasons--\Desktop\OTL.exe
    [2010.07.04 22:19:58 | 000,000,000 | ---D | C] -- C:\Users\--Wthout Reasons--\AppData\Local\Temporary Projects
    [2010.06.26 14:14:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
    [2010.06.26 14:14:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NOS
    [2010.06.23 20:50:56 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
    [2010.06.23 20:50:56 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
    [2010.06.23 20:50:56 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
    [2010.06.23 20:50:56 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
    [2010.06.23 20:50:56 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
    [2010.06.23 20:50:56 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
    [2010.06.23 20:50:56 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
    [2010.06.23 20:50:56 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
    [2010.06.23 10:04:48 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
    [2010.06.23 10:04:15 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
    [2010.06.23 10:04:15 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
    [2010.06.23 10:04:15 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
    [2010.06.23 10:04:14 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
    [2010.06.23 10:04:14 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
    [2010.06.23 10:04:14 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
    [2010.06.23 10:04:14 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
    [2010.06.19 17:39:06 | 000,000,000 | ---D | C] -- C:\Users\--Wthout Reasons--\AppData\Local\AOL
    [2010.06.19 17:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
    [2010.06.18 11:57:03 | 000,000,000 | ---D | C] -- C:\Users\--Wthout Reasons--\AppData\Local\LooksBuilder
    [2010.06.15 15:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
    [2010.06.10 22:40:19 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
    [2010.06.10 22:40:19 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
    [2010.06.10 22:40:19 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
    [2010.06.10 22:40:19 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
    [2010.06.09 20:46:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amorous Professor Cherry
    [2010.06.09 17:20:25 | 000,000,000 | ---D | C] -- C:\Downloads
    [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Users\--Wthout Reasons--\AppData\Local\*.tmp files -> C:\Users\--Wthout Reasons--\AppData\Local\*.tmp -> ]
     
    ========== Files - Modified Within 30 Days ==========
     
    [2010.07.05 12:38:08 | 009,175,040 | -HS- | M] () -- C:\Users\--Wthout Reasons--\NTUSER.DAT
    [2010.07.05 12:33:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\--Wthout Reasons--\Desktop\OTL.exe
    [2010.07.05 12:08:29 | 001,536,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2010.07.05 12:08:29 | 000,669,582 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
    [2010.07.05 12:08:29 | 000,628,156 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2010.07.05 12:08:29 | 000,136,290 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
    [2010.07.05 12:08:29 | 000,111,734 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2010.07.05 12:08:08 | 000,010,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010.07.05 12:08:08 | 000,010,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010.07.05 12:00:57 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010.07.05 12:00:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010.07.05 06:33:41 | 008,952,443 | -H-- | M] () -- C:\Users\--Wthout Reasons--\AppData\Local\IconCache.db
    [2010.07.05 01:16:05 | 000,000,092 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Berechnung.URL
    [2010.07.05 00:18:02 | 002,082,208 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\JavaNotes_de.zip
    [2010.07.05 00:03:37 | 000,000,114 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Windows 7 Hohe Auslastung.URL
    [2010.07.04 23:14:15 | 004,274,163 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\DungeonTilesMapper120.zip
    [2010.07.04 23:10:44 | 000,039,296 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\dice.zip
    [2010.07.04 23:04:51 | 000,000,084 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Adventure Hook Random Generator.URL
    [2010.07.04 17:28:00 | 000,000,113 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\hello.java
    [2010.07.04 17:24:09 | 000,001,516 | ---- | M] () -- C:\Users\--Wthout Reasons--\.recently-used.xbel
    [2010.07.02 23:51:57 | 000,000,090 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Kapitel 2 — Analoge und binäre Signale.URL
    [2010.07.02 12:22:35 | 000,953,078 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\LoL(5vs5).png
    [2010.06.28 16:30:55 | 000,000,064 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\standard mouseover onmouseover grafik tausch.URL
    [2010.06.22 15:39:45 | 001,757,588 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Land_Planet_Tutorial.jpg
    [2010.06.22 15:34:32 | 002,644,129 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Juu_Yuki_CG_Tutorial_by_Juu_Yuki.jpg
    [2010.06.21 15:35:34 | 000,480,948 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\abstract.jpg
    [2010.06.20 23:13:50 | 000,000,084 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\YouTube - Shattering Text Tutorial -Sony Vegas Pro 9.URL
    [2010.06.18 21:47:26 | 000,941,092 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\LoL geile stats.png
    [2010.06.18 14:04:50 | 000,000,102 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Ghallar The Anti King by ~trejoeeee on deviantART.URL
    [2010.06.18 13:39:35 | 000,478,747 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\cd-cover.jpf
    [2010.06.18 13:39:00 | 019,848,675 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\cd-cover.psd
    [2010.06.14 18:06:58 | 000,931,139 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Loser.png
    [2010.06.13 18:29:56 | 000,000,063 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\League of Legends Community.URL
    [2010.06.13 11:11:00 | 012,353,669 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Nickelback Gotta Be Somebody.flv
    [2010.06.13 11:06:06 | 011,234,465 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Nickelback Never Gonna To be Alone.flv
    [2010.06.13 11:01:06 | 011,848,953 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Nickelback Just To Get High.flv
    [2010.06.13 10:54:31 | 011,180,662 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\Nickelback Next Go Round.flv
    [2010.06.11 14:23:32 | 005,013,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2010.06.10 22:27:29 | 000,059,717 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\deskscreen.jpg
    [2010.06.07 22:07:02 | 002,682,842 | ---- | M] () -- C:\Users\--Wthout Reasons--\Desktop\LoL.png
    [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Users\--Wthout Reasons--\AppData\Local\*.tmp files -> C:\Users\--Wthout Reasons--\AppData\Local\*.tmp -> ]
     
