Frage zu loganalyse der website

[Daepilin]

Jo, hab grad mal mein hijackthis log von der internetseite laden analysieren lassen, und dabei soweit keien warnungen bekommen, allerdings wurde angezeigt, dass die systemprozesse ( allerdings soweit ich sehn kann fast alle) nicht im systemordner(system32) ausgeführt würden.

sollte ich mal n kompletten scan ( wie hier auch beschrieben) durchführen, oder ist das nur n fehler? besondere beschwerden hab ich nich, nur bekomm ich heute dauernd die meldung,d ass mein virenschutz ( kaspersky) firefox geblockt hat, als dieser www.tagesschau.de/newsticker.rdf laden wollte.

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:51:48, on 27.01.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
E:\Program Files (x86)\Steam\Steam.exe
C:\Users\Martin\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
E:\Program Files (x86)\DVBViewer\DVBVCtrl.exe
C:\Program Files (x86)\BumpTop\BumpTop.exe
C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
E:\Program Files (x86)\DisplayFusion\AppHookx86.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 3\firefox.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 3\plugin-container.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 3\plugin-container.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Users\Martin\Desktop\texmod\Texmod.exe
C:\Program Files (x86)\BitTorrent\bittorrent.exe
C:\Users\Martin\Desktop\HiJackThis204.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\BumpTop\TexHelper.exe
C:\Program Files (x86)\BumpTop\TexHelper.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: dTPodcastBHO - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
O4 - HKCU\..\Run: [Steam] "E:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [SansaDispatch] C:\Users\Martin\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKCU\..\Run: [DisplayFusion] "E:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DVBV Service Ctrl] E:\Program Files (x86)\DVBViewer\DVBVCtrl.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-2090000939-791085270-4169881481-1014\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2090000939-791085270-4169881481-1014\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: BumpTop.lnk = C:\Program Files (x86)\BumpTop\BumpTop.exe
O4 - Startup: Dropbox.lnk = Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Microsoft Outlook 2010.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Free YouTube Download - C:\Users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: DVBViewer Recording Service (DVBVRecorder) - CM & V - E:\Program Files (x86)\DVBViewer\DVBVservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - E:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15544 bytes

ps: bevor ihr denkt ich nutzt bittorent für illegales:



aion ist seit gestern in der f2p closed beta und ich lad halt den client

[kira]

Herzlich Willkommen hier bei uns am HijackThis Supportboard!

**Bevor du mit Teil 1. der Aufgabe beginnst: HIER KLICKEN UND SORGFÄLTIG DURCHLESEN!** und ich bitte um kurze Bestätigung, dass du dies gelesen und akzeptiert hast!
Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
► Unrechtmäßig erworbene Software (durch Keygen, Crack, Keymaker) wird hier nicht geduldet, in diesem Fall wird der Support eingestellt.!

ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!

Bitte lese Dir zuerst in Ruhe die Anweisungen durch und Du sollst dabei die Reihenfolge einhalten! Ansonsten verlangsamt unsere Arbeit, wenn wir immer wieder noch an Kleinigkeiten nachschlagen müssen und dadurch eventuell die Übersicht verloren geht...


► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
**Vista und Win7 Verwender: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen

1.
Das Program installieren und ausführen:
Anleitung:-> Bereinigung mit Malwarebytes' Anti-Malware (Vollständiger Suchlauf)

2.
Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis mit Rechtsklick als Administrator starten--> `Do a system scan only`--> Einträge auswählen--> Häckhen setzen--> "Fix checked"klicken-->PC neu aufstarten) - fixe NUR Die von mir angegebenen Einträge!:
HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-2090000939-791085270-4169881481-1014\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

► Rechtsklick auf HijackThis-> "Als administrator ausführen" wählen...(Wista und WIN 7)

3.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:

• Download den CCleaner
  
• Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" - abwählen!)-> starten -> Falls nötig, unter Options settings -> "german" einstellen.
• starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
• ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

4.
poste erneut - nach der vorgenommenen Reinigungsaktion:
TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!!
► Rechtsklick auf das Tool HijackThis -> als Administrator ausführen wählen

5.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt OTL.txt und extra.txt
• Poste die Logfiles in Code-Tags hier in den Thread.

Bitte alle Ergebnisse im Code-Tags posten!

vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein
dahinter - also am Ende der Logdatei:[/code]

gruß
kira

[Daepilin]

ich möchte doch nur wissen ob die angabe rechtfertigt alles zu untersuchen, ich hab ja keien akuten beschwerden und würde ungern wegen ner "kleinigkeit" stundenlange systemscans machen -.-

[kira]

ich möchte doch nur wissen ob die angabe rechtfertigt alles zu untersuchen...

Eindeutig: Ja, sogar in mehrere Hinsicht!

[Daepilin]

hm, bin zwar grad mit anti-malware am scannen, hab aber grad das hier gefunden :

http://www.trojaner-board.de/97592-s...2-alg-exe.html

die warnungen haben sich auch nur auf die O23 files bezogen.

[kira]

es tut mir Leid, aber ich möchte hier nicht weiter darüber diskutieren, ist mir schade um meine Zeit. Wenn Du Hilfe benötigst, arbeite bitte die Anweisungen der Reihe nach und vollständig ab! "Das gleiche Problem" gibt es nicht, Dein System ist überhaupt nicht in Ordnung. Wenn Du noch weiter machen möchtest, unterstütze ich Dich dabei natürlich gern, ansonsten lassen wir es gut sein

[Daepilin]

is ja schon gut:

1. Malwarebytes hat nix gefunden

2: installierte programme:

Code:

