Bka meine daten sind ge crypt

**hansa** · 17.03.2012, 05:14

meine dateien sehen so aus Neues Textdokument (6).txt.crypt
Nero Burning ROM Essentials.lnk.crypt

wie bekomm ich das wieder hin weil das crypt wegmachen brint nix habe nix habe nur komische zeichen drin

**kira** · 17.03.2012, 06:41

Herzlich Willkommen in unserem Forum!:)

Bevor Du hier im Forum postest, solltest ein paar Dinge beachten:

Deine persönlichen Angaben/Daten (die persönliche Merkmale enthalten, wie Name, Seriennummer etc) kannst Du aus dem geposteten Logs heraus löschen und durch "X" oder Sternchen ersetzen
Bitte lese Dir zuerst in Ruhe die Anweisungen durch und Du sollst dabei die Reihenfolge einhalten! Falls unvorhersehbare Probleme auftreten sollten, bitte um sofortige Rückmeldung!
ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!

► hast Du das Programm "Nero" legal erworben?

► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
**Vista und Win7 Verwender: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen

1.
Mit diesem Programm das System prüfen:-> Malwarebytes Anti-Malware Free
-> "vollständigen Suchlauf" wählen!
-> Funde löschen lassen
-> Scanergebnis hier posten!

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt OTL.txt und extra.txt
Poste die Logfiles in Code-Tags hier in den Thread.

** Die Logs von OTL meistens sind zu lang, kannst auch als Textdatei anhängen (auf "Erweitert") klicken

3.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:

Download den CCleaner
Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

Bitte alle Ergebnisse im Code-Tags posten!

vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein
dahinter - also am Ende der Logdatei:[/code]

gruß
kira

**hansa** · 17.03.2012, 10:25

hallo
ja habe nero orginal

Code:

Malwarebytes Anti-Malware (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.03.17.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
**** :: **** [Administrator]

Schutz: Deaktiviert

17.03.2012 10:07:31
mbam-log-2012-03-17 (10-07-31).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 476746
Laufzeit: 1 Stunde(n), 12 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

7-Zip 9.20 (x64 edition)	Igor Pavlov	05.09.2011	4,53MB	9.20.00.0
91 PC Suite for iPhone	ÍøÁú¹«Ë¾	24.01.2012		2.9.53.236
=42O= VLC-Control	=42O= Software	06.03.2012		1.0.1.0
AAF UFS910/UFS922/TF7700 MultiPart Installer V2.4	©  2010 Black_64	24.07.2011		
AAF_Recovery_tool installer UFS910 V1.9	©  2010 Black_64	17.07.2011		
AAF_Recovery_tool installer V4.6	©  2010 Black_64	02.08.2011		
Adobe AIR	Adobe Systems Incorporated	16.03.2012		2.6.0.19120
Adobe Flash Media Live Encoder 3.1	Adobe Systems Incorporated	06.03.2012	13,7MB	3.1.0
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	16.03.2012	6,00MB	10.3.181.26
Adobe Flash Player 11 Plugin 64-bit	Adobe Systems Incorporated	21.02.2012	6,00MB	11.1.102.62
Adobe Photoshop CS3	Adobe Systems Incorporated	16.03.2012	1.085MB	10.0
Adobe Reader X (10.1.2) - Deutsch	Adobe Systems Incorporated	11.01.2012	168,0MB	10.1.2
AMD Catalyst Install Manager	Advanced Micro Devices, Inc.	13.03.2012	26,3MB	3.0.868.0
Apple Application Support	Apple Inc.	19.12.2011	61,2MB	2.1.6
Apple Mobile Device Support	Apple Inc.	19.12.2011	24,9MB	4.0.0.97
Apple Software Update	Apple Inc.	19.12.2011	2,38MB	2.1.3.127
ASUS Gamer OSD	ASUSTeK COMPUTER INC.	16.06.2011		3.07.0419
ASUS Smart Doctor	ASUSTek COMPUTER INC.	16.06.2011	26,5MB	5.80
AviSynth 2.5		16.03.2012		
AVM FRITZ!Box USB-Fernanschluss	AVM Berlin	28.07.2011		2.2.1.0
AVM FRITZ!fax für FRITZ!Box	AVM Berlin	16.03.2012		
AVS Update Manager 1.0	Online Media Technologies Ltd.	13.02.2012		
AVS Video Converter 8	Online Media Technologies Ltd.	13.02.2012		
AVS4YOU Software Navigator 1.4	Online Media Technologies Ltd.	13.02.2012		
Battlefield 2	Electronic Arts	12.10.2011	5.849MB	1.5.0.0
Battlefield 2142		30.06.2011		
Battlefield 3™	Electronic Arts	16.03.2012		1.0.0.0
Battlefield Heroes	EA Digital illusions	16.03.2012		
Battlefield Play4Free	EA Digital illusions	16.03.2012		
Battlefield: Bad Company™ 2	Electronic Arts	19.06.2011	8.540MB	1.0.0.0
bitcontrol® Digital TV Link v2.5	BitCtrl Systems GmbH	16.03.2012		2.5
bitcontrol® MPEG-2 Video Decoder v1.5	BitCtrl Systems GmbH	16.03.2012		1.5
Bonjour	Apple Inc.	19.12.2011	2,04MB	3.0.0.10
Bouquetter		16.03.2012		
Carrier Wandler	Iphone Partisanen	01.02.2012		1.3.3.2
CDBurnerXP	CDBurnerXP	07.09.2011	16,9MB	4.3.8.2631
CPUID CPU-Z 1.58		13.11.2011	3,23MB	
DAEMON Tools Lite	DT Soft Ltd	16.03.2012		4.45.3.0297
DiRT 3	Codemasters	16.03.2012		1.0.0000.130
DivX Codec	DivX, Inc.	16.03.2012		6.8.2
DVDFab 8.1.6.3 (11/02/2012) Qt	Fengtao Software Inc.	13.03.2012	52,5MB	
DVDFab Passkey 8.0.4.0 (31/10/2011)	Fengtao Software Inc.	03.11.2011	4,09MB	
ESET Online Scanner v3		16.03.2012		
F1 2010	Codemasters	16.03.2012		1.0.0000.132
F1 2011	Codemasters	16.03.2012		1.0.0000.129
Fable III	Microsoft Game Studios	16.03.2012		1.0.0000.131
ffdshow [rev 3082] [2009-09-21]		16.08.2011		1.0
FileServe Manager 1.0.0.3510	FileServe Limited	09.11.2011	13,9MB	
Firebird SQL Server - MAGIX Edition	MAGIX AG	10.11.2011	11,5MB	2.1.31.0
FormatFactory 2.70	Free Time	16.03.2012		2.70
FRITZ!Box-Fernzugang einrichten	AVM Berlin	05.02.2012	0,89MB	1.0.3
FRITZ!Fernzugang	AVM Berlin	24.10.2011	4,72MB	1.2.3
GameSpy Arcade		16.03.2012		
GameXN GO	EasyBits Media	15.01.2012		
Glucofacts Deluxe Updater 2.0	Bayer HealthCare LLC	12.06.2011		
GLUCOFACTS® Deluxe	Bayer HealthCare	12.06.2011	20,1MB	2.10.11
Google Chrome	Google Inc.	24.11.2011		15.0.874.121
GXTranscoder v2	GermaniXSoft, Uwe Brückner	16.03.2012		2.24.2980
Haali Media Splitter		16.03.2012		
Hacker Evolution (1.00.0083) (remove only)		16.03.2012		
Hacker Evolution: Untold (2.01.049)(remove only)		16.03.2012		
HD Tune 2.55	EFD Software	08.02.2012		
HijackThis 2.0.2	TrendMicro	16.03.2012		2.0.2
HP USB Disk Storage Format Tool		16.03.2012		
HTC BMP USB Driver	HTC	28.06.2011	0,28MB	1.0.5375
HTC Driver Installer	HTC Corporation	28.06.2011	1,87MB	3.0.0.007
iTunes	Apple Inc.	19.12.2011	172,5MB	10.5.2.11
Java(TM) 6 Update 29	Oracle	12.06.2011	94,9MB	6.0.290
Java(TM) 7 (64-bit)	Oracle	14.08.2011	93,3MB	7.0.0
JDownloader 0.9	AppWork GmbH	16.03.2012		0.9
K-Lite Mega Codec Pack 7.7.0		25.09.2011	48,3MB	7.7.0
Logitech GamePanel Software 3.06.109	Logitech Inc.	17.06.2011	20,6MB	3.06.109
Logitech Gaming Software 8.00	Logitech Inc.	17.06.2011	28,8MB	8.00.123
Logitech Harmony Remote Software	Logitech	29.01.2012		1.0.110307
Logitech SetPoint 6.22	Logitech	12.06.2011	39,1MB	6.22.24
MAGIX Music Maker 17 Download-Version	MAGIX AG	16.03.2012		17.0.0.16
MAGIX Music Maker 17 Premium (Demo songs)	MAGIX AG	12.06.2011	63,3MB	1.0.0.0
MAGIX Music Maker 17 Premium (Instrument package 1)	MAGIX AG	12.06.2011	1.607MB	1.0.0.0
MAGIX Music Maker 17 Premium (Instrument package 2)	MAGIX AG	12.06.2011	968MB	1.0.0.0