    ========== Files Created - No Company Name ==========
     
    [2010.07.05 01:16:05 | 000,000,092 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Berechnung.URL
    [2010.07.05 00:16:40 | 002,082,208 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\JavaNotes_de.zip
    [2010.07.05 00:03:37 | 000,000,114 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Windows 7 Hohe Auslastung.URL
    [2010.07.04 23:10:50 | 004,274,163 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\DungeonTilesMapper120.zip
    [2010.07.04 23:10:44 | 000,039,296 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\dice.zip
    [2010.07.04 23:04:51 | 000,000,084 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Adventure Hook Random Generator.URL
    [2010.07.04 17:28:00 | 000,000,113 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\hello.java
    [2010.07.04 17:24:09 | 000,001,516 | ---- | C] () -- C:\Users\--Wthout Reasons--\.recently-used.xbel
    [2010.07.02 23:51:57 | 000,000,090 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Kapitel 2 — Analoge und binäre Signale.URL
    [2010.07.02 12:22:35 | 000,953,078 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\LoL(5vs5).png
    [2010.06.28 16:30:55 | 000,000,064 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\standard mouseover onmouseover grafik tausch.URL
    [2010.06.22 15:39:45 | 001,757,588 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Land_Planet_Tutorial.jpg
    [2010.06.22 15:34:32 | 002,644,129 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Juu_Yuki_CG_Tutorial_by_Juu_Yuki.jpg
    [2010.06.21 15:35:33 | 000,480,948 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\abstract.jpg
    [2010.06.20 23:13:50 | 000,000,084 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\YouTube - Shattering Text Tutorial -Sony Vegas Pro 9.URL
    [2010.06.18 21:47:26 | 000,941,092 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\LoL geile stats.png
    [2010.06.18 14:04:50 | 000,000,102 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Ghallar The Anti King by ~trejoeeee on deviantART.URL
    [2010.06.18 13:39:32 | 000,478,747 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\cd-cover.jpf
    [2010.06.18 13:38:58 | 019,848,675 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\cd-cover.psd
    [2010.06.14 18:06:58 | 000,931,139 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Loser.png
    [2010.06.13 18:29:56 | 000,000,063 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\League of Legends Community.URL
    [2010.06.13 11:08:00 | 012,353,669 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Nickelback Gotta Be Somebody.flv
    [2010.06.13 11:03:26 | 011,234,465 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Nickelback Never Gonna To be Alone.flv
    [2010.06.13 10:58:18 | 011,848,953 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Nickelback Just To Get High.flv
    [2010.06.13 10:51:51 | 011,180,662 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\Nickelback Next Go Round.flv
    [2010.06.11 19:25:14 | 000,003,081 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\DND1
    [2010.06.10 22:27:12 | 000,059,717 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\deskscreen.jpg
    [2010.06.07 22:06:56 | 002,682,842 | ---- | C] () -- C:\Users\--Wthout Reasons--\Desktop\LoL.png
    [2010.03.16 13:35:42 | 004,745,728 | ---- | C] () -- C:\Windows\PhotoLooksRenderer_x64.dll
    [2010.02.27 21:46:14 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
    [2010.01.21 16:51:17 | 000,000,056 | RHS- | C] () -- C:\Windows\SysWow64\5648C09765.sys
    [2010.01.21 16:51:14 | 000,002,098 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
    [2009.12.24 20:54:13 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
    [2009.12.09 18:53:58 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
    [2009.11.30 20:04:31 | 001,532,398 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2009.10.16 19:27:25 | 000,473,600 | ---- | C] () -- C:\Windows\SysWow64\Harmony.dll
    [2009.10.16 19:27:25 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll
    [2009.10.09 22:50:38 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
    [2009.10.09 22:50:38 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
    [2009.10.09 22:50:38 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
    [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009.03.02 12:33:32 | 000,067,584 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
    [2009.03.02 12:33:32 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
    [2008.11.17 17:53:01 | 000,401,408 | ---- | C] () -- C:\Windows\SysWow64\StepButtonS.dll
    [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
    [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
    [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
    [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
    [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
    [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
    [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
    [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
    [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
    [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
    [2008.07.29 21:17:46 | 000,491,520 | ---- | C] () -- C:\Windows\SysWow64\mp3lib.dll
    [2005.08.30 01:00:00 | 000,781,312 | ---- | C] () -- C:\Windows\SysWow64\RGSS102J.dll
    [2005.08.30 01:00:00 | 000,778,752 | ---- | C] () -- C:\Windows\SysWow64\RGSS102E.dll
    [2005.08.30 01:00:00 | 000,771,584 | ---- | C] () -- C:\Windows\SysWow64\RGSS100J.dll
     
    ========== Alternate Data Streams ==========
     
    @Alternate Data Stream - 168 bytes -> C:\Users\--Wthout Reasons--\Desktop\aufgabenblatt.jpeg:3or4kl4x13tuuug3Byamue2s4b
    < End of report >
    "Extras"
    Code:
    OTL Extras logfile created on: 05.07.2010 12:34:37 - Run 1
    OTL by OldTimer - Version 3.2.7.1     Folder = C:\Users\--Wthout Reasons--\Desktop
    64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
    8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 931,51 Gb Total Space | 284,73 Gb Free Space | 30,57% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    Drive E: | 3,73 Gb Total Space | 0,93 Gb Free Space | 24,85% Space Free | Partition Type: FAT32
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
     
    Computer Name: BYSHADOW
    Current User Name: --Wthout Reasons--
    Logged in as Administrator.
     