3DMark06	Futuremark Corporation	12.03.2011		1.2.0
7-Zip 9.20		23.09.2011		
AC2 server emulator 0.44 by Dormine	bjamikel	09.04.2010	7,11MB	
Acronis*True*Image*Home 2011	Acronis	10.10.2010	259MB	14.0.5519
Adobe AIR	Adobe Systems Incorporated	11.11.2011		3.1.0.4880
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	04.11.2011	6,00MB	10.3.183.10
Adobe Flash Player 11 Plugin 64-bit	Adobe Systems Incorporated	16.11.2011	6,00MB	11.1.102.55
Adobe Reader 9.4.4 - Deutsch	Adobe Systems Incorporated	22.04.2011	168,5MB	9.4.4
Adobe Shockwave Player 11	Adobe Systems, Inc.	22.03.2010		11
Advanced Combat Tracker (remove only)		11.06.2011		
Age of Empires Online	Microsoft Studios	31.08.2011		1.0.0000.129
Aion	NCsoft	27.01.2012		2.0.0.2
AION Free-To-Play	Gameforge 4D	25.01.2012		v0.1
Akamai NetSession Interface		01.01.2011		
Amazon MP3-Downloader 1.0.9		05.04.2010		
AMD Catalyst Install Manager	Advanced Micro Devices, Inc.	05.10.2011	22,7MB	3.0.838.0
Android SDK Tools	Google Inc.	19.08.2011		0.7
ANNO 1404	Ubisoft	03.04.2010		1.02.0000
AOC UI Installer 3.1.0	VikingWorks	30.06.2011	0,65MB	3.1.0
Apple Application Support	Apple Inc.	19.03.2010	32,4MB	1.1.0
Apple Software Update	Apple Inc.	19.03.2010	2,16MB	2.1.1.116
Ashampoo Burning Studio 9.12	ashampoo GmbH & Co. KG	22.10.2009		9.1.2
Aspell German Dictionary-0.50-2	GNU	08.02.2010		
Audacity 1.2.6		30.10.2009		
Audacity 1.3.13 (Unicode)	Audacity Team	13.07.2011	40,2MB	
Audacity Recovery Utility	Markus Meyer	03.02.2011		
Audiosurf	BestGameEver	22.12.2011		
Batman: Arkham City		05.10.2011		
Batman: Arkham City™ PC	Rocksteady	22.11.2011		
Battlefield 3™	Electronic Arts	06.11.2011		1.0.0.0
Battlefield: Bad Company™ 2	Electronic Arts	09.03.2010	5.869MB	1.0.0.0
Battlelog Web Plugins	EA Digital Illusions CE AB	15.12.2011		1.104.0
Beat Hazard		17.12.2011		
BitTorrent	BitTorrent, Inc	26.02.2010		
Blur	Bizarre Creations	21.12.2011		
Bonjour	Apple Inc.	21.12.2011	1,82MB	2.0.2.0
Brother MFL-Pro Suite DCP-J315W	Brother Industries, Ltd.	11.07.2011		1.0.3.0
BumpTop	Bump Technologies, Inc.	04.09.2010	53,0MB	2.1.6211
Call of Juarez: Bound in Blood	Ubisoft	12.09.2011		
Capsule	Green Man Gaming Limited	16.12.2010		1.0.000
CCleaner	Piriform	27.08.2011		3.10
Clive Barker's Jericho	CodeMasters	23.07.2011		
CodeBlocks	The Code::Blocks Team	04.11.2011		10.05
ColdCut	© Jan Brummelte	13.11.2009		ColdCut
Core Temp 1.0 RC2	Alcpu	08.09.2011	2,31MB	1.0
Crysis Modification - Mster Config v3.01		25.08.2011	35,8MB	
Curse Client	Curse	04.11.2011		4.0.1.112
CyberLink PowerDVD 10	CyberLink Corp.	12.04.2011	247MB	10.0.2325.51
Der Herr der Ringe Online v03.04.04.8012	Turbine, Inc.	31.12.2011		03.04.04.8012
DH Driver Cleaner Professional Edition	Ruud Ketelaars	05.10.2011		Version 1.5
Diablo II	Blizzard Entertainment	19.09.2011		
DiRT 2	Codemasters	11.11.2011		
DisplayFusion 3.4.1	Binary Fortress Software	13.01.2012	8,52MB	3.4.1.0
Divinity II - The Dragon Knight Saga	http://www.larian.com/	27.11.2011		
DivX-Setup	DivX, LLC	12.03.2011		2.4.0.6
doubleTwist	doubleTwist Corporation	21.12.2011		3.2.0.12944
Dropbox	Dropbox, Inc.	07.12.2011		1.2.49
DScaler 5 Mpeg Decoders		12.04.2011		
Dual-Core Optimizer	AMD	02.06.2011	86,00KB	1.1.4.0169
Dungeon Defenders		01.01.2012		
DVBViewer Pro	CM&V	11.11.2011	15,6MB	4.9
DVBViewer Recording Service	CM&V	28.07.2011	10,5MB	1.9.0.0
ESN Sonar	ESN Social Software AB	06.11.2011		0.70.0
Eternal-WoW! Launcher	Eternal-WoW!	04.11.2011		2.0.2.2
Evernote v. 4.5	Evernote Corp.	10.08.2011	149,7MB	4.5.0.5229
Far Cry 2	Ubisoft	06.07.2011		
ffdshow [rev 3154] [2009-12-09]		12.04.2011	16,8MB	1.0
FileZilla Client 3.2.7.1		25.05.2011		3.2.7.1
Fraps (remove only)		22.10.2009		
Free Studio version 5.0.3	DVDVideoSoft Limited.	02.01.2011	238MB	
GeoGebra	International GeoGebra Institute	03.11.2010	5,94MB	3.2.45.0
GIMP 2.6.7		09.12.2009		
GmoteServer	Gmote.org	23.05.2011		2.0.2
GNU Aspell 0.50-3	GNU	08.02.2010		
GPxPatch (remove only)		20.04.2010		
GTK+ Runtime 2.14.7 rev a (nur entfernen)		08.02.2010		
HD Tune 2.55	EFD Software	14.09.2011		
Host OpenAL (ADI)		23.10.2009		
HTC BMP USB Driver	HTC	23.05.2011	0,28MB	1.0.5375
HTC Driver Installer	HTC Corporation	23.05.2011	1,87MB	3.0.0.005
IrfanView (remove only)		22.12.2009		
Java(TM) 6 Update 23 (64-bit)	Oracle	04.01.2011	90,9MB	6.0.230
Java(TM) 6 Update 29	Oracle	24.09.2010	97,0MB	6.0.290
Java(TM) 7 (64-bit)	Oracle	14.08.2011	93,3MB	7.0.0
Java(TM) SE Development Kit 6 Update 23 (64-bit)	Oracle	04.01.2011	132,1MB	1.6.0.230
Java(TM) SE Development Kit 7 (64-bit)	Oracle	18.08.2011	233MB	1.7.0.0
JDownloader	AppWork UG (haftungsbeschränkt)	05.11.2009		0.89
JMicron JMB36X Driver	JMICRON Technology Corp.	23.10.2009		1.00.0000
Just Cause 2	Avalanche Studios	01.07.2011		
Kaspersky Internet Security 2012	Kaspersky Lab	24.09.2011		12.0.0.374
Killing Floor	Tripwire Interactive	06.07.2011		
Kingdoms of Amalur: Reckoning Demo		16.01.2012		
Last.fm 1.5.4.27091	Last.fm	29.10.2010		
League of Legends	Riot Games	10.08.2011		1.02.0000
League of Legends	Riot Games	23.05.2010		1.0020
LemmingballZ 3D 8460		30.05.2010		
Lineage II	NCsoft	12.12.2011		
Logitech SetPoint	Logitech	23.10.2009	17,00KB	4.80
Lyrics Plugin for Winamp	Lyrics Plugin	19.05.2011	0,24MB	0.4
MailStore Home 4.2.1.6501	deepinvent Software GmbH	08.09.2011	52,4MB	4.2.1.6501
Malwarebytes Anti-Malware Version 1.60.0.1800	Malwarebytes Corporation	27.01.2012	18,6MB	1.60.0.1800
Mass Effect	BioWare	21.01.2012		
Medal of Honor: Airborne		03.08.2011		
Metro 2033	THQ	11.10.2011		
Microsoft .NET Framework 1.1		20.12.2009		
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	05.01.2012	38,8MB	4.0.30320
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	05.01.2012	2,94MB	4.0.30320
Microsoft .NET Framework 4 Extended	Microsoft Corporation	05.01.2012	52,0MB	4.0.30320
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	05.01.2012	10,7MB	4.0.30320
Microsoft .NET Framework 4 Multi-Targeting Pack	Microsoft Corporation	25.07.2010	83,5MB	4.0.30319
Microsoft Games for Windows - LIVE Redistributable	Microsoft Corporation	19.11.2011	31,3MB	3.5.92.0
Microsoft Games for Windows Marketplace	Microsoft Corporation	26.07.2011	6,04MB	3.5.50.0
Microsoft Help Viewer 1.0	Microsoft Corporation	25.07.2010	3,97MB	1.0.30319
Microsoft Help Viewer 1.0 Language Pack - DEU	Microsoft Corporation	25.07.2010	1,95MB	1.0.30319
Microsoft Office Outlook Connector	Microsoft Corporation	08.09.2011	3,57MB	14.0.6106.5001
Microsoft Office Professional Plus 2010	Microsoft Corporation	06.12.2011		14.0.6029.1000
Microsoft Silverlight	Microsoft Corporation	11.10.2011	182,6MB	4.0.60831.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053	Microsoft Corporation	20.07.2010	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	31.12.2011	2,38MB	8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	22.10.2009	1,48MB	8.0.61000
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175	Microsoft Corporation	24.04.2011	0,57MB	8.0.51011