MAGIX Music Maker 17 Premium (Instrument package 3)	MAGIX AG	12.06.2011	1.210MB	1.0.0.0
MAGIX Music Maker 17 Premium (Introductory videos)	MAGIX AG	12.06.2011	101,9MB	1.0.0.0
MAGIX Music Maker 17 Premium (Sound package)	MAGIX AG	12.06.2011	441MB	1.0.0.0
MAGIX Music Maker 17 Premium (Synthesizer and effects)	MAGIX AG	12.06.2011	257MB	1.0.0.0
MAGIX Music Maker 17 Premium Download Version	MAGIX AG	16.03.2012		17.0.0.16
MAGIX Music Maker 17 Trial (Soundpaket)	MAGIX AG	12.06.2011	74,8MB	1.0.0.0
MAGIX Music Maker Rock Edition 4 (Soundpaket)	MAGIX AG	12.06.2011	175,6MB	1.0.0.0
MAGIX Music Maker Rock Edition 4 (Synthesizer und Effekte)	MAGIX AG	12.06.2011	81,5MB	1.0.0.0
MAGIX Music Maker Rock Edition 4 Download-Version	MAGIX AG	16.03.2012		6.0.0.6
MAGIX Screenshare	MAGIX AG	10.11.2011	1,43MB	4.3.6.1987
MAGIX Video deluxe MX Premium Download-Version	MAGIX AG	16.03.2012		11.0.0.42
Malwarebytes Anti-Malware Version 1.60.1.1000	Malwarebytes Corporation	16.03.2012	17,4MB	1.60.1.1000
Maxiboot Installer V1.5	©  2011 Black_64	17.07.2011		
MediaCoder x64 2011	Broad Intelligence	16.11.2011		2011
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	11.06.2011	38,8MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	11.06.2011	2,94MB	4.0.30319
Microsoft .NET Framework 4 Extended	Microsoft Corporation	16.06.2011	52,0MB	4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	16.06.2011	10,7MB	4.0.30319
Microsoft Games for Windows - LIVE Redistributable	Microsoft Corporation	12.03.2012	31,3MB	3.5.92.0
Microsoft Games for Windows Marketplace	Microsoft Corporation	12.06.2011	6,04MB	3.5.50.0
Microsoft LifeCam	Microsoft Corporation	06.10.2011	33,3MB	3.60.253.0
Microsoft Silverlight	Microsoft Corporation	15.02.2012	80,4MB	4.1.10111.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053	Microsoft Corporation	24.01.2012	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	13.06.2011	0,29MB	8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	11.01.2012	0,82MB	8.0.61000
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148	Microsoft Corporation	12.06.2011	0,21MB	9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	12.06.2011	0,20MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570	Microsoft Corporation	12.06.2011	0,77MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	12.06.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022	Microsoft Corporation	16.06.2011	0,90MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218	Microsoft Corporation	24.10.2011	0,23MB	9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	12.06.2011	0,77MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148	Microsoft Corporation	20.01.2012	0,23MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	13.06.2011	0,77MB	9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	Microsoft Corporation	17.11.2011	2,87MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	24.01.2012	0,22MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	12.06.2011	0,58MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	28.08.2011	0,22MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	13.06.2011	0,59MB	9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319	Microsoft Corporation	16.06.2011	13,7MB	10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	10.08.2011	11,2MB	10.0.40219
MKVToolNix 5.4.0 [20120312-422]	Moritz Bunkus	16.03.2012		5.4.0
Mozilla Firefox 11.0 (x86 de)	Mozilla	16.03.2012	35,9MB	11.0
Mozilla Thunderbird 11.0 (x86 de)	Mozilla	16.03.2012	38,9MB	11.0
MP3-DJ 11.6.0	Torsten Hoffmann	06.02.2012		
MSXML 4.0 SP3 Parser	Microsoft Corporation	28.06.2011	1,48MB	4.30.2100.0
MSXML 4.0 SP3 Parser (KB973685)	Microsoft Corporation	12.07.2011	1,53MB	4.30.2107.0
MyPhoneExplorer	F.J. Wechselberger	16.03.2012		1.8.2
Nero 7 Essentials	Nero AG	07.09.2011	728MB	7.03.1357
Notepad++		16.03.2012		5.9.2
NVIDIA PhysX	NVIDIA Corporation	19.02.2012	78,9MB	9.10.0513
Ontrack EasyRecovery Professional Trial	Kroll Ontrack Inc.	16.03.2012	82,4MB	6.22.01
OpenAL		16.03.2012		
Oracle VM VirtualBox 4.1.0	Oracle Corporation	22.07.2011	130,9MB	4.1.0
Origin	Electronic Arts, Inc.	16.03.2012		8.4.1.210
PL-2303 USB-to-Serial	Prolific Technology INC	17.07.2011		1.4.17
Plex Media Server	Plex, Inc.	29.02.2012	100,5MB	0.9.502
PunkBuster Services	Even Balance, Inc.	16.03.2012		0.991
PuTTY version 0.61	Simon Tatham	16.03.2012		0.61
QuickTime	Apple Inc.	06.03.2012	73,3MB	7.71.80.42
Rapture3D 2.4.9 Game	Blue Ripple Sound	22.09.2011		
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	17.10.2011		6.0.1.6449
Recuva	Piriform	16.03.2012		1.42
Samsung Universal Print Driver	Samsung Electronics Co., Ltd.	16.03.2012		2.02.05.00:24
SCHLECKER Foto Digital Service		16.03.2012		
SD Formatter	SDA	22.06.2011	1,13MB	2.9.5
Sicherheitspaket		16.03.2012		
Skype™ 5.8	Skype Technologies S.A.	09.03.2012	19,0MB	5.8.158
SOUP - Share-Online Uploader	Xlice Corp.	17.10.2011		1.0.0.26
Steam	Valve Corporation	04.10.2011	35,5MB	1.0.0.0
Stereoscopic Player	3dtv.at	03.07.2011	15,1MB	1.7.2
StreamMeNG HD 1.0.3 Final (non public)	http://dreamworld.vg	16.11.2011	126,6MB	1.0.2.35
SUPERAntiSpyware	SUPERAntiSpyware.com	16.03.2012	95,8MB	5.0.1146
System Requirements Lab CYRI	Husdawg, LLC	12.10.2011	0,45MB	4.4.26.0
Team Fortress 2	Valve	16.03.2012		
Team Fortress 2 Beta	Valve	16.03.2012		
TeamSpeak 3 Client	TeamSpeak Systems GmbH	16.03.2012		
TeamViewer 7	TeamViewer	16.03.2012		7.0.12541
Text-To-Speech-Runtime	Magix Development GmbH	12.06.2011	0,25MB	1.0.0.0
Total Video Converter 3.60 100204	EffectMatrix Inc.	28.11.2011		
TSDoctor	Cypheros	12.03.2012	5,81MB	1.1.7
Tunngle beta	Tunngle.net GmbH	13.06.2011		
TweakNow RegCleaner 2011	TweakNow.com	15.03.2012	20,3MB	6.5.0
UltraISO Premium V9.51		13.11.2011	6,08MB	
Veetle Broadcaster 0.9.18	Veetle, Inc	16.03.2012		0.9.18
VideoReDo TVSuite Version 4.20.7.629	DRD Systems, Inc.	12.03.2012	71,9MB	
Vimicro USB2.0 UVC PC Camera	Vimicro Corp.	12.06.2011		2008.05.14
Virtual DJ - Atomix Productions		16.03.2012		
VirtualDJ PRO Full	Atomix Productions	21.06.2011	48,7MB	7.0.4
VirtualDubMOD 1.5.10.3 US	Trad-Fr	13.03.2012		1.5.10.3
VLC media player 2.0.0	VideoLAN	16.03.2012		2.0.0
VMware Workstation	VMware, Inc	16.03.2012	3.333MB	8.0.1.27038
WBFS Manager 4.0	WBFS	22.06.2011	3,87MB	4.0
Weihnachtsmannspiel		16.03.2012		
Windows Live Essentials	Microsoft Corporation	04.11.2011		15.4.3538.0513
Windows XP Mode	Microsoft Corporation	02.02.2012	1.161MB	1.3.7600.16422
WinRAR 4.11 (64-Bit)	win.rar GmbH	16.03.2012		4.11.0
WinSCP 4.3.6	Martin Prikryl	01.02.2012	8,75MB	4.3.6
Wirecast	Telestream, Inc.	06.03.2012	60,1MB	4.1.0000
Wireshark 1.6.0	The Wireshark developer community, http://www.wireshark.org	16.03.2012		1.6.0
Xfire (remove only)		16.03.2012		
Xilisoft Video Converter Ultimate 6	Xilisoft	16.03.2012		6.8.0.1101
XSManager	XSManager	16.03.2012		3.0

OTL.exe kann ich nicht starten

unbenanntyfn.jpg

**hansa** · 17.03.2012, 11:37

Code:

OTL logfile created on: 17.03.2012 12:27:06 - Run 1
OTL by OldTimer - Version 3.2.38.0     Folder = Z:\
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,31 Gb Available Physical Memory | 82,68% Memory free
15,99 Gb Paging File | 15,34 Gb Available in Paging File | 95,93% Paging File free
Paging file location(s): d:\pagefile.sys 12285 12285 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 87,40 Gb Free Space | 29,32% Space Free | Partition Type: NTFS
Drive D: | 189,92 Gb Total Space | 77,18 Gb Free Space | 40,64% Space Free | Partition Type: NTFS
Drive F: | 74,53 Gb Total Space | 33,14 Gb Free Space | 44,47% Space Free | Partition Type: NTFS
Drive N: | 955,47 Mb Total Space | 348,73 Mb Free Space | 36,50% Space Free | Partition Type: FAT32
Drive Q: | 7,53 Gb Total Space | 1,26 Gb Free Space | 16,78% Space Free | Partition Type: NTFS
Drive Z: | 931,51 Gb Total Space | 219,50 Gb Free Space | 23,56% Space Free | Partition Type: NTFS
 
Computer Name: HANSA-PC | User Name: Hansa | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - Z:\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (nwtsrv) -- C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe File not found
SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe File not found
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe File not found
SRV:64bit: - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe File not found
SRV:64bit: - (certsrv) -- C:\Program Files\FRITZ!Fernzugang\certsrv.exe File not found
SRV:64bit: - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe File not found
SRV:64bit: - (avmike) -- C:\Program Files\FRITZ!Fernzugang\avmike.exe File not found
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (Samsung UPD Service) -- C:\Windows\SysNative\SUPDSvc.exe (Samsung Electronics CO., LTD.)
SRV:64bit: - (ATKFUSService) -- C:\Windows\SysNative\ATKFUSService.exe (ASUSTeK COMPUTER INC.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (FSORSPClient) -- C:\Program Files (x86)\Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMwareHostd) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe ()
SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WTGService) -- C:\Program Files (x86)\XSManager\WTGService.exe ()
SRV - (XS Stick Service) -- C:\Windows\service4g.exe (4G Systems GmbH & Co. KG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FSMA) -- C:\Program Files (x86)\Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (FSDFWD) -- C:\Program Files (x86)\Sicherheitspaket\FWES\program\fsdfwd.exe (F-Secure Corporation)
SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files (x86)\Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
SRV - (ASDR) -- C:\Windows\SysWOW64\ASDR.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (CrystalSysInfo) -- C:\Program Files\MediaCoder\SysInfoX64.sys File not found
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (FSES) -- C:\Windows\SysNative\drivers\fses.sys (F-Secure Corporation)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (cmnsusbser) -- C:\Windows\SysNative\drivers\cmnsusbser.sys (Mobile Connector)
DRV:64bit: - (smsbda) -- C:\Windows\SysNative\drivers\smsbda.sys (Siano)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (VMparport) -- C:\Windows\SysNative\drivers\VMparport.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\ManyCam_x64.sys (ManyCam LLC.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (vmusb) -- C:\Windows\SysNative\drivers\vmusb.sys (VMware, Inc.)
DRV:64bit: - (dvdfab) -- C:\Windows\SysNative\drivers\dvdfab.sys (Fengtao Software Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (avmaudio) -- C:\Windows\SysNative\drivers\avmaudio.sys (AVM Berlin)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (EIO64) -- C:\Windows\SysNative\drivers\EIO64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VCam_WDM) -- C:\Windows\SysNative\drivers\VCam_WDM.sys (e2eSoft)
DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcuxd) -- C:\Windows\SysNative\drivers\vpcuxd.sys (Microsoft Corporation)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NWIM) -- C:\Windows\SysNative\drivers\avmnwim.sys (AVM Berlin)
DRV:64bit: - (IOMap) -- C:\Windows\SysNative\drivers\IOMap64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (FSFW) -- C:\Windows\SysNative\drivers\fsdfw.sys (F-Secure Corporation)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (BthAvrcp) -- C:\Windows\SysNative\drivers\BthAvrcp.sys (CSR, plc)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (atkdisplf) -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (asusgsb) -- C:\Windows\SysNative\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (VMUVC) -- C:\Windows\SysNative\drivers\vmuvc.sys (Vimicro Corporation)
DRV:64bit: - (vvftUVC) -- C:\Windows\SysNative\drivers\vvftUVC.sys (Vimicro Corporation)
DRV - (F-Secure Gatekeeper) -- C:\Program Files (x86)\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys ()
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (F-Secure HIPS) -- C:\Program Files (x86)\Sicherheitspaket\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (F-Secure Filter) -- C:\Program Files (x86)\Sicherheitspaket\Anti-Virus\win2k\fsfilter.sys ()
DRV - (F-Secure Recognizer) -- C:\Program Files (x86)\Sicherheitspaket\Anti-Virus\win2k\fsrec.sys ()
DRV - (fsvista) -- C:\Program Files (x86)\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D2 EC AB F5 72 2A CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{05F2ACE9-E030-47D4-93A7-8F8DA46E71B1}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=MYC-ST&o=102869&src=kw&q={searchTerms}&locale=&apn_ptnrs=5J&apn_dtid=YYYYYYYYNL&apn_uid=83e22e8e-4608-4640-87a7-a4abcf4f3c16&apn_sauid=05FC2AB0-30AC-45EF-92BE-96BA39236879
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={3AE13A5F-816A-45D3-A014-54A7181A8CB6}&mid=5634a68e19fa47d195a2048a14a93f92-911e26a440855f4c99f27372e569325cee09a8b7&lang=de&ds=tt014&pr=sa&d=2011-12-16 14:15:30&v=8.0.0.34&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.18: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: C:\VLCP\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Hansa\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Hansa\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}: C:\Program Files (x86)\FileServe Manager\FireFox_Extension\{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5} [2011.01.10 09:42:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\Sicherheitspaket\NRS\litmus-ff@f-secure.com [2012.03.09 07:00:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.14 01:21:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.03.07 13:57:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2011.06.12 23:16:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hansa\AppData\Roaming\Mozilla\Extensions
[2011.06.12 23:16:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hansa\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.03.16 21:42:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hansa\AppData\Roaming\Mozilla\Firefox\Profiles\n8mzny9g.default\extensions
[2012.03.16 21:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hansa\AppData\Roaming\Mozilla\Firefox\Profiles\n8mzny9g.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.03.16 21:42:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hansa\AppData\Roaming\Mozilla\Firefox\Profiles\n8mzny9g.default\extensions\battlefieldheroespatcher@ea.com
[2012.03.16 21:42:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hansa\AppData\Roaming\Mozilla\Firefox\Profiles\n8mzny9g.default\extensions\battlefieldplay4free@ea.com
[2012.03.16 21:42:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hansa\AppData\Roaming\Mozilla\Firefox\Profiles\n8mzny9g.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2012.03.16 21:42:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hansa\AppData\Roaming\Mozilla\Firefox\Profiles\n8mzny9g.default\extensions\DeviceDetection@logitech.com
[2012.01.31 11:22:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.03.14 01:21:23 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.29 15:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.29 14:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 15:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 15:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 15:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 15:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.03.17 10:04:22 | 000,000,355 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	localhost
O1 - Hosts: ::1			localhost
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming File not found
O4:64bit: - HKLM..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" File not found
O4:64bit: - HKLM..\Run: [Launch LCore] "C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized File not found
O4:64bit: - HKLM..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE File not found
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Client auf Monitor & öffnen1 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: Client auf Monitor & öffnen2 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: Download with FileServe Manager - C:\Program Files (x86)\FileServe Manager\GetUrl.htm ()
O8:64bit: - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O8 - Extra context menu item: Client auf Monitor & öffnen1 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Client auf Monitor & öffnen2 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Download with FileServe Manager - C:\Program Files (x86)\FileServe Manager\GetUrl.htm ()
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000024 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000025 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000027 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files (x86)\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {28C08CDD-7AD3-462B-90C7-453E026894A9} http://192.168.1.99/RtspVaPgDec.cab (RtspVaPgDLinkCtrl Class)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.67.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCD09453-0E07-40AB-8E4D-A3BAEE6DBB36}: NameServer = 192.168.1.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.12 21:44:54 | 000,001,286 | ---- | M] () - Z:\automounts.xml -- [ NTFS ]
O33 - MountPoints2\{3e099380-2d35-11e1-bbfd-9ceb2172656b}\Shell - "" = AutoRun
O33 - MountPoints2\{3e099380-2d35-11e1-bbfd-9ceb2172656b}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{40633c3f-9537-11e0-90ab-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{40633c3f-9537-11e0-90ab-806e6f6e6963}\Shell\AutoRun\command - "" = I:\wubi.exe --cdmenu
O33 - MountPoints2\{53ddd9e0-3523-11e1-b8d5-e1a9b17c8766}\Shell - "" = AutoRun
O33 - MountPoints2\{53ddd9e0-3523-11e1-b8d5-e1a9b17c8766}\Shell\AutoRun\command - "" = P:\AutoRun.exe
O33 - MountPoints2\{67f1c1ad-47df-11e1-86ff-ee8ca49d6f6b}\Shell - "" = AutoRun
O33 - MountPoints2\{67f1c1ad-47df-11e1-86ff-ee8ca49d6f6b}\Shell\AutoRun\command - "" = P:\DPFMate.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.17 10:32:49 | 000,000,000 | ---D | C] -- C:\Users\Hansa\Desktop\ccsetup316
[2012.03.17 09:55:49 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Users\Hansa\Desktop\OTL.exe
[2012.03.17 06:06:57 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\SUPERAntiSpyware.com
[2012.03.17 06:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.03.17 06:05:57 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.03.17 06:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.03.17 06:02:36 | 054,215,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2012.03.17 05:26:46 | 002,322,184 | ---- | C] (ESET) -- C:\esetsmartinstaller_enu.exe
[2012.03.17 04:54:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.03.17 03:24:54 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.03.17 03:24:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.03.17 03:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2012.03.17 03:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2012.03.17 02:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kroll Ontrack
[2012.03.17 02:16:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kroll Ontrack
[2012.03.16 23:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakNow RegCleaner 2011
[2012.03.16 23:14:37 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\TweakNow RegCleaner 2011
[2012.03.16 23:14:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweakNow RegCleaner 2011
[2012.03.16 20:23:16 | 000,000,000 | -HSD | C] -- C:\found.000
[2012.03.16 19:56:17 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\Malwarebytes
[2012.03.16 19:56:13 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.03.16 19:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.16 19:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.16 19:56:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.03.16 10:23:02 | 000,000,000 | ---D | C] -- C:\Users\Hansa\Desktop\Neuer Ordner
[2012.03.14 13:04:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.03.14 12:59:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012.03.14 12:58:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012.03.14 12:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.03.14 12:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.03.14 00:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtualDubMOD
[2012.03.14 00:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDubMOD
[2012.03.13 23:52:28 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.03.13 23:52:27 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.03.13 23:52:27 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.03.13 23:24:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSDoctor
[2012.03.13 21:40:39 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.03.13 21:39:27 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\multiAVCHD
[2012.03.13 21:36:50 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.03.13 21:36:50 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.03.13 21:36:50 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.03.13 21:36:48 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.03.13 21:36:48 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.03.13 21:36:48 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.03.13 20:57:56 | 000,000,000 | ---D | C] -- C:\Users\Hansa\Documents\VideoReDo
[2012.03.13 20:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoReDo
[2012.03.13 20:57:40 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\VideoReDo-TVSuite4
[2012.03.13 20:57:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoReDoTVSuite4
[2012.03.13 19:40:52 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{E5851A85-7B95-4E67-844A-CD3BBFE285F1}
[2012.03.13 19:40:40 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{50ACD4BA-57F9-4379-BAA1-454492054D75}
[2012.03.09 21:37:16 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{91F8971E-EAC3-423B-9A79-E026A952251F}
[2012.03.09 21:37:02 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{6D7D774C-B7E1-493E-A197-29C17B14887C}
[2012.03.08 15:13:16 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{0924E1AA-CBC9-4BF6-A9F4-15B75F421B74}
[2012.03.08 15:13:04 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{981221CD-AF1C-48F7-A4F7-C934002EC8BF}
[2012.03.08 00:44:09 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{922BDD81-6D6A-4EAD-8FA5-FEECFC98C86A}
[2012.03.08 00:43:57 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{339546D1-E603-40EA-970C-FA40A52C42EA}
[2012.03.07 19:38:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veetle
[2012.03.07 15:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.03.07 15:45:46 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\=42O= Software
[2012.03.07 15:25:58 | 000,000,000 | ---D | C] -- C:\VLC
[2012.03.07 15:25:37 | 000,000,000 | ---D | C] -- C:\VLCP
[2012.03.07 14:49:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BitCtrl
[2012.03.07 14:49:52 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\bitcontrol
[2012.03.07 14:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bitcontrol
[2012.03.07 14:49:14 | 000,000,000 | ---D | C] -- C:\Windows\VB2_Skins
[2012.03.07 14:49:14 | 000,000,000 | ---D | C] -- C:\dreambox
[2012.03.07 14:48:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunisiasat dreambox player&streamer6.0
[2012.03.07 14:48:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2012.03.07 14:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012.03.07 14:29:52 | 000,108,512 | ---- | C] (e2eSoft) -- C:\Windows\SysNative\drivers\VCam_WDM.sys
[2012.03.07 14:26:47 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallJammer Registry
[2012.03.07 14:20:58 | 000,000,000 | ---D | C] -- C:\Users\Hansa\Desktop\dream
[2012.03.07 14:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Telestream
[2012.03.07 14:00:55 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\Wirecast
[2012.03.07 14:00:54 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\Vara Software
[2012.03.07 14:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
[2012.03.07 14:00:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\eSellerate
[2012.03.07 13:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telestream
[2012.03.07 13:58:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Telestream
[2012.03.07 13:57:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.03.07 13:57:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012.03.07 12:43:44 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{985B1AA1-0264-45A7-A883-0262680A9CB0}
[2012.03.07 12:43:33 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{2D33442E-918B-4E51-8515-37831E9E70AE}
[2012.03.06 14:01:37 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{16BF4AD5-9EDA-40DD-82E9-379F16FED1BC}
[2012.03.06 14:01:25 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{A96026A8-B5E7-4006-9087-1140160FEC43}
[2012.03.05 23:56:46 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{30C4FDE1-C198-4E25-A01E-DAB18BC605FB}
[2012.03.05 23:56:35 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{0D07F8DF-07C6-4EB2-9950-8DFA5B754058}
[2012.03.05 20:02:20 | 000,000,000 | ---D | C] -- C:\swap
[2012.03.05 11:56:09 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{E12C1EA4-0974-4785-B631-CE4EAB2E6D78}
[2012.03.05 11:55:58 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{4FAEB74F-D17F-4162-9FFC-DFB812F50C59}
[2012.03.04 23:16:35 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{C6A1CAAD-D7C7-4F82-BFD8-61297F4D9886}
[2012.03.04 23:16:21 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{03762533-9C61-4534-A4C0-C68718AEEF5A}
[2012.03.04 23:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.03.04 23:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.03.01 15:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
[2012.03.01 15:17:52 | 000,000,000 | ---D | C] -- C:\Neuer Ordner
[2012.02.29 18:30:39 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{951E7930-A0F3-4177-9111-0ABC1537442A}
[2012.02.29 18:30:28 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{6995BA46-6A7C-40AF-AC48-2215ABBFB5D4}
[2012.02.28 14:42:36 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{0208B711-D86A-49ED-A44A-16E00EFA9DF7}
[2012.02.28 14:42:24 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{E314B8F3-1E31-484F-A65C-0A89B55E1EE4}
[2012.02.24 13:06:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GXTranscoder v2
[2012.02.24 03:15:20 | 000,000,000 | ---D | C] -- C:\divx
[2012.02.24 03:15:09 | 000,000,000 | ---D | C] -- C:\Users\Hansa\MediaEspresso
[2012.02.24 03:13:10 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\DivX
[2012.02.24 03:00:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012.02.23 21:08:06 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{29609357-3056-47EB-B53F-10869852127E}
[2012.02.23 21:07:55 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{33C6832C-4D30-42D7-91D0-1F0DC570C0B8}
[2012.02.23 19:18:11 | 000,229,376 | ---- | C] (Gamesman Inc.) -- C:\Windows\SysWow64\cttree.ocx
[2012.02.23 19:18:11 | 000,188,416 | ---- | C] (dbi Technologies Inc.) -- C:\Windows\SysWow64\ctlist.ocx
[2012.02.23 19:18:11 | 000,118,784 | ---- | C] (Gamesman Inc.) -- C:\Windows\SysWow64\cttoolbar.ocx
[2012.02.23 19:18:11 | 000,107,784 | ---- | C] (Catalyst Development Corporation) -- C:\Windows\SysWow64\CSWSK32.OCX
[2012.02.23 19:18:11 | 000,077,824 | ---- | C] (dbi Technologies Inc.) -- C:\Windows\SysWow64\ctcombo.ocx
[2012.02.23 19:18:11 | 000,024,626 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrnde.dll
[2012.02.23 19:18:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\INETDE.DLL
[2012.02.23 19:18:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bouquetter
[2012.02.23 19:18:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bouquetter
[2012.02.23 04:01:11 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Roaming\avidemux
[2012.02.22 18:44:14 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{10B6B0C0-66C5-4A37-8419-3789E4F5CFF6}
[2012.02.22 18:44:01 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{484BB823-B02F-440B-AF1D-9C199A32C25B}
[2012.02.22 11:52:07 | 000,000,000 | ---D | C] -- C:\Users\Hansa\Documents\BioWare
[2012.02.22 11:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012.02.21 21:46:17 | 000,000,000 | ---D | C] -- C:\Users\Hansa\Desktop\fritzbox-labor-7270v2-21785
[2012.02.21 14:48:57 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{8EAD6D81-CAB5-49AD-8583-E6A8FB17563F}
[2012.02.21 14:48:46 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{333D6A20-83B6-4CBE-A7EF-C2CA85AA888C}
[2012.02.20 21:54:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.02.20 17:30:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameForge
[2012.02.20 17:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameForge
[2012.02.20 17:30:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gameforge4D
[2012.02.20 12:41:29 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{C574BE72-022F-451E-90D5-5B847874321D}
[2012.02.20 12:41:17 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{E4E0BDA7-6259-48F3-92B3-9B20A869A399}
[2012.02.18 18:50:03 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{676829BB-382B-4529-9971-79D1C7AB40A3}
[2012.02.18 18:49:51 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{D10D105D-076C-45A1-85B2-181193DC9138}
[2012.02.17 15:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.02.17 15:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.02.17 14:49:16 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{1B949F6F-909A-4591-89D4-F4113BCD9E7F}
[2012.02.16 19:04:37 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{CCCF9608-9E34-413D-822C-660D5671A526}
[2012.02.16 19:04:25 | 000,000,000 | ---D | C] -- C:\Users\Hansa\AppData\Local\{5808DC50-8D00-41D4-9257-5F20D170E443}
[11 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.17 12:20:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.17 11:37:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1647541458-1494372034-2642435841-1001UA.job
[2012.03.17 11:35:39 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.17 11:35:39 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.17 10:46:04 | 000,042,623 | ---- | M] () -- C:\Users\Hansa\Desktop\Unbenannt.jpg
[2012.03.17 10:32:38 | 003,401,771 | ---- | M] () -- C:\Users\Hansa\Desktop\ccsetup316.zip
[2012.03.17 10:21:40 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Hansa\Desktop\OTL.exe
[2012.03.17 10:04:22 | 000,000,355 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.03.17 09:54:37 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.17 06:19:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012.03.17 06:06:09 | 000,001,771 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.03.17 05:26:48 | 002,322,184 | ---- | M] (ESET) -- C:\esetsmartinstaller_enu.exe
[2012.03.17 03:04:46 | 000,001,621 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2012.03.17 02:17:14 | 000,002,355 | ---- | M] () -- C:\Users\Public\Desktop\Ontrack EasyRecovery Professional Trial.lnk
[2012.03.17 02:17:10 | 000,000,659 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2012.03.17 01:48:25 | 000,002,068 | ---- | M] () -- C:\Users\Hansa\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.03.17 01:48:25 | 000,001,997 | ---- | M] () -- C:\Users\Hansa\Desktop\Avira DE-Cleaner.lnk
[2012.03.17 00:13:36 | 000,005,774 | ---- | M] () -- C:\Windows\brndlog.bak
[2012.03.16 23:25:00 | 000,754,674 | ---- | M] () -- C:\srep.exe
[2012.03.16 23:14:41 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\TweakNow RegCleaner 2011.lnk
[2012.03.16 22:25:16 | 001,692,526 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.16 22:25:16 | 000,731,320 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.16 22:25:16 | 000,673,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.16 22:25:16 | 000,160,852 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.16 22:25:16 | 000,132,990 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.16 21:57:23 | 000,287,328 | ---- | M] () -- C:\Users\Hansa\Documents\Unbenannt-1.png.crypt
[2012.03.16 21:57:22 | 000,073,944 | ---- | M] () -- C:\Users\Hansa\Documents\kürbiskopf.png.crypt
[2012.03.16 21:57:21 | 001,381,288 | ---- | M] () -- C:\Users\Hansa\Documents\IMAG0052.jpg.crypt
[2012.03.16 21:57:21 | 000,065,072 | ---- | M] () -- C:\Users\Hansa\Documents\hansa.jpg.crypt
[2012.03.16 21:57:20 | 000,199,032 | ---- | M] () -- C:\Users\Hansa\Documents\haefagoisa-2011-1.jpg.crypt
[2012.03.16 21:57:20 | 000,192,200 | ---- | M] () -- C:\Users\Hansa\Documents\haefagoisa-2011.jpg.crypt
[2012.03.16 21:57:20 | 000,177,672 | ---- | M] () -- C:\Users\Hansa\Documents\haefagoisa.jpg.crypt
[2012.03.16 21:45:16 | 001,970,872 | ---- | M] () -- C:\Users\Hansa\Desktop\SPERLI_Neun_Fragen_rund_um_die_Gurke.pdf.crypt
[2012.03.16 21:45:16 | 000,110,992 | ---- | M] () -- C:\Users\Hansa\Desktop\Unbenannt.png.crypt
[2012.03.16 21:45:16 | 000,078,072 | ---- | M] () -- C:\Users\Hansa\Desktop\Ueberweisungsplan-2012.pdf.crypt
[2012.03.16 21:45:16 | 000,047,816 | ---- | M] () -- C:\Users\Hansa\Desktop\Ueberweisungsplan-2011.pdf.crypt
[2012.03.16 21:45:16 | 000,008,304 | ---- | M] () -- C:\Users\Hansa\Desktop\WWEHD_logo.png.crypt
[2012.03.16 21:45:16 | 000,001,824 | ---- | M] () -- C:\Users\Hansa\Desktop\WinSCP.lnk.crypt
[2012.03.16 21:45:16 | 000,001,680 | ---- | M] () -- C:\Users\Hansa\Desktop\SOUP.exe - Verknüpfung.lnk.crypt
[2012.03.16 21:45:16 | 000,001,616 | ---- | M] () -- C:\Users\Hansa\Desktop\Spielen (GameXN).lnk.crypt
[2012.03.16 21:45:16 | 000,001,088 | ---- | M] () -- C:\Users\Hansa\Desktop\UFSxxx MultiPart installer.lnk.crypt
[2012.03.16 21:45:16 | 000,001,024 | ---- | M] () -- C:\Users\Hansa\Desktop\WiiBackupManager.lnk.crypt
[2012.03.16 21:45:16 | 000,001,008 | ---- | M] () -- C:\Users\Hansa\Desktop\VirtualDJ PRO Full.lnk.crypt
[2012.03.16 21:45:16 | 000,000,976 | ---- | M] () -- C:\Users\Hansa\Desktop\UltraISO.lnk.crypt
[2012.03.16 21:45:16 | 000,000,968 | ---- | M] () -- C:\Users\Hansa\Desktop\VirtualDubMOD.lnk.crypt
[2012.03.16 21:45:16 | 000,000,952 | ---- | M] () -- C:\Users\Hansa\Desktop\Total Video Player.lnk.crypt
[2012.03.16 21:45:16 | 000,000,952 | ---- | M] () -- C:\Users\Hansa\Desktop\Total Video Converter.lnk.crypt
[2012.03.16 21:45:16 | 000,000,928 | ---- | M] () -- C:\Users\Hansa\Desktop\Virtual DJ.lnk.crypt
[2012.03.16 21:45:16 | 000,000,552 | ---- | M] () -- C:\Users\Hansa\Desktop\tsMuxerGUI.exe - Verknüpfung.lnk.crypt
[2012.03.16 21:45:15 | 012,381,736 | ---- | M] () -- C:\Users\Hansa\Desktop\Motorlaufprobleme.pdf.crypt
[2012.03.16 21:45:15 | 000,248,696 | ---- | M] () -- C:\Users\Hansa\Desktop\plugin-f1-2010-car-setups.pdf.crypt
[2012.03.16 21:45:15 | 000,083,504 | ---- | M] () -- C:\Users\Hansa\Desktop\rawdeutsch.jpg.crypt
[2012.03.16 21:45:15 | 000,003,496 | ---- | M] () -- C:\Users\Hansa\Desktop\SG005_20110724.ZIP.crypt
[2012.03.16 21:45:15 | 000,002,632 | ---- | M] () -- C:\Users\Hansa\Desktop\Nero Burning ROM Essentials.lnk.crypt
[2012.03.16 21:45:15 | 000,001,368 | ---- | M] () -- C:\Users\Hansa\Desktop\RealTemp.exe - Verknüpfung.lnk.crypt
[2012.03.16 21:45:15 | 000,001,352 | ---- | M] () -- C:\Users\Hansa\Desktop\ruKernelTool_x64.exe - Verknüpfung.lnk.crypt
[2012.03.16 21:45:15 | 000,001,296 | ---- | M] () -- C:\Users\Hansa\Desktop\PC Inspector File Recovery.lnk.crypt
[2012.03.16 21:45:15 | 000,001,064 | ---- | M] () -- C:\Users\Hansa\Desktop\Notepad++.lnk.crypt
[2012.03.16 21:45:15 | 000,000,880 | ---- | M] () -- C:\Users\Hansa\Desktop\MP3-DJ.lnk.crypt
[2012.03.16 21:45:15 | 000,000,688 | ---- | M] () -- C:\Users\Hansa\Desktop\multiAVCHD 4.1.lnk.crypt
[2012.03.16 21:45:15 | 000,000,240 | ---- | M] () -- C:\Users\Hansa\Desktop\Need for Speed(TM) Hot Pursuit.lnk.crypt
[2012.03.16 21:45:14 | 006,021,864 | ---- | M] () -- C:\Users\Hansa\Desktop\mkvtoolnix-unicode-4.9.1-setup.exe.crypt
[2012.03.16 21:45:14 | 000,000,632 | ---- | M] () -- C:\Users\Hansa\Desktop\ModMii.lnk.crypt
[2012.03.16 21:45:12 | 006,128,664 | ---- | M] () -- C:\Users\Hansa\Desktop\klingel.mp3.crypt
[2012.03.16 21:45:12 | 000,001,008 | ---- | M] () -- C:\Users\Hansa\Desktop\Maxiboot Installer.lnk.crypt
[2012.03.16 21:45:12 | 000,000,888 | ---- | M] () -- C:\Users\Hansa\Desktop\MediaCoder x64.lnk.crypt
[2012.03.16 21:45:11 | 006,501,912 | ---- | M] () -- C:\Users\Hansa\Desktop\index.pdf.crypt
[2012.03.16 21:45:11 | 001,088,928 | ---- | M] () -- C:\Users\Hansa\Desktop\Kabel-BW-Anleitung-TCPOptimizer.pdf.crypt
[2012.03.16 21:45:11 | 000,122,688 | ---- | M] () -- C:\Users\Hansa\Desktop\invoice.pdf.crypt
[2012.03.16 21:45:11 | 000,063,056 | ---- | M] () -- C:\Users\Hansa\Desktop\kelly5_2.png.crypt
[2012.03.16 21:45:11 | 000,027,816 | ---- | M] () -- C:\Users\Hansa\Desktop\invoiceeee.pdf.crypt
[2012.03.16 21:45:10 | 787,087,360 | ---- | M] () -- C:\Users\Hansa\Desktop\Inas-BestOfSingen.avi.crypt
[2012.03.16 21:43:42 | 000,002,088 | ---- | M] () -- C:\Users\Hansa\Desktop\hansa_001.lnk.crypt
[2012.03.16 21:43:42 | 000,001,320 | ---- | M] () -- C:\Users\Hansa\Desktop\hansa.lnk.crypt
[2012.03.16 21:43:42 | 000,000,896 | ---- | M] () -- C:\Users\Hansa\Desktop\Hacker Evolution.lnk.crypt
[2012.03.16 21:43:41 | 017,706,648 | ---- | M] () -- C:\Users\Hansa\Desktop\ger.pdf.crypt
[2012.03.16 21:43:41 | 000,002,328 | ---- | M] () -- C:\Users\Hansa\Desktop\Google Chrome.lnk.crypt
[2012.03.16 21:43:40 | 000,001,168 | ---- | M] () -- C:\Users\Hansa\Desktop\Format Factory.lnk.crypt
[2012.03.16 21:43:40 | 000,001,064 | ---- | M] () -- C:\Users\Hansa\Desktop\FAT32 GUI Formatter.lnk.crypt
[2012.03.16 21:43:39 | 003,341,576 | ---- | M] () -- C:\Users\Hansa\Desktop\DW12-EFET(0120504770)-UM.pdf.crypt
[2012.03.16 21:43:39 | 000,130,008 | ---- | M] () -- C:\Users\Hansa\Desktop\Eve_Torres_CutOut_Jess-x_UPDATE.png.crypt
[2012.03.16 21:43:39 | 000,088,280 | ---- | M] () -- C:\Users\Hansa\Desktop\einmaleins.pdf.crypt
[2012.03.16 21:43:39 | 000,001,664 | ---- | M] () -- C:\Users\Hansa\Desktop\F1_2011_Launcher.exe - Verknüpfung.lnk.crypt
[2012.03.16 21:43:39 | 000,001,272 | ---- | M] () -- C:\Users\Hansa\Desktop\Empires Die Neuzeit.lnk.crypt
[2012.03.16 21:43:39 | 000,000,704 | ---- | M] () -- C:\Users\Hansa\Desktop\ener.exe - Verknüpfung.lnk.crypt
[2012.03.16 21:43:36 | 012,482,776 | ---- | M] () -- C:\Users\Hansa\Desktop\complete.pdf.crypt
[2012.03.16 21:43:36 | 000,150,560 | ---- | M] () -- C:\Users\Hansa\Desktop\Daniel_Bryan_200.png.crypt
[2012.03.16 21:43:36 | 000,053,320 | ---- | M] () -- C:\Users\Hansa\Desktop\Daniel_Bryan_1112.png.crypt
[2012.03.16 21:43:36 | 000,001,048 | ---- | M] () -- C:\Users\Hansa\Desktop\DVDFab Passkey 8.lnk.crypt
[2012.03.16 21:43:36 | 000,001,024 | ---- | M] () -- C:\Users\Hansa\Desktop\DVDFab Profile Editor.lnk.crypt
[2012.03.16 21:43:36 | 000,000,984 | ---- | M] () -- C:\Users\Hansa\Desktop\DVDFab 8 Qt.lnk.crypt
[2012.03.16 21:43:36 | 000,000,208 | ---- | M] () -- C:\Users\Hansa\Desktop\DiRT 3.lnk.crypt
[2012.03.16 21:43:34 | 004,422,584 | ---- | M] () -- C:\Users\Hansa\Desktop\CIMG0986.JPG.crypt
[2012.03.16 21:43:34 | 001,067,936 | ---- | M] () -- C:\Users\Hansa\Desktop\CIMG1080.jpg.crypt
[2012.03.16 21:43:33 | 004,835,344 | ---- | M] () -- C:\Users\Hansa\Desktop\500103014_Serviceunterlage.pdf.crypt
[2012.03.16 21:43:33 | 000,144,072 | ---- | M] () -- C:\Users\Hansa\Desktop\banner.png.crypt
[2012.03.16 21:43:33 | 000,138,232 | ---- | M] () -- C:\Users\Hansa\Desktop\channel-klops.pdf.crypt
[2012.03.16 21:43:33 | 000,054,152 | ---- | M] () -- C:\Users\Hansa\Desktop\brief_2370660.pdf.crypt
[2012.03.16 21:43:33 | 000,046,392 | ---- | M] () -- C:\Users\Hansa\Desktop\Anleitung Softwareupdate Atevio 7er Serie.pdf.crypt
[2012.03.16 21:43:33 | 000,028,528 | ---- | M] () -- C:\Users\Hansa\Desktop\AKD-73612361979.pdf.crypt
[2012.03.16 21:43:33 | 000,001,808 | ---- | M] () -- C:\Users\Hansa\Desktop\Call Of Duty Modern Warfare 2.lnk.crypt
[2012.03.16 21:43:33 | 000,001,280 | ---- | M] () -- C:\Users\Hansa\Desktop\BF2.exe - Verknüpfung.lnk.crypt
[2012.03.16 21:43:33 | 000,001,264 | ---- | M] () -- C:\Users\Hansa\Desktop\AVS4YOU Software Navigator.lnk.crypt
[2012.03.16 21:43:33 | 000,001,208 | ---- | M] () -- C:\Users\Hansa\Desktop\AVS Video Converter.lnk.crypt
[2012.03.16 21:43:33 | 000,001,072 | ---- | M] () -- C:\Users\Hansa\Desktop\AAF Recovery tool UFS910.lnk.crypt
[2012.03.16 21:43:33 | 000,001,048 | ---- | M] () -- C:\Users\Hansa\Desktop\AAF Recovery tool AV700.lnk.crypt
[2012.03.16 21:43:33 | 000,000,240 | ---- | M] () -- C:\Users\Hansa\Desktop\Battlefield Bad Company™ 2.lnk.crypt
[2012.03.16 21:06:30 | 000,101,704 | ---- | M] () -- C:\Users\Hansa\visitenkarten.jpg.crypt
[2012.03.16 21:06:29 | 000,159,784 | ---- | M] () -- C:\Users\Hansa\visitenkarten-2.jpg.crypt
[2012.03.16 15:30:19 | 002,340,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.16 12:17:59 | 000,000,544 | ---- | M] () -- C:\$IPI56NS.1_+_ZWT_Keygen
[2012.03.16 11:39:54 | 000,000,050 | ---- | M] () -- C:\Users\Hansa\AppData\Roaming\settings.crypt
[2012.03.15 00:10:19 | 013,504,650 | ---- | M] () -- C:\h264-1.pass
[2012.03.14 23:37:04 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1647541458-1494372034-2642435841-1001Core.job
[2012.03.14 15:30:12 | 001,641,440 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.03.13 23:24:44 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\TSDoctor.lnk
[2012.03.13 20:57:52 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\VideoReDo TVSuite V4.lnk
[2012.03.13 20:36:47 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2012.03.13 20:23:00 | 000,000,000 | ---- | M] () -- C:\Windows\graphedt_x64.INI
[2012.03.13 02:24:49 | 000,000,000 | ---- | M] () -- C:\Users\Hansa\Documents\ts3_clientui-win32-1329301801-2012-03-13 02_24_49.809971.dmp.crypt
[2012.03.08 16:28:07 | 000,000,000 | ---- | M] () -- C:\Users\Hansa\Documents\ts3_clientui-win32-1329301801-2012-03-08 16_28_07.159187.dmp.crypt
[2012.03.08 15:43:45 | 000,000,000 | ---- | M] () -- C:\Users\Hansa\Documents\ts3_clientui-win32-1329301801-2012-03-08 15_43_45.986012.dmp.crypt
[2012.03.07 15:47:21 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.03.07 14:48:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2012.03.07 14:48:35 | 000,001,772 | ---- | M] () -- C:\Windows\ST6UNST.000
[2012.03.07 14:30:51 | 000,005,632 | ---- | M] () -- C:\Users\Hansa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini.crypt
[2012.03.07 14:10:18 | 000,002,351 | ---- | M] () -- C:\Users\Hansa\AppData\Roaming\net.telestream.wirecast.xml.crypt
[2012.03.07 13:57:14 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.03.04 23:16:00 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.03.04 16:23:04 | 054,215,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2012.02.24 13:06:46 | 000,116,414 | ---- | M] () -- C:\Windows\GXTranscoder v2 Uninstaller.exe
[2012.02.22 10:56:08 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.02.20 21:50:15 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012.02.20 21:49:47 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.02.20 21:49:39 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.02.20 21:49:34 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.02.17 15:23:30 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012.02.17 15:23:30 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.02.17 07:38:27 | 001,112,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.02.17 07:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.02.17 06:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[11 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.17 10:46:04 | 000,042,623 | ---- | C] () -- C:\Users\Hansa\Desktop\Unbenannt.jpg
[2012.03.17 10:32:31 | 003,401,771 | ---- | C] () -- C:\Users\Hansa\Desktop\ccsetup316.zip
[2012.03.17 06:06:09 | 000,001,771 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.03.17 03:04:46 | 000,001,621 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk
[2012.03.17 02:17:14 | 000,002,355 | ---- | C] () -- C:\Users\Public\Desktop\Ontrack EasyRecovery Professional Trial.lnk
[2012.03.17 02:17:10 | 000,000,057 | ---- | C] () -- C:\Windows\SysWow64\MAPISVC.BAK
[2012.03.17 01:22:10 | 000,002,068 | ---- | C] () -- C:\Users\Hansa\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.03.17 01:22:10 | 000,001,997 | ---- | C] () -- C:\Users\Hansa\Desktop\Avira DE-Cleaner.lnk
[2012.03.17 00:13:39 | 000,005,774 | ---- | C] () -- C:\Windows\brndlog.bak
[2012.03.16 23:40:19 | 000,754,674 | ---- | C] () -- C:\srep.exe
[2012.03.16 23:14:41 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\TweakNow RegCleaner 2011.lnk
[2012.03.16 19:56:13 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.16 12:17:59 | 000,000,544 | ---- | C] () -- C:\$IPI56NS.1_+_ZWT_Keygen
[2012.03.16 11:39:54 | 000,000,050 | ---- | C] () -- C:\Users\Hansa\AppData\Roaming\settings.crypt
[2012.03.14 09:24:33 | 013,504,650 | ---- | C] () -- C:\h264-1.pass
[2012.03.14 00:01:09 | 000,000,968 | ---- | C] () -- C:\Users\Hansa\Desktop\VirtualDubMOD.lnk.crypt
[2012.03.13 23:24:44 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\TSDoctor.lnk
[2012.03.13 21:39:27 | 000,000,688 | ---- | C] () -- C:\Users\Hansa\Desktop\multiAVCHD 4.1.lnk.crypt
[2012.03.13 20:57:52 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\VideoReDo TVSuite V4.lnk
[2012.03.13 20:23:00 | 000,000,000 | ---- | C] () -- C:\Windows\graphedt_x64.INI
[2012.03.13 02:24:49 | 000,000,000 | ---- | C] () -- C:\Users\Hansa\Documents\ts3_clientui-win32-1329301801-2012-03-13 02_24_49.809971.dmp.crypt
[2012.03.08 16:28:07 | 000,000,000 | ---- | C] () -- C:\Users\Hansa\Documents\ts3_clientui-win32-1329301801-2012-03-08 16_28_07.159187.dmp.crypt
[2012.03.08 15:43:45 | 000,000,000 | ---- | C] () -- C:\Users\Hansa\Documents\ts3_clientui-win32-1329301801-2012-03-08 15_43_45.986012.dmp.crypt
[2012.03.07 16:29:33 | 000,083,504 | ---- | C] () -- C:\Users\Hansa\Desktop\rawdeutsch.jpg.crypt
[2012.03.07 15:47:21 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.03.07 14:48:24 | 000,001,772 | ---- | C] () -- C:\Windows\ST6UNST.000
[2012.03.07 14:00:54 | 000,002,351 | ---- | C] () -- C:\Users\Hansa\AppData\Roaming\net.telestream.wirecast.xml.crypt
[2012.03.07 13:57:14 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.03.04 23:16:00 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.03.01 15:17:08 | 001,067,936 | ---- | C] () -- C:\Users\Hansa\Desktop\CIMG1080.jpg.crypt
[2012.02.24 13:06:34 | 000,116,414 | ---- | C] () -- C:\Windows\GXTranscoder v2 Uninstaller.exe
[2012.02.21 16:18:45 | 000,000,552 | ---- | C] () -- C:\Users\Hansa\Desktop\tsMuxerGUI.exe - Verknüpfung.lnk.crypt
[2012.02.17 15:23:30 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.02.15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.02.14 22:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.02.03 10:29:56 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.02.02 02:04:03 | 000,000,600 | ---- | C] () -- C:\Users\Hansa\AppData\Roaming\winscp.rnd.crypt
[2012.01.31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.12 18:05:55 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2011.12.21 12:21:16 | 000,184,828 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.10.17 13:54:04 | 000,258,864 | ---- | C] () -- C:\Windows\SUPDRun.exe
[2011.10.07 19:41:22 | 000,005,632 | ---- | C] () -- C:\Users\Hansa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini.crypt
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.26 10:47:47 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.09.26 10:47:47 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.09.26 10:47:44 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.09.26 10:47:44 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.09.26 10:47:44 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.09.21 19:30:55 | 000,028,672 | ---- | C] () -- C:\ProgramData\data.dll.crypt
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.22 22:30:43 | 000,001,245 | ---- | C] () -- C:\Windows\eReg.dat
[2011.08.17 00:59:35 | 000,917,504 | ---- | C] () -- C:\Windows\SysWow64\dtsdecoderdll.dll
[2011.08.17 00:59:34 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2011.06.17 11:56:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asrussian.dll
[2011.06.17 11:56:29 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\askorean.dll
[2011.06.17 11:56:29 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asjapan.dll
[2011.06.17 11:56:29 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asgerman.dll
[2011.06.17 11:56:29 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asfrench.dll
[2011.06.17 11:56:29 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aseng.dll
[2011.06.17 11:56:29 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ASCHT.dll
[2011.06.17 11:56:29 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aschs.dll
[2011.06.14 12:33:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.06.13 17:28:09 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011.06.13 10:21:14 | 000,000,762 | ---- | C] () -- C:\Windows\Edofma.INI
[2011.06.13 10:13:05 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.13 10:13:03 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.06.13 10:13:03 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.13 00:18:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat.crypt
[2011.06.13 00:05:57 | 001,641,440 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.12 23:23:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 187 bytes -> C:\ProgramData\Temp:3440EB47
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:66633281
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0888F409

< End of report >

Code:

OTL Extras logfile created on: 17.03.2012 12:27:06 - Run 1
OTL by OldTimer - Version 3.2.38.0     Folder = Z:\
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,31 Gb Available Physical Memory | 82,68% Memory free
15,99 Gb Paging File | 15,34 Gb Available in Paging File | 95,93% Paging File free
Paging file location(s): d:\pagefile.sys 12285 12285 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 87,40 Gb Free Space | 29,32% Space Free | Partition Type: NTFS
Drive D: | 189,92 Gb Total Space | 77,18 Gb Free Space | 40,64% Space Free | Partition Type: NTFS
Drive F: | 74,53 Gb Total Space | 33,14 Gb Free Space | 44,47% Space Free | Partition Type: NTFS
Drive N: | 955,47 Mb Total Space | 348,73 Mb Free Space | 36,50% Space Free | Partition Type: FAT32
Drive Q: | 7,53 Gb Total Space | 1,26 Gb Free Space | 16,78% Space Free | Partition Type: NTFS
Drive Z: | 931,51 Gb Total Space | 219,50 Gb Free Space | 23,56% Space Free | Partition Type: NTFS
 
Computer Name: HANSA-PC | User Name: Hansa | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SCHLECKER Foto Digital Service] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SCHLECKER Foto Digital Service] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C818871-6337-17AC-CA8C-A3942F15D92A}" = AMD Accelerated Video Transcoding
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{225FA1E8-372F-BBFF-F488-E79D78A5180E}" = AMD AVIVO64 Codecs
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{353D1262-B2D2-AD87-EB5E-6B1395AF9FAE}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{54FFD5AC-7350-52B9-FB8F-1A8A6CF1FB5B}" = AMD Media Foundation Decoders
"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62E685A3-1E4F-4A12-B77C-9949DE9E7DFB}" = FRITZ!Fernzugang
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software 8.00
"{6A45AA1A-73D1-4D32-98C8-3B692163373C}" = StreamMeNG HD 1.0.3 Final (non public)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6F29F195-B11C-3EAD-B883-997BB29DFA17}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7688DE34-87F5-45D5-AADA-E5501C1E0814}" = Oracle VM VirtualBox 4.1.0
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8DF73A13-F54C-4CB3-B4AD-4375A2E8F4F8}" = VmciSockets
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BBBE35B2-9349-3C48-BD3D-F574B17C7924}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CFA5BA6D-D6BB-AE1B-E61E-5B1ACFC8F0BB}" = AMD Drag and Drop Transcoding
"{D34C07CA-DCF0-4A5C-A4DD-55522B17F4F2}" = WBFS Manager 4.0
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{D6DDB606-CD15-98C7-AA65-6B617EE8CDA5}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"ffdshow64_is1" = ffdshow [rev 3082] [2009-09-21]
"MediaCoder x64" = MediaCoder x64 2011
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Recuva" = Recuva
"sp6" = Logitech SetPoint 6.22
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{030C0401-52A9-BE86-D8A7-52C0DA203275}" = CCC Help Swedish
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{061034DA-ED68-4BDD-ACB9-4D0C6F90878F}" = MAGIX Music Maker 17 Trial (Soundpaket)
"{0749E1E5-BD6B-474C-BD21-48891526113E}" = MAGIX Music Maker 17 Download-Version
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{1743DB16-33CD-4642-BCAC-22DC89992272}" = Wirecast
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{198573D8-60B3-4BBA-9B35-A8D2AFA8B5C0}" = MAGIX Music Maker 17 Premium (Sound package)
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29
"{283153BB-CEE6-EE9C-81E8-4350D73354BA}" = CCC Help Turkish
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{37491A3D-B2A6-402D-898E-5C4EF3984C29}" = Adobe Flash Media Live Encoder 3.1
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39445575-7D3A-52AA-152B-7F9423D1AE69}" = CCC Help German
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C9A3282-9DAE-F492-13F4-6D4D664AC15F}" = CCC Help Spanish
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3F9FB449-93DB-4C47-BB5B-7334C4D1736E}" = SD Formatter
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010
"{434D0831-A4CC-401A-9E74-621000018402}" = F1 2010
"{434D0831-A4CC-401A-9E74-621000018403}" = F1 2010
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"{47F6627C-61DD-4191-91C3-2E4077EE7B1F}" = MAGIX Music Maker 17 Premium Download Version
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{50A24708-C995-4F2E-9B98-2C98288DE066}" = Stereoscopic Player
"{511FA8D0-78BE-47F9-AEB0-CDF377E3064A}" = MAGIX Music Maker 17 Premium (Instrument package 1)
"{5236FA8C-4B70-E30E-93EF-F7D3A5E468C7}" = CCC Help Greek
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54AA90EC-0DE4-464C-9888-653A2CA5435E}" = MAGIX Music Maker Rock Edition 4 (Synthesizer und Effekte)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{582D40A1-995E-40D5-A399-54EA35481C6E}" = Plex Media Server
"{586F0E27-0BC5-34DE-AA0B-96D14397910E}" = CCC Help Russian
"{5A07D8BC-C982-43B3-B24F-6FD8D6E89F02}_is1" = FileServe Manager 1.0.0.3510
"{5AF7EA0B-F009-CC00-E446-C2286AF80471}" = CCC Help Czech
"{5D0BAA26-7D88-4343-A507-F439566E1DDD}" = MAGIX Music Maker 17 Premium (Instrument package 2)
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5FC116F2-4508-A6FC-15FB-C64F05AB0F26}" = CCC Help Chinese Traditional
"{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}" = Logitech Harmony Remote Software
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{685ACA56-004C-4F80-2BC0-951BF278C03F}" = CCC Help Chinese Standard
"{6AAD644F-548B-43FC-B983-38303E2D647C}" = Bouquetter
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{6D1AFFC2-AC60-BC3B-2DC9-0D80A1E9CB16}" = CCC Help Thai
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A51A91-E7D3-11DB-A386-005056C00008}" = Vimicro USB2.0 UVC PC Camera
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79CFDE3C-4602-85B2-ACF6-83D897B8B33A}" = CCC Help Korean
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C302955-0EA3-4419-9250-987C88A3D39A}" = MAGIX Music Maker Rock Edition 4 (Soundpaket)
"{7EED52BE-2247-D8E2-2196-492D03ABF276}" = HydraVision
"{7F30FDC7-82A7-48F6-AABB-98962DE5AA1F}" = GLUCOFACTS® Deluxe
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"{82BEEB3F-D0BF-42EE-8739-F4827C4805B7}" = VirtualDJ PRO Full
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8972B1C8-B899-0AA0-8596-BFC9AE3311F1}" = CCC Help Finnish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{923B9270-0FF5-4CD9-BF7A-4C6F810D03F8}" = MAGIX Music Maker 17 Premium (Introductory videos)
"{92BE4E1B-AEFD-DA72-B805-948290A4BB13}" = CCC Help Hungarian
"{9526B61A-1C35-96D1-531B-C8DB1D36C336}" = CCC Help Danish
"{98E3DE42-F6E0-49EC-8E83-E29821927812}" = MAGIX Video deluxe MX Premium Download-Version
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A295F81-04C8-FB18-2D1C-A33AA8A442CA}" = CCC Help French
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A45F4518-0DC7-474A-BBE1-F04CC2D6FD93}" = Ontrack EasyRecovery Professional Trial
"{A4B3A0BD-9149-40D3-B139-D5E0C9B761CC}" = TSDoctor
"{A8DBF55D-73C0-4E37-A10E-365BFBB14119}" = Battlefield 2
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1" = VirtualDubMOD 1.5.10.3 US
"{B352D3F6-352B-4031-9C79-2C7A26062BBC}" = MAGIX Music Maker 17 Premium (Synthesizer and effects)
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C8C8EF-77E0-1C0D-1CFA-A39E2E898311}" = CCC Help Italian
"{B5AD9952-F716-9862-7ED7-734E0328CF7C}" = Catalyst Control Center
"{B6DC1DD5-52D8-491B-925B-02050B4105FA}" = MAGIX Screenshare
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C0E69600-E8D1-784D-829C-788D91D65051}" = CCC Help Polish
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C37B1C57-DD9B-D1E0-B933-8EA8D56E2222}" = CCC Help Norwegian
"{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}" = Application Profiles
"{C6115A28-F277-4E82-B067-84D28BF21031}" = Nero 7 Essentials
"{CA3A3F20-566B-ABB1-A541-3D93C0D09EE5}" = CCC Help Japanese
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4C4485B-16EB-31A8-C2DE-D778E8E4628B}" = Catalyst Control Center Localization All
"{D62A8AB4-9F5A-4E61-8DF5-2DFF77C73900}" = MAGIX Music Maker Rock Edition 4 Download-Version
"{DACB19BF-B853-42FA-A686-8F55E065CA10}" = 91 PC Suite for iPhone
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DAF650C8-AFE5-3460-E1C4-B9716D2DA5D2}" = Catalyst Control Center InstallProxy
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0C6F271-FE15-B2D5-FF42-BCA40700DC51}" = CCC Help English
"{E1D0A4DC-97BD-CE37-3E89-87D3337E55CA}" = CCC Help Dutch
"{E4C27ADB-3345-4299-82F8-9250DFF47156}" = MAGIX Music Maker 17 Premium (Demo songs)
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6FA341F-8840-6B18-5BCE-C7CCEBDFE516}" = Catalyst Control Center Graphics Previews Common
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED15763E-A6ED-56D2-B0B5-C7D22D4CE248}" = CCC Help Portuguese
"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EFADD989-D9F2-49F6-A280-675951CC78D3}" = FRITZ!Box-Fernzugang einrichten
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4884EA7-CF31-4E87-B840-CFE161BD81D3}" = MAGIX Music Maker 17 Premium (Instrument package 3)
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"1489-3350-5074-6281" = JDownloader 0.9
"AAF Recovery tool AT700_is1" = AAF_Recovery_tool installer V4.6
"AAF Recovery tool UFS910_is1" = AAF_Recovery_tool installer UFS910 V1.9
"AAF UFS910/UFS922/TF7700 MultiPart Installer_is1" = AAF UFS910/UFS922/TF7700 MultiPart Installer V2.4
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"bcDTVLink" = bitcontrol® Digital TV Link v2.5
"bcMPEG2dec" = bitcontrol® MPEG-2 Video Decoder v1.5
"DAEMON Tools Lite" = DAEMON Tools Lite
"DVDFab 8 Qt_is1" = DVDFab 8.1.6.3 (11/02/2012) Qt
"DVDFab Passkey 8_is1" = DVDFab Passkey 8.0.4.0 (31/10/2011)
"ESET Online Scanner" = ESET Online Scanner v3
"FormatFactory" = FormatFactory 2.70
"FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box
"F-Secure Product 444" = Sicherheitspaket
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"GXTranscoder v2" = GXTranscoder v2
"HaaliMkx" = Haali Media Splitter
"HackerEvolution" = Hacker Evolution (1.00.0083) (remove only)
"HackerEvolutionUntold" = Hacker Evolution: Untold (2.01.049)(remove only)
"HD Tune_is1" = HD Tune 2.55
"HijackThis" = HijackThis 2.0.2
"InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"InstallShield_{A45F4518-0DC7-474A-BBE1-F04CC2D6FD93}" = Ontrack EasyRecovery Professional Trial
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.7.0
"MAGIX_MSI_mm17" = MAGIX Music Maker 17 Download-Version
"MAGIX_MSI_mm17_rock_edition_4" = MAGIX Music Maker Rock Edition 4 Download-Version
"MAGIX_MSI_mm17dlx" = MAGIX Music Maker 17 Premium Download Version
"MAGIX_MSI_Videodeluxe18_premium" = MAGIX Video deluxe MX Premium Download-Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Maxiboot Installer_is1" = Maxiboot Installer V1.5
"MKVToolNix" = MKVToolNix 5.4.0 [20120312-422]
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Mozilla Thunderbird 11.0 (x86 de)" = Mozilla Thunderbird 11.0 (x86 de)
"MP3-DJ_is1" = MP3-DJ 11.6.0
"MPE" = MyPhoneExplorer
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"PuTTY_is1" = PuTTY version 0.61
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"SCHLECKER Foto Digital Service" = SCHLECKER Foto Digital Service
"Steam App 440" = Team Fortress 2
"Steam App 520" = Team Fortress 2 Beta
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204
"Tunngle beta_is1" = Tunngle beta
"TweakNow RegCleaner 2011_is1" = TweakNow RegCleaner 2011
"UltraISO_is1" = UltraISO Premium V9.51
"Veetle Broadcaster" = Veetle Broadcaster 0.9.18
"VideoReDo4_is1" = VideoReDo TVSuite Version 4.20.7.629
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 2.0.0
"VMware_Workstation" = VMware Workstation
"Weihnachtsmannspiel" = Weihnachtsmannspiel
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.6
"Wireshark" = Wireshark 1.6.0
"Xfire" = Xfire (remove only)
"Xilisoft Video Converter Ultimate 6" = Xilisoft Video Converter Ultimate 6
"XSManager" = XSManager
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"4b993d23efaba896" = Carrier Wandler
"ab1af244d47f0c33" = SOUP - Share-Online Uploader
"b7ea1663514b0543" = =42O= VLC-Control
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
"Game Organizer" = GameXN GO
"Glucofacts Deluxe Updater 2.0" = Glucofacts Deluxe Updater 2.0
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 11.12.2011 07:35:04 | Computer Name = Hansa-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: setup.exe_InstallShield, Version:
 14.0.0.162, Zeitstempel: 0x4626b2f4  Name des fehlerhaften Moduls: WUNPACLN.dll_unloaded,
 Version: 0.0.0.0, Zeitstempel: 0x4d99b634  Ausnahmecode: 0xc0000005  Fehleroffset: 
0x73c81e60  ID des fehlerhaften Prozesses: 0x15e0  Startzeit der fehlerhaften Anwendung:
 0x01ccb7f8dbe413d1  Pfad der fehlerhaften Anwendung: C:\Users\Hansa\AppData\Local\Temp\{599DEC36-0755-4FDB-87C3-27A2C9CB8DC4}\setup.exe
Pfad
 des fehlerhaften Moduls: WUNPACLN.dll  Berichtskennung: 2abd2c4b-23ec-11e1-8aa6-e94a66964466
 
Error - 11.12.2011 12:36:25 | Computer Name = Hansa-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
 security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files\microsoft security client\MSESysprep.dll" in Zeile 10.  Das imaging-Element
 wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
 angezeigt, das von dieser Windows-Version nicht unterstützt wird.
 
Error - 11.12.2011 12:37:28 | Computer Name = Hansa-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Codemasters\F1 2011\CustomActionOnFinishInst.exe". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Codemasters\F1 2011\CustomActionOnFinishInst.exe"
 in Zeile 1.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
Error - 12.12.2011 07:50:42 | Computer Name = Hansa-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
 "System Writer".  Details: AddLegacyDriverFiles: Unable to back up image of binary
 Linux ext2 file system driver.  System Error: Das System kann die angegebene Datei
 nicht finden.  .
 
Error - 12.12.2011 07:51:51 | Computer Name = Hansa-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
 "System Writer".  Details: AddLegacyDriverFiles: Unable to back up image of binary
 Linux ext2 file system driver.  System Error: Das System kann die angegebene Datei
 nicht finden.  .
 
Error - 12.12.2011 07:52:44 | Computer Name = Hansa-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
 "System Writer".  Details: AddLegacyDriverFiles: Unable to back up image of binary
 Linux ext2 file system driver.  System Error: Das System kann die angegebene Datei
 nicht finden.  .
 
Error - 13.12.2011 02:50:34 | Computer Name = Hansa-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
 security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files\microsoft security client\MSESysprep.dll" in Zeile 10.  Das imaging-Element
 wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
 angezeigt, das von dieser Windows-Version nicht unterstützt wird.
 
Error - 13.12.2011 02:51:40 | Computer Name = Hansa-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Codemasters\F1 2011\CustomActionOnFinishInst.exe". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Codemasters\F1 2011\CustomActionOnFinishInst.exe"
 in Zeile 1.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
Error - 14.12.2011 03:11:46 | Computer Name = Hansa-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
 security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files\microsoft security client\MSESysprep.dll" in Zeile 10.  Das imaging-Element
 wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
 angezeigt, das von dieser Windows-Version nicht unterstützt wird.
 
Error - 14.12.2011 03:13:05 | Computer Name = Hansa-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Codemasters\F1 2011\CustomActionOnFinishInst.exe". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Codemasters\F1 2011\CustomActionOnFinishInst.exe"
 in Zeile 1.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
[ System Events ]
Error - 17.03.2012 07:21:09 | Computer Name = Hansa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 17.03.2012 07:21:09 | Computer Name = Hansa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 17.03.2012 07:21:09 | Computer Name = Hansa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 17.03.2012 07:21:09 | Computer Name = Hansa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 17.03.2012 07:21:10 | Computer Name = Hansa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 17.03.2012 07:21:30 | Computer Name = Hansa-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 17.03.2012 07:21:30 | Computer Name = Hansa-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 17.03.2012 07:22:48 | Computer Name = Hansa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 17.03.2012 07:24:22 | Computer Name = Hansa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 17.03.2012 07:25:07 | Computer Name = Hansa-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
 
< End of report >

**kira** · 17.03.2012, 20:39

1.
Ich würde an deiner Stelle beides deinstallieren:

Code:

TweakNow RegCleaner
Recuva

Sogenannte Optimierungstool, Registry-Säuberungs-Programm gibt es viele! Die Hersteller versprechen weitaus mehr, als letztlich wirklich halten können. Ich rate Dir also dringend davon ab solche Tools einzusetzen, die so tief in die Registry eingreifen und "völlig automatisch" versuchen Windows zu optimieren,, da eine winzige Änderung in der Registry (z.B "falsch gelöschte" Einträge) kann fatale Folgen haben! Dann wundert man sich, dass Windows irgendwann lahmt oder Abstürze bringt! - Ich kann mir nicht vorstellen, dass irgendein Programm zwischen nützlichen und unnützen unterscheiden kann und "völlig automatisch" entscheiden kann, was Windows wirklich benötigt und was nicht! Fraglich auch, ob alle zuvor angelegten Sicherungsdateien bei Problemen einfach wiederherstellen kann, wie es der Hersteller versprochen hat?
Windows garnix so dumm, wie oft behauptet wird! - Windows mit Eigenmittel zu beschleunigen, bietet an von Hause aus einen ordentlichen Werkzeugkoffer, mit guter Ausstattung für "Heimwerker":
...das Glück liegt darin, da weiß man wenigstens was man tut!

Tipps:
Wenn wir fertig sind, kannst ausprobieren...:

2.
ALTE VERSION!!!:

Code:

Logfile of HijackThis 2.0.2

Die neue Version gibt es hier:
also lösche/deinstalliere HijackThis "2.0.2." und lade Dir erneut von hier TrendMicro™ HijackThis™/Version 2.0.4 herunter

3.

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript (unverändert inkl. :OTL):

Code:

:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{05F2ACE9-E030-47D4-93A7-8F8DA46E71B1}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=MYC-ST&o=102869&src=kw&q={searchTerms}&locale=&apn_ptnrs=5J&apn_dtid=YYYYYYYYNL&apn_uid=83e22e8e-4608-4640-87a7-a4abcf4f3c16&apn_sauid=05FC2AB0-30AC-45EF-92BE-96BA39236879
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={3AE13A5F-816A-45D3-A014-54A7181A8CB6}&mid=5634a68e19fa47d195a2048a14a93f92-911e26a440855f4c99f27372e569325cee09a8b7&lang=de&ds=tt014&pr=sa&d=2011-12-16 14:15:30&v=8.0.0.34&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Hansa\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Hansa\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found
[2012.01.29 14:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 15:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.12 21:44:54 | 000,001,286 | ---- | M] () - Z:\automounts.xml -- [ NTFS ]
O33 - MountPoints2\{3e099380-2d35-11e1-bbfd-9ceb2172656b}\Shell - "" = AutoRun
O33 - MountPoints2\{3e099380-2d35-11e1-bbfd-9ceb2172656b}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{40633c3f-9537-11e0-90ab-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{40633c3f-9537-11e0-90ab-806e6f6e6963}\Shell\AutoRun\command - "" = I:\wubi.exe --cdmenu
O33 - MountPoints2\{53ddd9e0-3523-11e1-b8d5-e1a9b17c8766}\Shell - "" = AutoRun
O33 - MountPoints2\{53ddd9e0-3523-11e1-b8d5-e1a9b17c8766}\Shell\AutoRun\command - "" = P:\AutoRun.exe
O33 - MountPoints2\{67f1c1ad-47df-11e1-86ff-ee8ca49d6f6b}\Shell - "" = AutoRun
O33 - MountPoints2\{67f1c1ad-47df-11e1-86ff-ee8ca49d6f6b}\Shell\AutoRun\command - "" = P:\DPFMate.exe
@Alternate Data Stream - 187 bytes -> C:\ProgramData\Temp:3440EB47
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:66633281
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0888F409

:Files
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

4.
Java aktualisieren- über Systemsteuerung-> Nach Update suchen...
Downloade nun die Offline-Version von Java Version 6 Update 31 von Oracle und installiere sie. Achte darauf, eventuell angebotene Toolbars nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar entfernen.
oder
Über Systemsteuerung-> Java

5.
Öffne CCleaner - Anleitung CCleaner

"Cleaner"->"Analysieren"->Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"-> "Fehler beheben"->"Alle beheben"
Starte dein System neu auf

6.
eine weitere Systembereinigung herbeizuführen, bitte führe folgendes Programm aus:
SUPERAntiSpyware Free Edition

7.
Vorbereitung

Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
Bitte während der Online-Scans deaktivieren:
Anti-Virus-Programm und Firewall.
Internet Explorer starten => im Menü unter Extras => Internetoption => Datenschutz => den Haken bei "Popupblocker einschalten" entfernen und
unter dem Reiter "Sicherheit" => die Sicherheitsstufe ggfs. auf "Mittelhoch" herabsetzen.
Nicht vergessen, sie hinterher wieder einzuschalten bzw. die Internetoptionen wie zuvor einzustellen..
Während der Online-Scans auf andere Online-Aktivitäten verzichten.
Du musst das Herunterladen und Installieren von ActiveX-Steuerelementen (Controls) zulassen.
.

Eset Online Scanner (NOD32)
- Unterstützte Betriebssysteme: Microsoft Windows 7 - Vista - XP - 2000 - NT.
- Anmerkung für Vista und Windows 7-User: Bitte den Browser unbedingt als Administrator starten.
- Dein Anti-Virus-Programm während des Scans deaktivieren.
- Button "ESET Online Scanner" drücken.
- IE-User müssen das Installieren eines ActiveX Elements erlauben.
- Einen Haken bei "YES, I accept the Terms of Use." machen und auf den Button "Start" drücken.
- Einen Haken bei "Remove found threads" und "Scan archives" machen.
- Start drücken.
- Signaturen werden heruntergeladen.
- Der Scan beginnt automatisch.
- Finish drücken.
- Browser schließen.
- Explorer öffnen.
- C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
- Logfile hier posten.
- Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
- Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset
- IE-User zusätzlich: mit HJT folgenden Eintrag fixen:
- O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

8.
erneut einen Scan mit OTL: - ältere Logdateien löschen!

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und extra.txt
Poste die Logfiles in Code-Tags hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

**hansa** · 18.03.2012, 00:01

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:59:37, on 18.03.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\FileServe Manager\FSStarter.exe
C:\Windows\starter4g.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\Sicherheitspaket\Common\FSM32.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: Shell=C:\Windows\system32\RAVCpl32.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: FileServeManager - {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - C:\Program Files (x86)\FileServe Manager\FileServeBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Sicherheitspaket\NRS\iescript\baselitmus.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Sicherheitspaket\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [FileServe Manager Task] "C:\Program Files (x86)\FileServe Manager\FSStarter.exe"
O4 - HKLM\..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_MX_Premium_Download-Version\TrayServer_de.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [starter4g] C:\Windows\starter4g.exe
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Sicherheitspaket\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\Sicherheitspaket\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RAVCpl32] C:\Windows\system32\RAVCpl32.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [GameXN (update)] "C:\ProgramData\GameXN\GameXNGO.exe" /u
O4 - HKCU\..\Run: [GameXN (news)] "C:\ProgramData\GameXN\GameXNGO.exe" /n
O4 - HKCU\..\Run: [GameXN] "C:\ProgramData\GameXN\GameXNGO.exe" /silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RAVCpl32] C:\Windows\system32\RAVCpl32.exe
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Global Startup: AML Device Install.lnk = C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe
O8 - Extra context menu item: Client auf Monitor & öffnen1 - C:\Windows\web\AOpenClient.htm
O8 - Extra context menu item: Client auf Monitor & öffnen2 - C:\Windows\web\AOpenClient.htm
O8 - Extra context menu item: Download with FileServe Manager - C:\Program Files (x86)\FileServe Manager\GetUrl.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {28C08CDD-7AD3-462B-90C7-453E026894A9} (RtspVaPgDLinkCtrl Class) - http://192.168.1.99/RtspVaPgDec.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.67.0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FCD09453-0E07-40AB-8E4D-A3BAEE6DBB36}: NameServer = 192.168.1.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Unknown owner - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
O23 - Service: AVM FRITZ!Fernzugang IKE Service (avmike) - Unknown owner - C:\Program Files\FRITZ!Fernzugang\avmike.exe (file missing)
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: AVM FRITZ!Fernzugang Cert Service (certsrv) - Unknown owner - C:\Program Files\FRITZ!Fernzugang\certsrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\Sicherheitspaket\Anti-Virus\fsgk32st.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\Sicherheitspaket\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Sicherheitspaket\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Sicherheitspaket\ORSP Client\fsorsp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Unknown owner - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MSCamSvc - Unknown owner - C:\Program Files\Microsoft LifeCam\MSCamS64.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: AVM FRITZ!Fernzugang Client (nwtsrv) - Unknown owner - C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WTGService - Unknown owner - C:\Program Files (x86)\XSManager\WTGService.exe
O23 - Service: XS Stick Service - 4G Systems GmbH & Co. KG - C:\Windows\service4g.exe

--
End of file - 14079 bytes

**kira** · 18.03.2012, 08:12

1.
Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis mit Rechtsklick als Administrator starten--> `Do a system scan only`--> Einträge auswählen--> Häckhen setzen--> "Fix checked"klicken-->PC neu aufstarten) - fixe NUR Die von mir angegebenen Einträge!:
HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen

F2 - REG:system.ini: Shell=C:\Windows\system32\RAVCpl32.exe
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Sicherheitspaket\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [RAVCpl32] C:\Windows\system32\RAVCpl32.exe
O4 - HKCU\..\Run: [RAVCpl32] C:\Windows\system32\RAVCpl32.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')

► Rechtsklick auf HijackThis-> "Als administrator ausführen" wählen...(Wista und WIN 7)

2.
poste erneut - nach der vorgenommenen Reinigungsaktion:
TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!!
► Rechtsklick auf das Tool HijackThis -> als Administrator ausführen wählen

3.
erneut einen Scan mit OTL: - ältere Logdateien löschen!

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und extra.txt
Poste die Logfiles in Code-Tags hier in den Thread.