    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = Opera.HTML] -- G:\Programme\Opera(upgrade)\Opera.exe File not found
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = Opera.HTML] -- G:\Programme\Opera(upgrade)\Opera.exe File not found
     
    ========== Shell Spawning ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %* File not found
    cmdfile [open] -- "%1" %* File not found
    comfile [open] -- "%1" %* File not found
    exefile [open] -- "%1" %* File not found
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "G:\Programme\Opera(upgrade)\opera.exe" File not found
    https [open] -- "G:\Programme\Opera(upgrade)\opera.exe" File not found
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %* File not found
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1" File not found
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S File not found
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "G:\Programme\Opera(upgrade)\opera.exe" File not found
    https [open] -- "G:\Programme\Opera(upgrade)\opera.exe" File not found
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    ========== Security Center Settings ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring" = 1
    "" = 
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
    "DefaultOutboundAction" = 0
    "DefaultInboundAction" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    ========== Authorized Applications List ==========
     
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{23170F69-40C1-2702-0910-000001000000}" = 7-Zip 9.10 (x64 edition)
    "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
    "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
    "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
    "{404BB1FF-A84F-432F-B77B-301E88E8D1C7}" = Apple Mobile Device Support
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
    "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
    "{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
    "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
    "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
    "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{96D5EB02-DE18-4DCD-A713-929B4461CA8D}" = iTunes
    "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}" = Bonjour
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
    "{DE2C9D5F-C55C-30E8-9322-2B8E8B5DF87C}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
    "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
    "{E51D640E-030B-4887-9D97-EF290EE44D67}" = Sun xVM VirtualBox
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{F31BB194-C04E-4C63-90F8-5FC50E05B6B8}" = Vegas Pro 9.0 (64-bit)
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
    "NVIDIA Drivers" = NVIDIA Drivers
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
    "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
    "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
    "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
    "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
    "{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
    "{142DB726-3FC3-4631-95FE-3524C8A71CC1}" = Mediaraptor
    "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
    "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
    "{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}" = Opera 10.00
    "{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{236E24F2-D767-406B-B2F0-892D3A0DEA4A}" = HiCam USB 2.0 S931P
    "{26A24AE4-039D-4CA4-87B4-2F83216013F0}" = Java(TM) 6 Update 13
    "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20
    "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
    "{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20
    "{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
    "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
    "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
    "{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
    "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
    "{4538055F-EBC6-4E67-9365-F55B1DEFE9DE}" = Gothic 3 - Götterdämmerung
    "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
    "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
    "{56403FFF-145E-35C5-A090-96598BE57FB8}" = Microsoft Visual Basic 2008 Express Edition - DEU
    "{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard
    "{5D235030-8E60-42A0-9258-B7943FCD3511}" = inSSIDer
    "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
    "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
    "{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)
    "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
    "{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