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570	Microsoft Corporation	24.04.2011	0,77MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	24.04.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022	Microsoft Corporation	14.09.2010	1,43MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	11.03.2010	0,25MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148	Microsoft Corporation	29.10.2009	0,77MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	16.06.2011	0,77MB	9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	Microsoft Corporation	26.07.2010	1,42MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218	Microsoft Corporation	14.09.2010	0,23MB	9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411	Microsoft Corporation	29.10.2009	1,46MB	9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	16.09.2010	0,23MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	11.11.2009	0,23MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	29.10.2009	0,58MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974	Microsoft Corporation	25.07.2010	0,58MB	9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	16.06.2011	0,59MB	9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319	Microsoft Corporation	24.04.2011	15,1MB	10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319	Microsoft Corporation	24.04.2011	14,9MB	10.0.30319
Microsoft Visual C++ 2010 Express - DEU	Microsoft Corporation	25.07.2010		10.0.30319
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU	Microsoft Corporation	25.07.2010	4,32MB	10.0.30319
Microsoft Xbox 360 Accessories 1.2	Microsoft	19.11.2010	7,82MB	1.20.146.0
Microsoft XNA Framework Redistributable 3.1	Microsoft Corporation	06.12.2010	7,55MB	3.1.10527.0
Microsoft XNA Framework Redistributable 4.0	Microsoft Corporation	16.05.2011	8,03MB	4.0.20823.0
MOBackup - Datensicherung für Outlook (Testversion)	Heiko Schröder	20.09.2011		6.70
Mozilla Firefox (3.6.6)	Mozilla	02.07.2010		3.6.6 (de)
Mozilla Firefox (4.0b1)	Mozilla	06.07.2010		4.0b1 (en-US)
Mozilla Firefox (4.0b2)	Mozilla	27.07.2010		4.0b2 (de)
Mozilla Firefox 10.0 (x86 de)	Mozilla	29.01.2012	38,6MB	10.0
Mozilla Thunderbird (6.0.2)	Mozilla	07.09.2011		6.0.2 (de)
Mp3tag v2.48	Florian Heidenreich	06.03.2011		v2.48
MSI Afterburner 2.1.0	MSI Co., LTD	05.10.2011		2.1.0
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	22.10.2009	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	24.11.2009	1,33MB	4.20.9876.0
MSXML 4.0 SP3 Parser	Microsoft Corporation	23.05.2011	1,48MB	4.30.2100.0
MSXML 4.0 SP3 Parser (KB973685)	Microsoft Corporation	25.05.2011	1,53MB	4.30.2107.0
Musicmatch® Jukebox		31.01.2010		9.00.0156
NC Launcher (GameForge)	NCsoft	25.01.2012		
NCsoft Launcher	NCsoft	12.12.2011		1.5.19002
NCsoft Launcher	NCsoft	27.01.2012		1.5.18003
NSS (remove only)	B-Phreaks Ltd	19.02.2010		1.0.38.15
NVIDIA 3D Vision Controller-Treiber 285.79	NVIDIA Corporation	10.11.2011		285.79
NVIDIA 3D Vision Treiber 285.79	NVIDIA Corporation	10.11.2011		285.79
NVIDIA Grafiktreiber 285.79	NVIDIA Corporation	10.11.2011		285.79
NVIDIA HD-Audiotreiber 1.2.24.0	NVIDIA Corporation	10.11.2011		1.2.24.0
NVIDIA PhysX-Systemsoftware 9.11.0621	NVIDIA Corporation	05.10.2011		9.11.0621
NVIDIA Supersonic Sled demo		05.10.2011		
NVIDIA Update 1.5.20	NVIDIA Corporation	10.11.2011		1.5.20
NX Client for Windows 3.5.0-7	NoMachine	30.11.2011		3.5.0-7
O&O Defrag Professional	O&O Software GmbH	17.01.2010	47,3MB	12.0.197
Octoshape add-in for Adobe Flash Player		04.11.2011		
Octoshape Streaming Services		04.11.2011		
OpenAL		12.03.2011		
Orcs Must Die!		23.11.2011		
Origin	Electronic Arts, Inc.	09.11.2011		8.3.7.3619
oZone3D.Net FurMark v1.7.0	oZone3D.Net	11.01.2010		
Pando Media Booster	Pando Networks Inc.	30.12.2011	5,47MB	2.6.0.1
PC Connectivity Solution	Nokia	19.02.2010	19,2MB	9.44.0.3
Pirates of the Caribbean		08.01.2011		
PlayReady PC Runtime amd64	Microsoft Corporation	18.03.2011	2,06MB	1.3.0
Portal 2	Valve	04.10.2011		
PunkBuster Services	Even Balance, Inc.	06.11.2011		0.991
Questpaket 4 Update 1 Deinstallation	Humanforce	13.08.2010		4.1.0.0
QuickTime	Apple Inc.	19.03.2010	77,3MB	7.65.17.80
Rapture3D 2.3.26 Game	Blue Ripple Sound	29.12.2010		
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	26.07.2010		6.0.1.6151
Recuva	Piriform	11.01.2010		1.34
RGF HotSpot version 0.6b		13.01.2012	2,68MB	0.6b
RIFT	Ihr Firmenname	01.04.2011	33,6MB	0.1.10
RIFT	Trion Worlds, Inc.	01.04.2011	33,2MB	1.0.0
Risen	Deep Silver	12.10.2010		1.00.0000
Sacred 2	Ascaron Entertainment	02.08.2011	12.321MB	2.0.2.0
Sacred Underworld	Ascaron Entertainment GmbH	12.09.2011		
Samsung AllShare	Samsung Electronics Co., Ltd.	05.01.2012	73,9MB	2.1.0.11123_8
Sandboxie 3.60 (64-bit)		06.11.2011		
Sansa Media Converter		25.12.2009		1.0-B4.256
Sansa Updater		04.11.2011		
Santa Rockstar HD	Bekho Team	16.12.2011	428MB	1.00.0000
Silkroad		29.08.2011		
simfy	simfy GmbH	11.09.2011		1.5.2
Singularity		19.12.2011		
Skype Toolbars	Skype Technologies S.A.	31.07.2011	5,84MB	5.3.7555
Skype™ 5.3	Skype Technologies S.A.	31.07.2011	16,6MB	5.3.120
SopCast 3.2.4	SopCast.com	07.12.2009		3.2.4
Spybot - Search & Destroy	Safer Networking Limited	23.02.2010		1.6.2
Star Trek Online	Cryptic Studios	16.01.2012		
Star Wars Empire at War Demo	LucasArts	15.09.2010		1.0
Star Wars: Knights of the Old Republic	BioWare	28.12.2011		
Steam	Valve Corporation	22.10.2009	1,49MB	1.0.0.0
Stranded II 1.0.0.1	Unreal Software	29.05.2010		
SUPER © Version 2010.bld.37 (Jan 2, 2010)	eRightSoft	10.01.2010		Version 2010.bld.37 (Jan 2, 2010)
System Requirements Lab	Husdawg, LLC	04.01.2010	0,40MB	4.1.14.0
TBS 6920 DVBS/S2(support HID) Driver 1.0.4.8 for windows 7	TBS Technologies	17.03.2011	1,26MB	
TBS 6920 DVBS/S2(support HID) Driver 1.0.5.1 for windows xp/vista/7	TBS Technologies	06.01.2012	1,26MB	
TDM-GCC	TDM	11.10.2010		1.1006.0
TeamSpeak 3 Client	TeamSpeak Systems GmbH	15.08.2011		
TeamViewer 6	TeamViewer GmbH	03.09.2011		6.0.11052
The Binding Of Isaac		05.01.2012		
Third Age - Total War 1.0 Part1		04.11.2011		
Third Age - Total War 1.0 Part2		04.11.2011		
Third Age - Total War Hotfix1		04.11.2011		
Third Age - Total War Patch 1.1		04.11.2011		
Third Age - Total War Patch 1.2		04.11.2011		
Third Age - Total War Patch 1.3		04.11.2011		
Thrustmaster Force Feedback Driver	Thrustmaster	13.09.2010		1.FFD.2009
TI Connect 1.6	Texas Instruments Inc	19.02.2011	28,6MB	1.6
Tomb Raider: Underworld 1.0		30.05.2011		
Torchlight	Runic Games, Inc.	22.12.2011		
TortoiseSVN 1.6.12.20536 (64 bit)	TortoiseSVN	14.12.2010	21,8MB	1.6.20536
TQVault	bman654	13.03.2011	5,29MB	2.30.4
Trillian	Cerulean Studios, LLC	08.02.2010		
TuxGuitar	Herac	03.12.2009	10,6MB	1.2
TVUPlayer 2.5.2.2	TVU networks	19.04.2010		2.5.2.2
Ubisoft Game Launcher	UBISOFT	20.03.2011		1.0.0.0
UE3Redist	Epic Games	12.07.2010	68,9MB	1.00.0000
Uninstall 1.0.0.1		02.01.2011	10,4MB	
Unity Web Player	Unity Technologies ApS	10.11.2011	12,0MB	
Veetle TV 0.9.18	Veetle, Inc	16.10.2010		0.9.18
Venetica	dtp	03.01.2012		
VLC media player 1.1.7	VideoLAN	19.02.2011		1.1.7
Win7 Taskbar v1.12	Magyari Attila	12.12.2009		1.12
Winamp	Nullsoft, Inc	19.05.2011		5.61 
Winamp Erkennungs-Plug-in	Nullsoft, Inc	19.05.2011	75,00KB	1.0.0.1
Windows 7 USB/DVD Download Tool	Microsoft Corporation	20.09.2011	2,72MB	1.0.30
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0)	Texas Instruments Inc.	19.02.2011		06/11/2009 1.0.0.0
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1)	Texas Instruments Inc.	19.02.2011		09/02/2009 1.0.0.1
Windows Installer Clean Up	Microsoft Corporation	24.05.2010	0,30MB	3.00.00.0000
Windows Live Essentials	Microsoft Corporation	15.10.2010		15.4.3502.0922
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)	Nokia	19.02.2010		08/22/2008 7.0.0.0
WinMerge 2.12.4	Thingamahoochie Software	08.01.2011		2.12.4
WinRAR 4.00 (64-Bit)	win.rar GmbH	07.03.2011		4.00.0
World of Warcraft	Blizzard Entertainment	25.09.2011		4.2.2.14545
Xfire (remove only)		05.02.2010		
XSplit	SplitMediaLabs	31.07.2011	28,5MB	1.0.1106.2902

2. hijackthis log:

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:28:30, on 30.01.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
E:\Program Files (x86)\Steam\Steam.exe
C:\Users\Martin\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files (x86)\BumpTop\BumpTop.exe
C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
E:\Program Files (x86)\DisplayFusion\AppHookx86.exe
C:\Program Files (x86)\BumpTop\TexHelper.exe
C:\Program Files (x86)\BumpTop\TexHelper.exe
C:\Users\Martin\Desktop\HiJackThis204.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: dTPodcastBHO - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Steam] "E:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [SansaDispatch] C:\Users\Martin\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKCU\..\Run: [DisplayFusion] "E:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DVBV Service Ctrl] E:\Program Files (x86)\DVBViewer\DVBVCtrl.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-2090000939-791085270-4169881481-1014\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - Startup: BumpTop.lnk = C:\Program Files (x86)\BumpTop\BumpTop.exe
O4 - Startup: Dropbox.lnk = Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Microsoft Outlook 2010.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Free YouTube Download - C:\Users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: DVBViewer Recording Service (DVBVRecorder) - CM & V - E:\Program Files (x86)\DVBViewer\DVBVservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MBAMService - Malwarebytes Corporation - E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - E:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14542 bytes

otl.txt

Code:

OTL logfile created on: 30.01.2012 13:30:01 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Martin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 38,07% Memory free
8,00 Gb Paging File | 4,75 Gb Available in Paging File | 59,38% Paging File free
Paging file location(s): e:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,01 Gb Total Space | 26,65 Gb Free Space | 26,65% Space Free | Partition Type: NTFS
Drive E: | 738,91 Gb Total Space | 253,06 Gb Free Space | 34,25% Space Free | Partition Type: NTFS
Drive G: | 122,18 Gb Total Space | 0,59 Gb Free Space | 0,48% Space Free | Partition Type: NTFS
Drive H: | 92,60 Gb Total Space | 77,79 Gb Free Space | 84,01% Space Free | Partition Type: NTFS
 
Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Martin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 3\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 3\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - E:\Program Files (x86)\DisplayFusion\AppHookx86.exe (Binary Fortress Software)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - E:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - E:\Program Files (x86)\DVBViewer\DVBVservice.exe (CM & V)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Users\Martin\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\BumpTop\TexHelper.exe ()
PRC - C:\Program Files (x86)\BumpTop\BumpTop.exe ()
PRC - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Windows\SysWOW64\brss01a.exe (brother Industries Ltd)
PRC - C:\Windows\SysWOW64\brsvc01a.exe (brother Industries Ltd)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 3\mozjs.dll ()
MOD - E:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - E:\Program Files (x86)\Steam\bin\avcodec-52.dll ()
MOD - E:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - E:\Program Files (x86)\Steam\bin\avformat-52.dll ()
MOD - E:\Program Files (x86)\Steam\bin\avutil-50.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Windows\SysWOW64\CmdLineExt03.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\WinRAR\RarExt32.dll ()
MOD - C:\Program Files (x86)\BumpTop\TexHelper.exe ()
MOD - C:\Program Files (x86)\BumpTop\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\BumpTop\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\BumpTop\QtGui4.dll ()
MOD - C:\Program Files (x86)\BumpTop\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\BumpTop\QtCore4.dll ()
MOD - C:\Program Files (x86)\BumpTop\phonon4.dll ()
MOD - C:\Program Files (x86)\BumpTop\BumpTop.exe ()
MOD - C:\Program Files (x86)\BumpTop\ImageFormats\qtiff4.dll ()
MOD - C:\Program Files (x86)\BumpTop\ImageFormats\qmng4.dll ()
MOD - C:\Program Files (x86)\BumpTop\ImageFormats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\BumpTop\ImageFormats\qico4.dll ()
MOD - C:\Program Files (x86)\BumpTop\ImageFormats\qgif4.dll ()
MOD - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (O&O Defrag) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SamsungAllShareV2.0) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Samsung Electronics Co., Ltd.)
SRV - (SimpleSlideShowServer) -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe (Samsung Electronics Co., Ltd.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SbieSvc) -- E:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (DVBVRecorder) -- E:\Program Files (x86)\DVBViewer\DVBVservice.exe (CM & V)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\brsvc01a.exe (brother Industries Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (tbs6920vhid) -- C:\Windows\SysNative\drivers\tbs6920vhid.sys (Turbosight Ltd. www.tbsdtv.com)
DRV:64bit: - (tbs6920) -- C:\Windows\SysNative\drivers\tbs6920.sys (TBS Technologies, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273) -- C:\Windows\SysNative\drivers\tdrpm273.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (TIEHDUSB) -- C:\Windows\SysNative\drivers\tiehdusb.sys (Texas Instruments)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (VCSVADHWSer) Avnex Virtual Audio Device (WDM) -- C:\Windows\SysNative\drivers\vcsvad.sys (Avnex)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (AmdTools64) -- C:\Windows\SysNative\drivers\AmdTools64.sys (AMD, Inc.)
DRV:64bit: - (ATITool) -- C:\Windows\SysNative\drivers\ATITool64.sys ()
DRV - (SbieDrv) -- E:\Program Files\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- E:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (RTCore64) -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys ()
DRV - (nocashio) -- C:\Windows\SysWOW64\drivers\nocashio.sys ()
DRV - (SSHDRV61) -- C:\Windows\SysWOW64\drivers\SSHDRV61.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DC 2A 98 FF B8 E1 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "forum.worldofplayers.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: amin.eft_Shutdown@gmail.com:3.6.2D
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.2.5
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {3335F91D-2AEF-4097-B831-C96C60349822}:1.4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.5
FF - prefs.js..extensions.enabledItems: {6005d9b1-d115-485a-a92a-3f6453ca3fe2}:0.9
FF - prefs.js..extensions.enabledItems: compatibility@addons.mozilla.org:0.6
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1
FF - prefs.js..extensions.enabledItems: {21cfaec0-dbb3-11dc-95ff-0800200c9a66}:1.1.2.4
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..network.proxy.autoconfig_url: "http://82.199.75.41:8080/"
FF - prefs.js..network.proxy.backup.ftp: "www-proxy.t-online.de"
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.gopher: "80.68.95.142"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "www-proxy.t-online.de"
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "www-proxy.t-online.de"
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp: "www-proxy.t-online.de"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher: "91.197.33.188"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "www-proxy.t-online.de"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, speedport.ip, fck-recorder.net, battle.net"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "www-proxy.t-online.de"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "www-proxy.t-online.de"
FF - prefs.js..network.proxy.ssl_port: 80
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Martin\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.03.13 21:02:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.03.13 21:02:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2011.11.10 16:24:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2011.11.10 16:24:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2011.11.10 16:24:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 3\components [2012.01.30 13:23:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 3\plugins [2011.04.23 19:02:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.03 22:05:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.23 19:02:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\components [2010.07.07 12:02:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\plugins [2011.04.23 19:02:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 2\components [2010.07.28 09:33:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 2\plugins [2011.04.23 19:02:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.08.19 12:54:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.04.23 19:02:51 | 000,000,000 | ---D | M]
 
[2010.08.27 15:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Extensions
[2010.08.27 15:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.01.30 13:23:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions
[2010.04.28 19:46:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.27 15:12:26 | 000,000,000 | ---D | M] (Easy DragToGo) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\{21cfaec0-dbb3-11dc-95ff-0800200c9a66}
[2010.04.14 18:59:55 | 000,000,000 | ---D | M] (Leet Key) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\{3335F91D-2AEF-4097-B831-C96C60349822}
[2011.01.03 11:12:35 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.30 13:23:29 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.12.13 20:43:23 | 000,000,000 | ---D | M] (Anti-Aliasing Tuner) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\aatuner@hotmint.com
[2010.03.17 13:21:26 | 000,000,000 | ---D | M] (Auto Shutdown) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\amin.eft_Shutdown@gmail.com
[2010.11.18 19:16:57 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2010.03.09 21:37:01 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\firefox@tvunetworks.com
[2011.12.20 22:16:05 | 000,000,000 | ---D | M] (Better GSPB) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\jid0-ipFubNWmlcA4e3UgP0h5Aim92fY@jetpack
[2011.04.03 11:43:51 | 000,000,000 | ---D | M] (Save Your Facebook Content) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\jid0-kUogw07xfn7wZtw3OzSxdC1Nm3s@jetpack
[2010.12.18 16:21:49 | 000,000,000 | ---D | M] (HTML5 Extension for Windows Media Player Plug-in) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\jid0-nRwp7VvCqZcSRTppwWz2npqGEKw@jetpack
[2009.10.23 10:44:45 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\moveplayer@movenetworks.com
[2010.12.07 20:42:12 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\vshare@toolbar
[2010.08.01 11:06:27 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\8jeomx63.default\extensions\YoutubeDownloader@PeterOlayev.com
[2010.07.15 21:15:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Sunbird\Profiles\95hnvap4.default\extensions
[2009.08.09 08:58:56 | 000,002,422 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\8jeomx63.default\searchplugins\gamestar-suche.xml
[2010.02.21 12:38:21 | 000,003,036 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\8jeomx63.default\searchplugins\kw-gs-suche.xml
[2008.09.29 14:29:56 | 000,001,196 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\8jeomx63.default\searchplugins\winamp-search.xml
[2010.04.26 10:32:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.04.26 10:32:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009.10.23 10:12:38 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
() (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8JEOMX63.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8JEOMX63.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8JEOMX63.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8JEOMX63.DEFAULT\EXTENSIONS\COMPATIBILITY@ADDONS.MOZILLA.ORG.XPI
() (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8JEOMX63.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI
() (No name found) -- C:\USERS\MARTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8JEOMX63.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2010.04.12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.07.03 22:05:18 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.03 22:05:18 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.03 22:05:18 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.03 22:05:18 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.03 22:05:18 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.01.05 15:36:54 | 000,430,709 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	123fporn.info
O1 - Hosts: 14820 more lines...
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [DisplayFusion] E:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [DVBV Service Ctrl] E:\Program Files (x86)\DVBViewer\DVBVCtrl.exe (CM&V Hackbart)
O4 - HKCU..\Run: [PlayNC Launcher]  File not found
O4 - HKCU..\Run: [SansaDispatch] C:\Users\Martin\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKCU..\Run: [Steam] E:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BumpTop.lnk = C:\Program Files (x86)\BumpTop\BumpTop.exe ()
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk = C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42D9D98A-BE3F-421C-9989-994F5525BE47}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69828058-6CA4-44A3-B7FB-807F9EE520F6}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74A3044D-09AE-47FB-AC94-C77378D1D1FA}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.12 17:56:51 | 000,000,000 | ---D | M] - E:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{1c74d8af-9990-11df-8fe5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1c74d8af-9990-11df-8fe5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe
O33 - MountPoints2\{60a94b16-ce04-11de-94d3-00241dd23e18}\Shell - "" = AutoRun
O33 - MountPoints2\{60a94b16-ce04-11de-94d3-00241dd23e18}\Shell\AutoRun\command - "" = Q:\steambackup2.EXE
O33 - MountPoints2\{bada2cc7-c4f7-11de-ba57-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bada2cc7-c4f7-11de-ba57-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.30 13:29:19 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012.01.28 14:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameForge
[2012.01.28 14:41:31 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\tmpinstall
[2012.01.28 14:38:50 | 103,833,506 | ---- | C] (Gameforge 4D) -- C:\Users\Martin\Desktop\InstallAion-20120120.exe
[2012.01.28 11:26:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCsoft
[2012.01.28 10:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.28 10:40:27 | 010,847,608 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Martin\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.27 22:53:57 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\backups
[2012.01.26 17:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameForge
[2012.01.22 19:51:45 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\texmod
[2012.01.22 19:44:03 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\Pack 2 Characters
[2012.01.22 19:43:56 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\Pack 1 Environmental
[2012.01.14 16:04:45 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\DisplayFusion Backups
[2012.01.11 16:57:06 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 16:57:06 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 16:57:06 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 16:57:06 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 16:57:05 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.01.11 16:57:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.01.11 16:57:02 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 16:57:02 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 16:57:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.07 14:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\DVBViewer GE
[2012.01.07 13:03:47 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVB Software
[2012.01.06 19:56:35 | 000,000,000 | ---D | C] -- C:\Download
[2012.01.06 19:55:12 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\My Videos
[2012.01.06 19:55:10 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Samsung
[2012.01.06 19:54:44 | 000,000,000 | ---D | C] -- C:\AllShare
[2012.01.06 19:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2012.01.06 19:53:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012.01.05 15:30:53 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Martin\Desktop\HiJackThis204.exe
[2012.01.05 10:50:51 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Venetica
[2012.01.04 22:28:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Venetica
[2012.01.04 10:56:05 | 002,309,928 | ---- | C] (Binary Fortress Software                                    ) -- C:\Users\Martin\Desktop\DisplayFusionSetup-3.4.1.exe
[2012.01.02 18:56:03 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\TooManyItems2011_11_29
[2012.01.01 18:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbine
[2012.01.01 14:38:19 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Red Alert 3
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[10 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.30 13:29:21 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2012.01.30 13:26:45 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.30 13:26:45 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.30 13:18:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.30 13:18:16 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.30 13:18:15 | 000,760,588 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2012.01.28 15:23:26 | 001,650,908 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.28 15:23:26 | 000,710,848 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.28 15:23:26 | 000,663,860 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.28 15:23:26 | 000,153,940 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.28 15:23:26 | 000,125,990 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.28 14:59:20 | 000,002,173 | ---- | M] () -- C:\Users\Martin\Desktop\AION Free-To-Play.lnk
[2012.01.28 14:39:52 | 103,833,506 | ---- | M] (Gameforge 4D) -- C:\Users\Martin\Desktop\InstallAion-20120120.exe
[2012.01.28 11:42:47 | 000,001,232 | ---- | M] () -- C:\Users\Public\Desktop\Aion.lnk
[2012.01.28 11:27:00 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\NCsoft Launcher.lnk
[2012.01.28 10:41:16 | 000,000,791 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.28 10:40:36 | 010,847,608 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Martin\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.21 20:42:40 | 000,861,760 | ---- | M] () -- C:\Users\Martin\Desktop\Publikation1.pdf
[2012.01.21 20:42:11 | 000,692,224 | ---- | M] () -- C:\Users\Martin\Desktop\Publikation1.pub
[2012.01.17 20:31:01 | 000,000,897 | ---- | M] () -- C:\Users\Martin\Desktop\Star Trek Online.lnk
[2012.01.17 17:08:00 | 002,121,608 | ---- | M] () -- C:\Users\Martin\Desktop\StarTrekOnline_EN_17.20111218a.12.exe
[2012.01.16 17:41:18 | 000,584,792 | ---- | M] () -- C:\Users\Martin\Desktop\63tb0j.jpg
[2012.01.16 14:24:41 | 002,154,779 | ---- | M] () -- C:\Users\Martin\Desktop\oma.jpeg
[2012.01.14 16:05:33 | 000,000,757 | ---- | M] () -- C:\Users\Public\Desktop\DisplayFusion.lnk
[2012.01.11 22:04:21 | 001,627,866 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.07 12:55:30 | 000,002,930 | ---- | M] () -- C:\Windows\unins001.dat
[2012.01.07 12:54:16 | 000,717,322 | ---- | M] () -- C:\Windows\unins001.exe
[2012.01.06 19:55:06 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk
[2012.01.05 15:36:54 | 000,430,709 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.01.05 15:31:05 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Martin\Desktop\HiJackThis204.exe
[2012.01.04 22:28:07 | 000,001,041 | ---- | M] () -- C:\Users\Martin\Desktop\Venetica.lnk
[2012.01.04 10:56:19 | 002,309,928 | ---- | M] (Binary Fortress Software                                    ) -- C:\Users\Martin\Desktop\DisplayFusionSetup-3.4.1.exe
[2012.01.02 18:54:51 | 000,043,248 | ---- | M] () -- C:\Users\Martin\Desktop\TooManyItems2011_11_29.zip
[2012.01.01 18:56:25 | 000,001,058 | ---- | M] () -- C:\Users\Martin\Desktop\Der Herr der Ringe Online.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[10 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.01.28 11:42:47 | 000,001,232 | ---- | C] () -- C:\Users\Public\Desktop\Aion.lnk
[2012.01.28 11:27:00 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\NCsoft Launcher.lnk
[2012.01.28 10:41:16 | 000,000,791 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.26 17:02:14 | 000,002,173 | ---- | C] () -- C:\Users\Martin\Desktop\AION Free-To-Play.lnk
[2012.01.17 20:31:01 | 000,000,897 | ---- | C] () -- C:\Users\Martin\Desktop\Star Trek Online.lnk
[2012.01.17 16:44:40 | 002,121,608 | ---- | C] () -- C:\Users\Martin\Desktop\StarTrekOnline_EN_17.20111218a.12.exe
[2012.01.16 18:40:28 | 000,861,760 | ---- | C] () -- C:\Users\Martin\Desktop\Publikation1.pdf
[2012.01.16 18:32:15 | 000,692,224 | ---- | C] () -- C:\Users\Martin\Desktop\Publikation1.pub
[2012.01.16 17:41:00 | 000,584,792 | ---- | C] () -- C:\Users\Martin\Desktop\63tb0j.jpg
[2012.01.16 14:24:40 | 002,154,779 | ---- | C] () -- C:\Users\Martin\Desktop\oma.jpeg
[2012.01.07 12:54:25 | 000,717,322 | ---- | C] () -- C:\Windows\unins001.exe
[2012.01.07 12:54:25 | 000,002,930 | ---- | C] () -- C:\Windows\unins001.dat
[2012.01.06 19:55:06 | 000,001,985 | ---- | C] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk
[2012.01.04 22:28:07 | 000,001,041 | ---- | C] () -- C:\Users\Martin\Desktop\Venetica.lnk
[2012.01.02 18:54:05 | 000,043,248 | ---- | C] () -- C:\Users\Martin\Desktop\TooManyItems2011_11_29.zip
[2012.01.01 18:56:25 | 000,001,058 | ---- | C] () -- C:\Users\Martin\Desktop\Der Herr der Ringe Online.lnk
[2011.12.26 23:21:57 | 230,016,074 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\.minecraft.rar
[2011.11.07 18:53:44 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.25 17:42:19 | 000,017,408 | ---- | C] () -- C:\Users\Martin\AppData\Local\WebpageIcons.db
[2011.08.30 16:09:35 | 000,000,035 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\zbot_loader.ini
[2011.08.02 11:06:21 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011.07.17 22:54:02 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.07.02 18:22:14 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.07.01 11:45:08 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.13 15:42:23 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.03.18 14:55:19 | 000,723,230 | ---- | C] () -- C:\Windows\unins000.exe
[2011.03.18 14:55:19 | 000,002,894 | ---- | C] () -- C:\Windows\unins000.dat
[2011.01.09 16:30:20 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2011.01.09 16:30:20 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2010.12.25 16:07:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.08 17:41:57 | 000,000,640 | ---- | C] () -- C:\Windows\eReg.dat
[2010.09.05 09:02:39 | 000,007,618 | ---- | C] () -- C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
[2010.08.01 15:15:41 | 000,001,798 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2010.07.26 15:45:57 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2010.06.12 08:28:49 | 000,001,269 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\EasyToolz.ini
[2010.05.08 09:23:05 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\drivers\nocashio.sys
[2010.03.20 15:50:27 | 000,001,953 | ---- | C] () -- C:\Windows\BorisRED4.3.ini
[2010.01.30 09:51:51 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.01.22 02:37:16 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.01.04 16:14:23 | 000,010,240 | ---- | C] () -- C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.29 18:52:34 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\drivers\SSHDRV61.sys
[2009.12.21 12:19:36 | 000,000,094 | ---- | C] () -- C:\Users\Martin\AppData\Local\fusioncache.dat
[2009.12.21 12:18:19 | 001,627,866 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.12.12 20:01:05 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2009.11.22 13:57:32 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009.11.22 13:57:26 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009.11.22 13:57:19 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2009.11.01 20:05:34 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2009.10.30 17:41:32 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini
[2009.10.30 17:41:31 | 000,000,468 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009.10.30 17:41:31 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009.10.30 17:29:08 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2009.10.29 20:22:26 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009.10.23 12:50:36 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.10.23 08:46:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008.09.16 01:14:24 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2007.06.21 23:34:08 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe
[2002.07.01 15:13:30 | 000,000,224 | -HS- | C] () -- C:\Users\Martin\AppData\Roaming\maildriver32.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 56204 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
@Alternate Data Stream - 1330 bytes -> C:\Users\Martin\AppData\Local\VxftsNK4Q4n61n:s6eFXDEpFX2Wd4lx7BU2eY6dr
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >

extras.txt

Code:

OTL Extras logfile created on: 30.01.2012 13:30:01 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Martin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 38,07% Memory free
8,00 Gb Paging File | 4,75 Gb Available in Paging File | 59,38% Paging File free
Paging file location(s): e:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,01 Gb Total Space | 26,65 Gb Free Space | 26,65% Space Free | Partition Type: NTFS
Drive E: | 738,91 Gb Total Space | 253,06 Gb Free Space | 34,25% Space Free | Partition Type: NTFS
Drive G: | 122,18 Gb Total Space | 0,59 Gb Free Space | 0,48% Space Free | Partition Type: NTFS
Drive H: | 92,60 Gb Total Space | 77,79 Gb Free Space | 84,01% Space Free | Partition Type: NTFS
 
Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 3\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "E:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "E:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{3C9B2770-E66E-D289-56A0-95CFADA8EB26}" = AMD Catalyst Install Manager
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7 (64-bit)
"{818AA386-29D5-4DFF-BBB5-3F16133F1409}" = TortoiseSVN 1.6.12.20536 (64 bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{BC84C1E9-F4D4-4B8E-B35C-C88EEA0A5201}" = O&O Defrag Professional
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"7511B29C86C398B4D11A0B0E4176CAD68D1B7057" = Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"EC3E466026556D3EB760B01C4772277614354E11" = Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Recuva" = Recuva
"Sandboxie" = Sandboxie 3.60 (64-bit)
"TBS 6920 DVBS/S2(HID) driver for windows 7_is1" = TBS 6920 DVBS/S2(support HID) Driver 1.0.4.8 for windows 7
"TBS 6920 DVBS/S2(HID) driver for windows xp/vista/7_is1" = TBS 6920 DVBS/S2(support HID) Driver 1.0.5.1 for windows xp/vista/7
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03534DA5-2F88-4B8E-A978-849B979E1B8F}" = TuxGuitar
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis*True*Image*Home 2011
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D3CECCA-A589-ECCA-EC0B-2F98F2789F60}" = simfy
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1E875C1C-7BFF-47D6-8A01-E9C93A244B41}" = Star Wars Empire at War Demo
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 29
"{2B095022-00FF-45D5-8717-3A20DFCB8C6B}" = RIFT
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"{5454085C-129F-416C-9C0B-8B1000048301}" = BioShock 2
"{5454085C-129F-416C-9C0B-8B1000048302}" = BioShock 2
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5E19D0AA-D95B-456C-ADE9-B046D86EAA24}" = TQVault
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71702641-2849-45A4-8E62-4B85974B24A0}_is1" = BumpTop
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75E9A522-65D2-4200-A95F-C3EF89703263}" = Lyrics Plugin for Winamp
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{77033683-0816-4D7D-8BF1-3949B4E9823D}" = Battlefield 3™
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8426BA89-CB8C-4D6C-AF14-3BFDE6C8F425}" = XSplit
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87464284-11C8-4F83-88EC-E8013320B789}" = AOC UI Installer 3.1.0
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8944ED10-DBF2-4FA9-8B5D-D7E1B046C761}_is1" = ColdCut
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}" = QuickTime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster Force Feedback Driver
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0080-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95C5F81D-0779-4932-BE83-32AAF814F4B9}" = League of Legends
"{96F9B265-1367-4E1A-B8B9-F8530EF3AA62}" = Add or Remove Adobe Premiere Pro CS5
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{ABD3F7BD-02E6-9150-2D34-F9F3109FA466}" = Catalyst Control Center InstallProxy
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C388D147-CCBA-411C-B9FC-2CC1B4EFB240}" = Pirates of the Caribbean
"{C40B6935-96C6-405B-B451-CC19A6A11CE2}" = Santa Rockstar HD
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CE0900ED-C76A-40C0-8DB4-0F68D825B283}_is1" = Stranded II 1.0.0.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D54640A3-2C2B-4CB1-9666-01E55F54E7F5}" = NCsoft Launcher
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"{D7B44307-0D09-4EE7-BFC0-F0F65D22D1E0}" = Aion
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC68232E-C74E-4F1A-B296-DFD2E1944E10}" = Adobe Setup
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.5
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB83EAC4-E3F6-4666-B45B-44522F2344B6}" = Brother MFL-Pro Suite DCP-J315W
"{FC053571-8507-44E4-8B6D-AACEAB8CA57C}" =  Sansa Media Converter
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = Der Herr der Ringe Online v03.04.04.8012
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Advanced Combat Tracker" = Advanced Combat Tracker (remove only)
"Afterburner" = MSI Afterburner 2.1.0
"AION Free-To-Play" = AION Free-To-Play
"Akamai" = Akamai NetSession Interface
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Android SDK Tools" = Android SDK Tools
"Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.12
"Aspell German Dictionary_is1" = Aspell German Dictionary-0.50-2
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Audacity_is1" = Audacity 1.2.6
"AURC_is1" = Audacity Recovery Utility
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 3.4.1
"Battlelog Web Plugins" = Battlelog Web Plugins
"BitTorrent" = BitTorrent
"Capsule" = Capsule
"DDA23392-9C73-4909-A221-BC12C6D2664D" = GmoteServer
"Diablo II" = Diablo II
"DivX Setup.divx.com" = DivX-Setup
"doubleTwist" = doubleTwist
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"DVBViewer Pro_is1" = DVBViewer Pro
"DVBViewer Recording Service_is1" = DVBViewer Recording Service
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"FileZilla Client" = FileZilla Client 3.2.7.1
"Fraps" = Fraps (remove only)
"Free Studio_is1" = Free Studio version 5.0.3
"G3QP231012008_is1" = Questpaket 4 Update 1 Deinstallation
"GeoGebra" = GeoGebra
"GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"GNU Aspell_is1" = GNU Aspell 0.50-3
"GPxPatch" = GPxPatch (remove only)
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen)
"HD Tune_is1" = HD Tune 2.55
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{2B095022-00FF-45D5-8717-3A20DFCB8C6B}" = RIFT
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"LastFM_is1" = Last.fm 1.5.4.27091
"LemmingballZ_0" = LemmingballZ 3D 8460
"MailStore Home_is1" = MailStore Home 4.2.1.6501
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"MOBackup-DatensicherungfürOutlook" = MOBackup - Datensicherung für Outlook (Testversion)
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Mozilla Firefox (4.0b1)" = Mozilla Firefox (4.0b1)
"Mozilla Firefox (4.0b2)" = Mozilla Firefox (4.0b2)
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"Mozilla Thunderbird (6.0.2)" = Mozilla Thunderbird (6.0.2)
"Mp3tag" = Mp3tag v2.48
"Mster" = Crysis Modification - Mster Config v3.01
"NCLauncher_GameForge" = NC Launcher (GameForge)
"NSS" = NSS (remove only)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"nxclient_is1" = NX Client for Windows 3.5.0-7
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Origin" = Origin
"oZone3D.Net FurMark_is1" = oZone3D.Net FurMark v1.7.0
"PunkBusterSvc" = PunkBuster Services
"RGF HotSpot_is1" = RGF HotSpot version 0.6b
"Sacred Underworld_is1" = Sacred Underworld
"Silkroad" = Silkroad
"Simfy" = simfy
"SopCast" = SopCast 3.2.4
"Star Trek Online" = Star Trek Online
"Steam App 102600" = Orcs Must Die!
"Steam App 113200" = The Binding Of Isaac
"Steam App 11420" = Clive Barker's Jericho
"Steam App 1250" = Killing Floor
"Steam App 12840" = DiRT 2
"Steam App 12900" = Audiosurf
"Steam App 17460" = Mass Effect
"Steam App 19900" = Far Cry 2
"Steam App 203970" = Kingdoms of Amalur: Reckoning Demo
"Steam App 21980" = Call of Juarez: Bound in Blood
"Steam App 24840" = Medal of Honor: Airborne
"Steam App 32370" = Star Wars: Knights of the Old Republic
"Steam App 41500" = Torchlight
"Steam App 42640" = Blur
"Steam App 42670" = Singularity
"Steam App 43110" = Metro 2033
"Steam App 49600" = Beat Hazard
"Steam App 57400" = Batman: Arkham City™ PC
"Steam App 57419" = Batman: Arkham City
"Steam App 58540" = Divinity II - The Dragon Knight Saga
"Steam App 620" = Portal 2
"Steam App 65800" = Dungeon Defenders
"Steam App 8190" = Just Cause 2
"SUPER ©" = SUPER © Version 2010.bld.37 (Jan 2, 2010)
"Supersonic Sled" = NVIDIA Supersonic Sled demo
"TDM-GCC" = TDM-GCC
"TeamViewer 6" = TeamViewer 6
"Tomb Raider: Underworld" = Tomb Raider: Underworld 1.0
"Trillian" = Trillian
"TVUPlayer" = TVUPlayer 2.5.2.2
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.18
"Venetica_is1" = Venetica
"VLC media player" = VLC media player 1.1.7
"Win7 Taskbar" = Win7 Taskbar v1.12
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite" = Windows Live Essentials
"WinMerge_is1" = WinMerge 2.12.4
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"CodeBlocks" = CodeBlocks
"d6b51503b0cbcd0d" = Eternal-WoW! Launcher
"Dropbox" = Dropbox
"InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"NCsoft-Lineage2" = Lineage II
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Octoshape Streaming Services" = Octoshape Streaming Services
"Sansa Updater" = Sansa Updater
"Third Age - Total War 1.0 Part1" = Third Age - Total War 1.0 Part1
"Third Age - Total War 1.0 Part2" = Third Age - Total War 1.0 Part2
"Third Age - Total War Hotfix1" = Third Age - Total War Hotfix1
"Third Age - Total War Patch 1.1" = Third Age - Total War Patch 1.1
"Third Age - Total War Patch 1.2" = Third Age - Total War Patch 1.2
"Third Age - Total War Patch 1.3" = Third Age - Total War Patch 1.3
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 29.01.2012 17:07:35 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 20623
 
Error - 29.01.2012 17:07:36 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 29.01.2012 17:07:36 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 21637
 
Error - 29.01.2012 17:07:36 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 21637
 
Error - 29.01.2012 17:07:37 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 29.01.2012 17:07:37 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 22635
 
Error - 29.01.2012 17:07:37 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 22635
 
Error - 29.01.2012 17:07:38 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 29.01.2012 17:07:38 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 23634
 
Error - 29.01.2012 17:07:38 | Computer Name = Martin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 23634
 
[ Media Center Events ]
Error - 22.03.2011 05:23:05 | Computer Name = Martin-PC | Source = MCUpdate | ID = 0
Description = 10:23:01 - Fehler beim Herstellen der Internetverbindung.  10:23:02 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 08.04.2011 01:53:00 | Computer Name = Martin-PC | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0xc0040524) TBS 6920
 BDA DVBS/S2 Tuner/Demod
 
[ System Events ]
Error - 25.01.2012 11:23:06 | Computer Name = Martin-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\SSHDRV61.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 25.01.2012 11:23:23 | Computer Name = Martin-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?25.?01.?2012 um 16:21:25 unerwartet heruntergefahren.
 
Error - 25.01.2012 11:23:26 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht 
gestartet:   %%3
 
Error - 25.01.2012 11:23:26 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Akamai NetSession Interface" wurde mit folgendem Fehler
 beendet:   %%126
 
Error - 27.01.2012 11:22:12 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Kaspersky Anti-Virus Service" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000
 Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 30.01.2012 08:15:05 | Computer Name = Martin-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 30.01.2012 08:16:40 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst AVP erreicht.
 
Error - 30.01.2012 08:18:04 | Computer Name = Martin-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\SSHDRV61.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 30.01.2012 08:18:20 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht 
gestartet:   %%3
 
Error - 30.01.2012 08:18:20 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Akamai NetSession Interface" wurde mit folgendem Fehler
 beendet:   %%126
 
 
< End of report >

biddeschön.

[kira]

1.
Ich nehme an, dass Du im Firefox absichtlich unter Proxi eingestellt:

FF - prefs.js..network.proxy.http: "www-proxy.t-online.de"
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, speedport.ip, fck-recorder.net, battle.net"

2.
Im Firefox unter Erweiterungen...:
wenn ohne deine Erlaubnis installiert wurde und nicht benötigst, kannst deinstallieren:

Code:

vShare.tv plugin

- Manche Erweiterungen wollen sich doch nur wichtig machen

3.
Java aktualisieren- über Systemsteuerung-> Nach Update suchen...
Deine Javaversion ist nicht aktuell.
Downloade nun die Offline-Version von Java Version 6 Update 30 von Oracle und installiere sie. Achte darauf, eventuell angebotene Toolbars nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar entfernen.

4.
Windows und die installierten Programme auf den neuesten Stand zu halten,sind Garanten für eine erhöhte Sicherheit!
Adobe Reader aktualisieren :
Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen!
Adobe Reader
oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..."

5.

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

• Starte die OTL.exe.
• Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
• Kopiere folgendes Skript (unverändert inkl. :OTL):

Code:

:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1c74d8af-9990-11df-8fe5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1c74d8af-9990-11df-8fe5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe
O33 - MountPoints2\{60a94b16-ce04-11de-94d3-00241dd23e18}\Shell - "" = AutoRun
O33 - MountPoints2\{60a94b16-ce04-11de-94d3-00241dd23e18}\Shell\AutoRun\command - "" = Q:\steambackup2.EXE
O33 - MountPoints2\{bada2cc7-c4f7-11de-ba57-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bada2cc7-c4f7-11de-ba57-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Start.exe
@Alternate Data Stream - 56204 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
@Alternate Data Stream - 1330 bytes -> C:\Users\Martin\AppData\Local\VxftsNK4Q4n61n:s6eFXDEpFX2Wd4lx7BU2eY6dr
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:05EE1EEF

:Commands
[purity]
[emptytemp]

• und füge es hier ein:
• Schließe alle Programme.
• Klicke auf den Fix Button.
• Klick auf .
• OTL verlangt einen Neustart. Bitte zulassen.
• Nach dem Neustart findest Du ein Textdokument.
  Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

6.
Öffne CCleaner - Anleitung CCleaner

• "Cleaner"->"Analysieren"->Klick auf den Button "Start CCleaner"
• "Registry""Fehler suchen"-> "Fehler beheben"->"Alle beheben"
• Starte dein System neu auf

7.
Systemreinigung und Prüfung:
Anleitung:-> Grundreinigung mit SUPERAntiSpyware

8.
♦ Schon seit langem gehört "Worm.Win32.Autorun" zu den beliebtesten Verbreitungswegen von Viren, sollte man daher, die auf dem Speichermedium gesicherten Daten (wie USB-Stick/Festplatte und andere) zeitweise prüfen lassen
♦ Also schließe jetzt alle externe Datenträgeran Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

9.
ESET Online Scanner
Achtung!:
Keinen andere Virenscanner auf Deinem PC installieren, sondern dein PC NUR online scannen!!!
♦ Prüfe Deinen Rechner jetzt, auf Viren, Trojaner, Würmer und anderen Schadcode, mit dem kostenlosen Online Virenscanner von:

► Eset/Nod32 bitte auswählen!!!-> Link und Anleitung zum ESET/NOD32 online Scanner-> Kostenlose Online Scanner

♦ Poste bitte das Protokoll

10.
erneut einen Scan mit OTL: - ältere Logdateien löschen!

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und extra.txt
• Poste die Logfiles in Code-Tags hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

[Daepilin]

1. Jo, is absicht, 2 auch 3 un 4 ok, auch wenn ich zumindest den adobe reader kaum nutze. rest werd ich heute oder morgen machen, kommt drauf an, muss eigentlich lernen.

ps: zum letzten punkt: probleme treten ja nicht auf. das mit der tagesschauseite udn der kaspersky meldung war wohl n fehelr in der firefox beta ( oder der kaspersky datenbank)... jedenfalls hab ich die auch auf meinem netbook, was im grunde nur auf facebook, youtube und 9gag bzw verschiedenen uniseiten ist und davon die meiste zeit im uni netzt hängt. udn seit nem neuerlichen update ( ka obs nur firefox oder auch kaspersky war, letzteres updatet sich ja alle paar stunden) hab ich die auch garnicht mehr.