    "{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
    "{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
    "{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
    "{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
    "{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
    "{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-002A-0407-1000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
    "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
    "{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
    "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
    "{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP
    "{9B88DD94-1AAE-41C4-BD95-2D8737D5E9E2}" = Watson
    "{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack
    "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{AE16BB3C-02E8-44CB-BF38-D6DB22BD1294}" = calibre
    "{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
    "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
    "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
    "{C79CB9C7-10A4-4814-8402-F574672C2192}" = Star Wars Battlefront
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DAE449A1-A082-4E20-9694-5D680E969559}" = NVIDIA 3D Vision Video Player
    "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F3630894-093B-4E39-8491-97E0046839CC}" = GameSpy Comrade
    "{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
    "{F8D315CF-615E-3AAC-ABF6-C0FA91EDDDBA}" = Microsoft Visual C# 2008 Express Edition with SP1 - DEU
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch)
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
    "{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
    "¹íÆü3" = ¹íÆü3
    "7-Zip" = 7-Zip 4.65
    "ACDLabs in C__Program_Files_(x86)_ACDFREE12_" = ACD/Labs Software in C:\Program Files (x86)\ACDFREE12\
    "Actual   Spy_is1" = Actual Spy 3.0
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
    "Akamai" = Akamai NetSession Interface
    "AnarkClient" = Anark Client 1.0
    "Audio 180%" = Audio 180%
    "Audition Online1.2.6064" = Audition Online
    "AVMWLANCLI" = AVM FRITZ!WLAN
    "CamStudio" = CamStudio
    "CINEMA 4D Release 8" = CINEMA 4D Release 8
    "Cinema4D R9.603 Production Bundle" = Cinema4D R9.603 Production Bundle
    "Construct_is1" = Construct 0.99.42
    "Diablo II" = Diablo II
    "DungeonSiege2" = Dungeon Siege 2
    "EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v4.60
    "Fraps" = Fraps
    "GCFScape_is1" = GCFScape 1.7.3
    "HijackThis" = HijackThis 2.0.2
    "ImgBurn" = ImgBurn
    "InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
    "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
    "IsoBuster_is1" = IsoBuster 2.6
    "League of Legends_is1" = League of Legends
    "LogMeIn Hamachi" = LogMeIn Hamachi
    "Magic Bullet PhotoLooks" = Magic Bullet PhotoLooks
    "Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
    "Microsoft Visual Basic 2008 Express Edition - DEU" = Microsoft Visual Basic 2008 Express Edition - DEU
    "Microsoft Visual C# 2008 Express Edition with SP1 - DEU" = Microsoft Visual C# 2008 Express Edition mit SP1 - DEU
    "Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
    "Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
    "Nice PDF Compressor_is1" = Nice PDF Compressor 2.0
    "Notepad++" = Notepad++
    "NVIDIA Screen Saver_is1" = NVIDIA Screen Saver 1.2
    "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
    "ÕæÈý¹úÎÞË«4" = ÕæÈý¹úÎÞË«4
    "Pimero 2009 R4 Free Edition_is1" = Pimero 2009 R4 Free Edition
    "PROHYBRIDR" = 2007 Microsoft Office system
    "RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
    "StarCraft II Beta" = StarCraft II Beta
    "Steam App 220" = Half-Life 2
    "Steam App 240" = Counter-Strike: Source
    "Steam App 340" = Half-Life 2: Lost Coast
    "Steam App 380" = Half-Life 2: Episode One
    "Steam App 400" = Portal
    "Steam App 420" = Half-Life 2: Episode Two
    "Steam App 440" = Team Fortress 2
    "SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
    "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
    "TeamViewer 5" = TeamViewer 5
    "The Last Remnant_is1" = The Last Remnant 1.0
    "Trine_is1" = Trine
    "TrueCrypt" = TrueCrypt
    "TuneUp Utilities" = TuneUp Utilities
    "Universal Extractor_is1" = Universal Extractor 1.6
    "uTorrent" = µTorrent
    "VirtualCloneDrive" = VirtualCloneDrive
    "VLC media player" = VLC media player 1.0.1
    "VTFEdit_is1" = VTFEdit 1.2.5
    "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
    "WinLiveSuite_Wave3" = Windows Live Essentials
    "World of Warcraft" = World of Warcraft
    "Zattoo" = Zattoo 3.3.4 Beta
     
    ========== Last 10 Event Log Errors ==========
     
    Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
     
    < End of report >

  4. #4
    Einsteiger
    Registriert seit
    04.07.2010
    Beiträge
    3

    AW: Hohe Auslastung

    Sobald ich gmer.exe als admin. ausgeführt habe kam die Fehlermeldung: C:\Windows\system32\config\system: Das System kann die angegebene Datei nicht finden. Den Scan konnte ich trotzdem normal ausführen:

    Code:
    GMER 1.0.15.15281 - http://www.gmer.net
    Rootkit scan 2010-07-05 13:21:16
    Windows 6.1.7600 
    Running: gjb4fsmd.exe
    
    
    ---- Registry - GMER 1.0.15 ----
    
    Reg  HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Program Files (x86)\\xb0\xae\xbf\xb4ÊÓƵ\xb2\xa5\xb7ÅÆ\xf7\uninst.exe  1
    Reg  HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@SIGN.MEDIA=220C0DA                                                        1
    
    ---- EOF - GMER 1.0.15 ----
    Anmerkung:
    Die hohe Auslastung wurde laut Taskmanager von einem svchost (ich habe unheimlicherweise um die 13 davon) Prozess verursacht und als ich diesen beendet habe war meine hohe Auslastung verschwunden. Beim Neustart ist die Auslastung dann auch unten geblieben und ich hoffe das dies jetzt auch so bleibt.

  5. #5
    Senior Team-Mitglied Avatar von pc-jedi
    Registriert seit
    17.07.2009
    Beiträge
    3.644

    AW: Hohe Auslastung

    Puh, leider habe ich gerade auf Deinem System etwas gefunden, was mich veranlasst, den Support an diesem Punkt einzustellen. Die Nutzung von Cracks, Keygens und Patchs, die das Ziel haben, Bezahlsoftware ohne Bezahlung nutzbar zu machen, ist illegal und wir haben uns unterdessen darauf geeinigt, dass wir uns nicht der Beihilfe schuldig machen. Dieses Forum unterliegt deutschen Gesetzen und die sind da ziemlich streng. Du hast Dir mit diesem Zeug Dein System infiziert, und dass Cracks und Keygens im Wesentlichen dazu dienen, um auf den Computern Malware unterzubringen, ist schließlich kein Geheimnis. Da bleibt mir nicht weiter, als Dir zu empfehlen, in Zukunft auf derlei Software zu verzichten. Falls Du eine Bereinigung dem Neuaufsetzen vorziehst, deinstalliere nun alle gecrackte Software auf dem Rechner und poste ein frisches Logfile. Erst wenn die Programme nicht mehr auf dem Rechner sind können wir mit der Bereinigung beginnen.
    Geändert von pc-jedi (05.07.2010 um 17:56 Uhr)
    mfg pc-jedi

    Wenn nicht innerhalb von 48 Stunden antworte schickt mir bitte eine Nachricht mit einem Link zu eurem Thread.
    Neu hier?

  6. #6
    Senior Team-Mitglied Avatar von pc-jedi
    Registriert seit
    17.07.2009
    Beiträge
    3.644

    AW: Hohe Auslastung

    Fehlende Rückmeldung

    Gibt es Probleme beim Abarbeiten obiger Anleitung, wenn ja welche? Wenn ich innerhalb von fünf Tagen keine Rückmeldung von Dir erhalte, gehe ich davon aus, dass Du nicht mehr weitermachen möchtest und/oder Du das Problem lösen konntest und werde diesen Thread kommentarlos schließen, damit Kapazitäten für andere wartende User frei werden.

    Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

    Edit 10.07.2010:
    Thread wird mangels Rückmeldung geschlossen.
    Bei Bedarf schicke bitte eine PN an mich, ich kann den Thread ggfs. wieder öffnen.
    Geändert von pc-jedi (10.07.2010 um 09:20 Uhr)
    mfg pc-jedi

    Wenn nicht innerhalb von 48 Stunden antworte schickt mir bitte eine Nachricht mit einem Link zu eurem Thread.
    Neu hier?

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. Hohe CPU-Auslastung
    Von Adiot im Forum Archiv
    Antworten: 16
    Letzter Beitrag: 11.02.2010, 01:56
  2. Zu hohe RAM-Auslastung
    Von snoop22 im Forum Archiv
    Antworten: 3
    Letzter Beitrag: 02.01.2009, 16:46
  3. Hohe CPU - Auslastung
    Von Runna im Forum Archiv
    Antworten: 4
    Letzter Beitrag: 10.11.2008, 08:23
  4. hohe CPU-Auslastung.
    Von robertharris im Forum Archiv
    Antworten: 2
    Letzter Beitrag: 07.11.2008, 01:52
  5. hohe cpu auslastung
    Von KaniStefan im Forum Vista-Archiv
    Antworten: 1
    Letzter Beitrag: 04.03.2008, 09:01

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •