Home » Computer Probleme, Hilfe & Technik Forum » Problem mit Trojaner » Themenansicht

Firefox Tipp: Instantfox - Quick Search Add-On!

Seite(n): 1 2 3 4

Antworten

Problem mit Trojaner

09.07.2010, 08:40

Ereinion

Member

Themenstarter

Beiträge: 30

#16 So der Bericht von Combo-Fix:

Code

ComboFix 10-07-07.02 - Roy Sommer 09.07.2010   8:04.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.49.1031.18.2046.981 [GMT 2:00]
ausgeführt von:: c:\users\Roy Sommer\Desktop\Combo-Fix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: AntiVir Desktop *disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Windows-Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\npf.sys
c:\windows\system32\SHELLLNK.TLB
c:\windows\system32\system.txt

.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


(((((((((((((((((((((((   Dateien erstellt von 2010-06-09 bis 2010-07-09  ))))))))))))))))))))))))))))))
.

2012-12-25 19:24 . 2012-12-25 19:24    --------    d-----w-    c:\program files\Microsoft WSE
2012-12-13 09:16 . 2012-12-13 09:16    --------    d-----w-    c:\users\Roy Sommer\AppData\Local\Real
2012-12-13 09:15 . 2012-12-13 09:15    --------    d-----w-    c:\program files\Common Files\xing shared
2010-07-09 06:15 . 2010-07-09 06:15    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-07-08 17:42 . 2010-07-08 17:42    --------    d-----w-    c:\windows\system32\xlive
2010-07-06 21:23 . 2010-07-06 21:23    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\Malwarebytes
2010-07-06 21:23 . 2010-04-29 13:39    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-06 21:23 . 2010-07-06 21:23    --------    d-----w-    c:\programdata\Malwarebytes
2010-07-06 21:23 . 2010-07-06 21:23    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-07-06 21:23 . 2010-04-29 13:39    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-07-06 21:04 . 2010-07-06 21:04    --------    d-----w-    C:\_OTL
2010-07-05 13:53 . 2010-07-05 13:53    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\Avira
2010-07-05 13:42 . 2010-03-01 08:05    124784    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2010-07-05 13:42 . 2010-02-16 12:24    60936    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2010-07-05 13:42 . 2009-05-11 10:49    51992    ----a-w-    c:\windows\system32\drivers\avgntdd.sys
2010-07-05 13:42 . 2009-05-11 10:49    17016    ----a-w-    c:\windows\system32\drivers\avgntmgr.sys
2010-07-05 13:42 . 2010-07-05 13:42    --------    d-----w-    c:\programdata\Avira
2010-07-05 13:42 . 2010-07-05 13:42    --------    d-----w-    c:\program files\Avira
2010-07-05 11:12 . 2010-07-05 15:02    --------    d-----w-    C:\bases
2010-07-05 11:09 . 2010-07-05 11:09    632064    ----a-w-    c:\windows\system32\msvcr80.dll
2010-07-05 11:09 . 2010-07-05 11:09    554240    ----a-w-    c:\windows\system32\msvcp80.dll
2010-07-05 11:09 . 2010-07-05 11:09    34048    ----a-w-    c:\windows\system32\eEmpty.exe
2010-07-05 11:09 . 2010-07-05 11:09    --------    d-----w-    c:\program files\Common Files\MicroWorld
2010-07-05 11:09 . 2010-07-05 11:09    --------    d-----w-    c:\programdata\MicroWorld
2010-07-05 10:57 . 2010-07-05 11:06    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\Download Manager
2010-07-05 10:51 . 2010-07-05 10:51    --------    d-----w-    c:\program files\Belarc
2010-07-02 10:59 . 2010-07-02 11:04    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\Command and Conquer 4
2010-07-02 10:59 . 2010-07-02 10:59    --------    d-----w-    c:\users\Roy Sommer\AppData\Local\Electronic_Arts_Inc
2010-06-30 11:18 . 2010-06-30 11:18    --------    d-----w-    C:\Eigene Dateien
2010-06-14 11:05 . 2008-10-29 06:05    655872    ----a-w-    c:\windows\system32\drivers\netr28u.sys
2010-06-14 11:05 . 2008-10-29 05:46    221184    ----a-w-    c:\windows\system32\RaCoInst.dll
2010-06-14 11:05 . 2008-10-29 05:46    15312    ----a-w-    c:\windows\system32\RaCoInst.dat

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-25 19:24 . 2012-12-25 19:24    10134    ----a-r-    c:\users\Roy Sommer\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2012-12-20 09:29 . 2009-08-28 07:05    --------    d-----w-    c:\program files\Runes of Magic
2012-12-13 09:15 . 2007-10-07 16:12    --------    d-----w-    c:\program files\Common Files\Real
2012-12-11 16:23 . 2009-09-16 16:02    152004    ---ha-w-    c:\windows\system32\mlfcache.dat
2010-07-08 21:26 . 2006-11-02 15:33    644606    ----a-w-    c:\windows\system32\perfh007.dat
2010-07-08 21:26 . 2006-11-02 15:33    117518    ----a-w-    c:\windows\system32\perfc007.dat
2010-07-08 17:42 . 2009-08-10 07:23    --------    d-----w-    c:\program files\Microsoft Games for Windows - LIVE
2010-07-08 11:32 . 2010-07-08 11:32    501936    ----a-w-    c:\programdata\Google\Google Toolbar\Update\gtb474E.tmp.exe
2010-07-06 18:47 . 2007-03-28 14:51    --------    d-----w-    c:\program files\Common Files\Symantec Shared
2010-07-06 18:47 . 2010-03-16 19:55    --------    d-----w-    c:\programdata\Norton
2010-07-06 18:47 . 2007-03-28 14:51    --------    d-----w-    c:\programdata\Symantec
2010-07-06 16:46 . 2007-08-26 18:55    680    ----a-w-    c:\users\Roy Sommer\AppData\Local\d3d9caps.dat
2010-07-05 13:00 . 2008-01-14 18:33    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\Skype
2010-07-05 12:17 . 2008-01-14 18:38    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\skypePM
2010-07-05 11:22 . 2008-03-29 20:34    --------    d-----w-    c:\program files\Rightdown Software SearchBar
2010-07-02 09:51 . 2008-10-25 16:18    --------    d-----w-    c:\programdata\Electronic Arts
2010-07-01 15:36 . 2007-05-11 19:12    --------    d-----w-    c:\program files\Electronic Arts
2010-06-30 11:13 . 2008-12-24 03:00    1    ----a-w-    c:\users\Roy Sommer\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-06-28 19:08 . 2007-04-17 18:19    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\dvdcss
2010-06-21 08:35 . 2008-06-07 18:40    --------    d-----w-    c:\program files\Bonjour
2010-06-21 07:34 . 2007-04-17 12:23    --------    d--h--w-    c:\program files\InstallShield Installation Information
2010-06-20 07:00 . 2007-06-05 17:11    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\ICQ
2010-06-17 14:02 . 2010-02-05 22:13    --------    d-----w-    c:\program files\ICQ7.0
2010-06-16 14:02 . 2010-05-11 12:30    --------    d-----w-    c:\program files\Mobile Partner Manager
2010-06-05 12:55 . 2010-06-05 12:55    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\gtk-2.0
2010-06-05 12:47 . 2010-06-05 12:47    --------    d-----w-    c:\program files\GIMP-2.0
2010-06-01 11:53 . 2010-06-01 11:53    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\DVDVideoSoftIEHelpers
2010-05-27 21:58 . 2010-03-15 19:46    443912    ----a-w-    c:\users\Roy Sommer\AppData\Roaming\Real\Update\setup3.10\setup.exe
2010-05-27 19:26 . 2010-05-27 19:26    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\concept design
2010-05-27 19:26 . 2010-05-27 19:26    --------    d-----w-    c:\program files\concept design
2010-05-25 14:15 . 2010-05-10 16:05    --------    d-----w-    c:\program files\LG PC Suite II
2010-05-25 14:14 . 2010-05-10 16:05    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\LG Electronics
2010-05-12 15:54 . 2010-05-12 15:51    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\opencity
2010-05-12 15:51 . 2010-05-12 15:51    --------    d-----w-    c:\program files\OpenCity
2010-05-12 15:50 . 2010-05-12 15:50    --------    d-----w-    c:\program files\OpenTTD
2010-05-12 15:50 . 2010-05-12 15:50    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\fltk.org
2010-05-12 15:42 . 2010-05-12 15:42    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\flightgear.org
2010-05-12 15:42 . 2009-08-16 12:11    413696    ----a-w-    c:\windows\system32\wrap_oal.dll
2010-05-12 15:42 . 2009-08-16 12:11    110592    ----a-w-    c:\windows\system32\OpenAL32.dll
2010-05-12 15:42 . 2010-05-12 15:41    --------    d-----w-    c:\program files\FlightGear
2010-05-12 13:23 . 2010-05-12 13:23    --------    d-----w-    c:\users\Roy Sommer\AppData\Roaming\casanova
2010-05-12 13:22 . 2010-05-12 13:15    --------    d-----w-    c:\program files\BloodFrontier
2010-05-12 11:59 . 2010-05-12 11:59    --------    d-----w-    c:\programdata\Intenium
2010-05-12 10:12 . 2007-04-17 12:38    1728    ----a-w-    c:\windows\eReg.dat
2010-05-12 09:53 . 2007-04-17 12:21    --------    d-----w-    c:\program files\EA GAMES
2010-05-11 19:19 . 2007-04-17 11:40    119152    ----a-w-    c:\users\Roy Sommer\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-10 16:08 . 2010-05-10 16:08    --------    d-----w-    c:\program files\LG Electronics
2010-04-27 12:45 . 2010-04-27 12:45    72856    ----a-w-    c:\windows\system32\xliveinstallhost.exe
2010-04-27 12:45 . 2010-04-27 12:45    187544    ----a-w-    c:\windows\system32\xliveinstall.dll
2010-04-18 14:14 . 2010-04-18 14:14    18918    ----a-r-    c:\users\Roy Sommer\AppData\Roaming\Microsoft\Installer\{83C0B64C-F55A-4DF9-AB1D-76297076C57D}\_FF237F0ED356A8497A05BA.exe
2010-04-18 14:14 . 2010-04-18 14:14    18918    ----a-r-    c:\users\Roy Sommer\AppData\Roaming\Microsoft\Installer\{83C0B64C-F55A-4DF9-AB1D-76297076C57D}\_6FEFF9B68218417F98F549.exe
2010-04-18 14:14 . 2010-04-18 14:14    18918    ----a-r-    c:\users\Roy Sommer\AppData\Roaming\Microsoft\Installer\{83C0B64C-F55A-4DF9-AB1D-76297076C57D}\_4D561D77BB45CCA0E7A16F.exe
2010-04-12 15:29 . 2010-04-18 19:25    411368    ----a-w-    c:\windows\system32\deployJava1.dll
2007-04-29 08:21 . 2007-04-29 08:21    731    ----a-w-    c:\program files\redace.ini
2008-08-08 14:06 . 2008-08-08 13:17    81    --sh--r-    c:\windows\ICMET20.BIN
2007-09-30 18:47 . 2007-09-30 18:47    8192    --sha-w-    c:\windows\o2cLicStore.bin
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-10 1232896]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-11 39408]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-04-29 1006264]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-07 4374528]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"AGEIA PhysX SysTray"="c:\program files\AGEIA Technologies\TrayIcon.exe" [2006-03-20 331776]
"USBToolTip"="c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2005-06-13 192512]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2006-11-17 77824]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-12-18 76304]
"MsgCenterExe"="c:\program files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" [2012-12-13 75320]
"TrayServer"="c:\program files\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe" [2007-03-29 90112]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"VC9Player"="c:\program files\Virtual CD v9\System\VC9Play.exe" [2009-04-21 202056]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2012-12-13 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"UIExec"="c:\program files\Mobile Partner Manager\UIExec.exe" [2010-01-13 133120]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

c:\users\Roy Sommer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Last.fm Helper.lnk - c:\program files\Last.fm\LastFMHelper.exe [2007-11-10 106496]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-7-25 91440]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-3-6 809488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux6"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 gupdate1cac851a92a704d;Google Update Service (gupdate1cac851a92a704d);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-20 133104]
R2 UI Assistant Service;UI Assistant Service;c:\program files\Mobile Partner Manager\AssistantServices.exe [2010-01-13 247296]
R3 HH9Help.sys;HH9Help.sys;c:\windows\system32\drivers\HH9Help.sys [2006-09-20 11392]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-10-29 9216]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2008-10-29 655872]
R3 Ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at.sys [2007-06-08 76288]
R3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-08-11 717296]
S1 vdrv9000;vdrv9000;c:\windows\system32\DRIVERS\vdrv9000.sys [2009-03-17 113688]
S2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [2009-10-06 110304]
S2 acedrv10;acedrv10;c:\windows\system32\drivers\acedrv10.sys [2007-07-27 330144]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2009-01-19 277544]
S2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [2007-07-27 251680]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 VC9SecS;Virtual CD v9 Management Service;c:\program files\Virtual CD v9\System\VC9SecS.exe [2008-11-06 132424]

.
Inhalt des "geplante Tasks" Ordners

2010-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-20 17:20]

2010-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-20 17:20]

2010-07-09 c:\windows\Tasks\User_Feed_Synchronization-{5F18A9EC-DDD2-42C1-968D-6D420F1D60AE}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download with &ShareazaPlus - c:\program files\ShareazaPlus\plugins\RazaWebHook.dll/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\users\Roy Sommer\AppData\Roaming\Mozilla\Firefox\Profiles\mqr3ywbo.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.1&q=
FF - component: c:\users\Roy Sommer\AppData\Roaming\Mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\ProtectDisc\License Helper\NPPDLicenseHelper.dll
FF - plugin: c:\users\Roy Sommer\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

ActiveSetup-ccc-core-static - msiexec
AddRemove-AGEIA PhysX v2.3.3 - c:\program files\AGEIA Technologies\uninstall.exe
AddRemove-Zuma_Deluxe!_1.0 - c:\windows\iun6002.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-09 08:17
Windows 6.0.6000  NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vdrv9000]
"ImagePath"="system32\DRIVERS\vdrv9000.sys"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-3315833501-451174435-3890430701-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ca,22,a4,40,d4,ec,c3,f5,8d,11,66,0a,73,c8,f5,8e,bb,36,e2,f0,a3,88,59,
   90,6c,f2,37,ee,ea,80,44,07,6d,c8,47,fe,28,94,7b,8d,c1,74,bb,29,7e,90,4e,cc,\
"??"=hex:5f,52,96,60,70,68,bc,fa,c1,53,95,da,1e,88,59,aa

[HKEY_USERS\S-1-5-21-3315833501-451174435-3890430701-1000\Software\SecuROM\License information*]
"datasecu"=hex:b5,8a,b3,bd,20,ff,b3,3a,79,1a,25,3b,b7,dc,b1,2b,5a,f9,51,6e,1e,
   d8,b2,af,02,83,76,92,c8,13,61,0d,cf,2e,c4,65,2f,2f,fb,e9,1f,3d,3c,3e,74,fd,\
"rkeysecu"=hex:0c,01,85,43,d9,94,1a,d5,71,29,87,48,26,17,d9,45

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(3748)
c:\program files\Logitech\SetPoint\lgscroll.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\LEXBCES.EXE
c:\windows\System32\LEXPPS.EXE
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
c:\windows\system32\DllHost.exe
c:\windows\RtHDVCpl.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\iPod\bin\iPodService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-07-09  08:31:42 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2010-07-09 06:31

Vor Suchlauf: 30 Verzeichnis(se), 53.543.280.640 Bytes frei
Nach Suchlauf: 33 Verzeichnis(se), 56.175.144.960 Bytes frei

- - End Of File - - 111EA3D315B9C4940195DB108C5C540B

Rechner fährt jetzt wieder deutlich schneller hoch.

09.07.2010, 12:44

Swisstreasure

Moderator

Beiträge: 5694

#17 Deutlich schneller oder wieder wie vorher?

09.07.2010, 13:01

Ereinion

Member

Themenstarter

Beiträge: 30

#18 deutlich schneller.

09.07.2010, 15:28

Swisstreasure

Moderator

Beiträge: 5694

#19 Schritt 1

Mach bitte noch folgende Onlinescans: FSecure, Bitdefender, ESET
http://forum.hijackthis.de/allgemeines/25893-kostenlose-online-scanner.html

Berichte wie es nun im allgemeinen läuft

09.07.2010, 19:55

Ereinion

Member

Themenstarter

Beiträge: 30

#20 Also habe alle scans durchgeführt, einzig FSecure hat 1 mal Maleware und 17 mal Spyware gefunden und diese auch bereinigt. Die anderen zwei haben nichts gefunden.
Der Computer läuft einwandfrei bis auf die Windows Updates, die lassen sich immer noch nicht aktivieren. Bringt immer die Meldung das, daß Sicherheitscenter das automatische Update nicht aktivieren kann. Gehe ich auf manuell, zeigt es an das es aktiviert ist!

10.07.2010, 13:19

Swisstreasure

Moderator

Beiträge: 5694

#21 Schritt 1

Registry mit ERUNT sichern

Da wir in der Registry Änderungen vornehmen müssen, wirst Du die Registry vorher wie folgt sichern:
Lade das Tool ERUNT von Lars Hederer herunter und installiere es. Starte die erunt.exe und erstelle damit eine Backup der Registry in den vorgegebenen Ordner. Unter Sicherungsoptionen bitte alle drei Möglichkeiten anhaken. Das Programm nicht in den Systemstart aufnehmen.

Schritt 2

Automatische Update per RegistryEintrag ändern

Klicke links unten auf das Vista-Symbol --> gib im Suchfeld ein: regedit --> Wähle Regedit aus.

Navigiere zu:

HKEY_LOCAL_MACHINE\ Software\ Policies\ Microsoft\ Windows\ WindowsUpdate\ AU

Klicke im rechten Feld mit der rechten Maustaste --> neu --> DWORD-Wert -->gib als Name:
NoAutoUpdate ein --> Doppelklicke diesen Eintrag und gib unter Wert 0 ein.

Schritt 3

Erneuter Systemscan mit OTL

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles in Code-Tags hier in den Thread.

10.07.2010, 14:45

Ereinion

Member

Themenstarter

Beiträge: 30

#22

Code

OTL Extras logfile created on: 10.07.2010 14:40:02 - Run 2
OTL by OldTimer - Version 3.2.7.1     Folder = C:\Users\Roy Sommer\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 173,99 Gb Total Space | 56,43 Gb Free Space | 32,43% Space Free | Partition Type: NTFS
Drive D: | 45,22 Gb Total Space | 44,97 Gb Free Space | 99,44% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive R: | 465,76 Gb Total Space | 291,15 Gb Free Space | 62,51% Space Free | Partition Type: NTFS
 
Computer Name: ROYSOMMER-PC
Current User Name: Roy Sommer
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{111577F8-4601-4F8B-A299-5EFC6AA1BE53}" = lport=138 | protocol=17 | dir=in | app=system | 
"{15AB9EEE-D59B-4D35-9330-8EA3A83B031C}" = lport=137 | protocol=17 | dir=in | app=system | 
"{40791F39-B594-4EDB-A28C-793279C1CDE2}" = lport=445 | protocol=6 | dir=in | app=system | 
"{57C165CF-C863-4BCA-8C3A-EED61E8F0698}" = rport=445 | protocol=6 | dir=out | app=system | 
"{8B7F5ED0-6051-4738-A04A-4E6E4308B231}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{A2C8CA30-9427-452C-B077-D0BD0971192F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{CC2F3752-F3B7-4EC4-817D-682DC1316EDE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D6FAF901-3ECB-4544-A9D8-949DD2DA3EF5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{E8A1E1CF-A568-49DD-B7E1-F668C386FF6B}" = rport=139 | protocol=6 | dir=out | app=system | 
"{F724471A-CB51-48D7-9274-D59251F4DC16}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{FEFC994E-42CB-4544-970C-9E1E52ADDB79}" = lport=139 | protocol=6 | dir=in | app=system | 
"{FFF68079-4008-427D-AF82-3113B94836A4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03662AEF-5589-4540-BEEA-A23A4488EFA0}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"{04D26875-4B44-4519-ADF0-0D5CCEB9953E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{14AE346F-D12D-45FB-BCA9-D96D8EF60235}" = protocol=6 | dir=in | app=c:\program files\concept design\onlinetv 5\onlinetv.exe | 
"{15BCAD95-BA59-473C-8A0E-FA0D1206ABF7}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{1A523BD4-C0B5-4B00-B928-222E37ECDB73}" = protocol=17 | dir=in | app=c:\program files\ea games\die schlacht um mittelerde(tm)\game.dat | 
"{1B11429E-4B66-4DE5-8000-93E6E35EF9F8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{1ED12D35-D27A-4CA7-9173-CD4094AAA1EA}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{1F4DFA35-857A-4E08-AC91-7201D04FC3BF}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{1FE53653-46DB-4239-833E-21A702F32974}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{2C9268CB-FE98-47E8-8DE2-36A8C0F5032A}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{2ED7A7F6-B16D-4AE2-A594-B77B50F8CFA3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{306EF0DF-C009-4ADD-A760-0D880B06A051}" = protocol=17 | dir=in | app=c:\users\roy sommer\appdata\local\temp\7zse8e7.tmp\symnrt.exe | 
"{319DC585-D46E-43C4-8434-16CE2356E83C}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{3464A487-6364-4738-87A0-A0D19A4971FE}" = protocol=17 | dir=in | app=c:\program files\concept design\onlinetv 5\onlinetv.exe | 
"{34EA0A56-4135-414F-B86E-429A90835895}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{38129577-73D5-4852-B33B-5BE491CE1553}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{4F7B642E-27A4-4943-923C-1D6A2C9B1C52}" = protocol=6 | dir=in | app=c:\program files\thq\gas powered games\supreme commander\bin\supremecommander.exe | 
"{50E93698-2011-46B7-B738-468A4CC5F6E4}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{51609AFA-A607-4640-AA7D-9DB1C4602A4D}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{51B03E42-CC33-42DA-AA61-5A0BC2E3FA19}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"{5502FF2B-5F6E-4BCB-A158-81D76D0AD6DD}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"{606BC7F9-30E5-479E-8655-4375D31CBA0A}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{6451CABE-3E0E-41E3-9222-AD077DFB4BF8}" = protocol=6 | dir=in | app=c:\users\roy sommer\appdata\local\temp\7zs2ccb.tmp\symnrt.exe | 
"{66CB240E-595C-47F6-85F8-ACA2723C368A}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"{6ECB3709-9947-4410-97E5-B452EFD74375}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 
"{6FD73485-E3E1-4EA9-BE24-E8A8304E356B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{784E41B9-18ED-4873-9652-254B35326701}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | 
"{7C8361F0-3F01-493E-85F9-9D94841ED518}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{844BC606-7866-469C-85F7-7E808EFBE7F7}" = protocol=6 | dir=in | app=c:\users\roy sommer\appdata\local\temp\7zse8e7.tmp\symnrt.exe | 
"{85FB1EAD-08F6-428E-8BA2-BEFFEA6F7364}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{8BCCDBD4-D85F-421C-9492-3C6C82575B0E}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 
"{8EF8563D-3AC2-47C7-94CC-C704C69B19C8}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 
"{9089461E-0AD8-4C6B-A825-9236CA640C96}" = protocol=6 | dir=in | app=c:\program files\ea games\die schlacht um mittelerde(tm)\game.dat | 
"{90903E1D-8A1E-4B95-84E4-D857058DF2FF}" = protocol=17 | dir=in | app=c:\users\roy sommer\appdata\local\temp\7zs2ccb.tmp\symnrt.exe | 
"{9252A8C5-8852-41FC-A6CE-615E5700E423}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{96F1E366-57BF-4C08-9FAF-0B8CA414C74D}" = protocol=6 | dir=in | app=c:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
"{9D203C0B-AF74-443C-B451-3A5D8F4B2531}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{A16FA9E5-9F82-450D-A9E1-49E425381081}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | 
"{A9E6A192-8E34-4509-A4F7-2620E14C19FD}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AAAB531B-B743-4059-89F2-9F227B14BA4A}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 
"{B288B624-C035-4D36-BE3A-E8D15E8EBBF5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{BC59F239-F6FF-436D-9CA3-0943E2D2F004}" = protocol=6 | dir=in | app=c:\program files\concept design\onlinetv 5\onlinetv.exe | 
"{BCDD005E-FCB7-45F9-A3CB-E60A7E867822}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{CC637EC2-CCC9-4918-8DE6-CC03D9BDCDBC}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | 
"{CDB40B9E-942E-4C70-83CD-8CA83630D22C}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
"{D43E5B55-ECEE-4629-B9A8-1EF6AE824417}" = protocol=17 | dir=in | app=c:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe | 
"{D5C3A25E-3B7F-4D1B-AC65-C7141A1229E9}" = protocol=17 | dir=in | app=c:\program files\thq\gas powered games\supreme commander\bin\supremecommander.exe | 
"{E9451D8C-7011-48E9-AF74-9203FB5B63DE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{EE797193-65E2-4965-8D3E-B08C6C16EE9E}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 
"{EF45A510-B151-4D0A-B60A-8F779F6E9EE2}" = protocol=17 | dir=in | app=c:\program files\concept design\onlinetv 5\onlinetv.exe | 
"{FC0E8925-F6E6-46D8-AA4D-E9D420933A57}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 
"{FC65AB37-E414-4B25-9DD4-234F901633B9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"TCP Query User{1FC42995-0D0E-4FD1-BCC6-524D72F9A651}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{293D243D-DCA4-4967-8338-95AEE965D741}C:\program files\ea games\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield vietnam\bfvietnam.exe | 
"TCP Query User{5B699081-02B3-4300-9F1A-3B926E8E4353}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{60E5BF74-A46D-45FD-B3C5-1EC64E5D20DB}C:\program files\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter\graw.exe | 
"TCP Query User{788F766C-4A96-4580-A2F6-653237410412}C:\program files\ea games\command and conquer generals\game.dat" = protocol=6 | dir=in | app=c:\program files\ea games\command and conquer generals\game.dat | 
"UDP Query User{6541B264-3652-4FB1-AA7C-22256C178C4E}C:\program files\ea games\command and conquer generals\game.dat" = protocol=17 | dir=in | app=c:\program files\ea games\command and conquer generals\game.dat | 
"UDP Query User{76C6C6DF-72B4-4B5A-A9F6-C36E19F35EB7}C:\program files\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\ghost recon advanced warfighter\graw.exe | 
"UDP Query User{7EF41339-A3F4-4104-A9F5-BA277D427656}C:\program files\ea games\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield vietnam\bfvietnam.exe | 
"UDP Query User{A6EF32A6-13CD-4ECA-B6C0-2E381FEC7E9E}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"UDP Query User{C78AAAD5-8D0A-499B-B3EA-3237A4EB4980}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B242475-FDD0-0DE8-42BD-153A413F3C60}" = Catalyst Control Center Localization Spanish
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{0E671D5E-966F-5B7A-D695-2BDA05AA198C}" = CCC Help Swedish
"{100D944A-B86C-ED1B-9E3C-4EAB0E7DB270}" = CCC Help Japanese
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{189EC431-5AB8-4E6B-F284-43D1322E7F5C}" = CCC Help Dutch
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23AE0110-9551-4577-5DCE-39CD72E1BD4A}" = Catalyst Control Center Localization Arabic
"{23C08587-19F4-4BBC-9078-26CF8EB02256}" = PL-2303 Vista Driver Installer-ATEN
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{25054865-56C3-751D-D7D0-22B48AC1F769}" = CCC Help English
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2F4493E4-7237-4B2F-B693-B13BA827DBA7}" = Rhinoceros 4.0 Trainingsmaterial - Stufe 1
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite
"{30490A99-BA3A-616E-8D18-EA905DF55BF5}" = CCC Help Finnish
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{31306B13-313F-BE4E-1EF4-6A26EEC8C4C6}" = Catalyst Control Center Graphics Previews Vista
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft Visual C++ 8.0 Support DLLs
"{38954639-546C-19E1-2B80-6E76951AFBB3}" = Catalyst Control Center Graphics Full New
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3F51DA7F-7853-C6EB-A62B-F474A581859D}" = Catalyst Control Center Graphics Light
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{49152CD8-1976-AC4C-0175-0BA291BA1033}" = CCC Help Italian
"{49B6F667-76EB-4E9D-ACD2-84B7437901C0}" = LG PC Suite II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C9B3B4B-B395-0B12-D00A-E4DAEA23509E}" = CCC Help Spanish
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09}" = Test_OnlineDiagnostic
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{580EC579-E476-469F-9EBF-F82D696FC67A}" = iClone SE
"{5DB01BF0-9A4D-DACC-F2A0-D9D52FB63BEE}" = Catalyst Control Center Core Implementation
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60485FF1-4501-D198-F584-A4503BB439F0}" = Catalyst Control Center Localization German
"{62C3A135-132B-7061-EDFE-B58080CBA8FE}" = Skins
"{62C4121D-CA64-413E-8444-0525FF7E8EF9}" = Remotedesktopverbindung
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{64D59234-B5AF-5280-5CF5-4A0F3AE2DBE8}" = ccc-localization-da
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A79DE96-0FA4-42E7-A92D-FE43E208995A}" = Zusätzliche 3dsmax 7-Maps und -Materialien
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7146E309-6633-3C99-CD16-FE09E3659E7C}" = CCC Help German
"{716933FC-1E70-4DB3-C7E2-363D1CC82655}" = Catalyst Control Center Localization Japanese
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738C6C16-78AB-DF7C-8254-292C11130D3B}" = ccc-core-static
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{75FAE8E4-BCF7-4249-C587-291B9A45A61D}" = CCC Help French
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77E11F30-D659-4542-A567-0F993C1C19D3}" = Command and Conquer - Tiberian Sun
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7F241622-AE33-36AE-BD5E-4D83BB7D7C67}" = Catalyst Control Center Localization Italian
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83C0B64C-F55A-4DF9-AB1D-76297076C57D}" = CNC 3 Map Manager
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{86C7336D-0E3A-4953-ADF4-F4B5E0096278}" = Command & Conquer 3 Tiberium Wars(TM) MOD SDK
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8A261769-9640-4DB4-B877-3E00C61967F3}_is1" = concept/design onlineTV 5
"{8B53527D-BBB2-43A5-91D7-9ED772FD737F}" = Skype web features
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{905A208F-5F32-D532-56F2-EB6E29A0CBB7}" = Catalyst Control Center Graphics Full Existing
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98A64C75-BFD6-4212-8746-8BADC7ABA79E}" = Virtual CD v9
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobile Partner Manager
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B8619E25-DF08-1C87-BBDA-A7208F83CCBB}" = ccc-utility
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}" = Dual-Core Optimizer
"{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}" = VBA (3821b)
"{C194D333-B84A-4BB7-B35E-060732D98DC4}" = GPGNet
"{C33228F4-D34B-4271-B3B4-E973BA67B230}" = SPEEDLINK SL-6825 Snappy Webcam 
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C4C2CFA3-A815-7E12-3609-1BF88B543BF1}" = CCC Help Danish
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D34D82E0-4600-407B-9478-8506C1DD1031}" = Nero 7 Essentials
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{DA5F01A5-B5D4-F9DA-EE38-5D34FB64E822}" = Catalyst Control Center Localization Finnish
"{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}" = Branding
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDF5095A-949E-9CBF-775F-4E3C5503B48F}" = Catalyst Control Center Localization French
"{DFFDDCF5-CB32-4354-8823-1B9E68025953}" = Adobe Setup
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E63B1A54-5515-F7E5-7EED-C4D65761FA4E}" = Catalyst Control Center Localization Arabic
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E78FC917-C21B-11D2-99FE-00105A98B681}" = Microsoft Picture It! 2000
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F10E980B-2BC9-A41F-6798-CE78718FD9BB}" = CCC Help Norwegian
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null 
"{F428768A-BA63-43A5-86E9-7F0CFD174944}" = Command & Conquer 3 Tiberium Wars(TM) Worldbuilder
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FCB12FDF-1F42-FDD6-068F-CA34DF5AF6C7}" = Catalyst Control Center Localization Arabic
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Adobe_67a7fb1e97aa14ee9ef0950eb6fd757" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Age of Empires 2.0" = Microsoft Age of Empires II
"Alarmstufe Rot" = Alarmstufe Rot Windows 95
"Ashampoo Photo Commander 5_is1" = Ashampoo Photo Commander 5.40
"ATI Uninstaller" = ATI Uninstaller
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bejeweled Twist" = Bejeweled Twist
"Belarc Advisor" = Belarc Advisor 8.1
"Catan" = Catan - Die erste Insel
"Diamond Drop" = Diamond Drop
"DivX Setup.divx.com" = DivX-Setup
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"EADM" = EA Download Manager
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"FlightGear_is1" = FlightGear v1.9.1
"Geheime Fälle: Auf den Spuren von Casanova" = Geheime Fälle: Auf den Spuren von Casanova
"GMX MultiMessenger" = GMX MultiMessenger
"Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.12.9-2
"HijackThis" = HijackThis 2.0.2
"ICQToolbar" = ICQ Toolbar
"Imperium Romanum" = Imperium Romanum 1.04 Gold Edition
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"InstallShield_{C33228F4-D34B-4271-B3B4-E973BA67B230}" = SPEEDLINK SL-6825 Snappy Webcam 
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null 
"LastFM_is1" = Last.fm 1.4.1.57486
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Meine kleine Farm 3: Ice Age" = Meine kleine Farm 3: Ice Age
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"myphotobook" = myphotobook 3.6
"Neverball" = Neverball 1.5.4
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"OpenAL" = OpenAL
"OpenCity 0.0.6.2 stable_is1" = OpenCity 0.0.6.2 stable
"OpenTTD" = OpenTTD 1.0.0-RC2
"Picasa 3" = Picasa 3
"Protect Disc License Helper" = Protect Disc License Helper 1.0.118
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RealPlayer 12.0" = RealPlayer
"ScanIT Client" = ScanIT Client 3.0 
"screensaver2" = screensaver2
"secretmaryo" = Secret Maryo Chronicles
"SereneScreen Marine Aquarium" = SereneScreen Marine Aquarium
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 3.17
"System Tweaker_is1" = Uniblue System Tweaker
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Vodei Multimedia Processor" = Vodei Multimedia Processor 2.10
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WOLAPI" = Westwood Gemeinsam benutzte Internet-Komponenten
"Xfire" = Xfire (remove only)
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.8.1
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 08.07.2010 07:20:10 | Computer Name = RoySommer-PC | Source = Google Update | ID = 20
Description = 
 
Error - 08.07.2010 13:42:30 | Computer Name = RoySommer-PC | Source = VSS | ID = 8194
Description = 
 
Error - 08.07.2010 13:42:53 | Computer Name = RoySommer-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 09.07.2010 01:46:20 | Computer Name = RoySommer-PC | Source = Google Update | ID = 20
Description = 
 
Error - 09.07.2010 09:15:48 | Computer Name = RoySommer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung empires2.exe, Version 0.14.14.914, Zeitstempel
 0x37ddfc16, fehlerhaftes Modul empires2.exe, Version 0.14.14.914, Zeitstempel 0x37ddfc16,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00206405,  Prozess-ID 0xb00, Anwendungsstartzeit
 01cb1f68d835d5c1.
 
Error - 09.07.2010 09:16:39 | Computer Name = RoySommer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung RA95.EXE, Version 0.0.0.0, Zeitstempel 0x328d88ef,
 fehlerhaftes Modul KERNEL32.dll!SMapLS_IP_EBP_12, Version 6.0.6000.16386, Zeitstempel
 0x4549bdc9, Ausnahmecode 0xc0000139, Fehleroffset 0x00008fc7,  Prozess-ID 0x80c, 
Anwendungsstartzeit 01cb1f68f5e10cc1.
 
Error - 09.07.2010 17:10:21 | Computer Name = RoySommer-PC | Source = Application Hang | ID = 1002
Description = Programm plugin-container.exe, Version 1.9.2.3828 arbeitet nicht mehr
 mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
 "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen.  Prozess-ID: 1198  Anfangszeit: 01cb1fa8797f8317  Zeitpunkt
 der Beendigung: 13
 
Error - 10.07.2010 03:53:00 | Computer Name = RoySommer-PC | Source = Google Update | ID = 20
Description = 
 
Error - 10.07.2010 05:48:59 | Computer Name = RoySommer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung RunDLL32.exe, Version 6.0.6000.16386, Zeitstempel
 0x4549b0e1, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
 Ausnahmecode 0xc0000005, Fehleroffset 0x0165b5ed,  Prozess-ID 0x1748, Anwendungsstartzeit
 01cb20151d96f0e8.
 
Error - 10.07.2010 05:49:13 | Computer Name = RoySommer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung RunDLL32.exe, Version 6.0.6000.16386, Zeitstempel
 0x4549b0e1, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
 Ausnahmecode 0xc0000005, Fehleroffset 0x01d8b5ed,  Prozess-ID 0x1088, Anwendungsstartzeit
 01cb2015267747a8.
 
[ Media Center Events ]
Error - 17.04.2007 08:03:28 | Computer Name = RoySommer-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.SqmFlushSession failed;
 Win32 GetLastError returned 0D  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 26.09.2007 16:07:37 | Computer Name = RoySommer-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
 GetLastError returned 10000105  Prozess: DefaultDomain Objektname: Media Center Guide

 
Error - 17.04.2008 12:03:35 | Computer Name = RoySommer-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
 gescheitert.
 
[ System Events ]
Error - 09.07.2010 13:47:16 | Computer Name = RoySommer-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
 15, Funktion 0.   Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 09.07.2010 13:47:16 | Computer Name = RoySommer-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
 14, Funktion 0.   Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 09.07.2010 13:47:18 | Computer Name = RoySommer-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
 
Error - 09.07.2010 13:48:47 | Computer Name = RoySommer-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 10.07.2010 03:50:13 | Computer Name = RoySommer-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
 15, Funktion 0.   Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 10.07.2010 03:50:13 | Computer Name = RoySommer-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
 14, Funktion 0.   Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 10.07.2010 03:50:15 | Computer Name = RoySommer-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
 
Error - 10.07.2010 03:52:55 | Computer Name = RoySommer-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 10.07.2010 05:36:20 | Computer Name = RoySommer-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
 
Error - 10.07.2010 05:45:52 | Computer Name = RoySommer-PC | Source = Service Control Manager | ID = 7026
Description = 
 
 
< End of report >

und

Code

OTL logfile created on: 10.07.2010 14:40:02 - Run 2
OTL by OldTimer - Version 3.2.7.1     Folder = C:\Users\Roy Sommer\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 173,99 Gb Total Space | 56,43 Gb Free Space | 32,43% Space Free | Partition Type: NTFS
Drive D: | 45,22 Gb Total Space | 44,97 Gb Free Space | 99,44% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive R: | 465,76 Gb Total Space | 291,15 Gb Free Space | 62,51% Space Free | Partition Type: NTFS
 
Computer Name: ROYSOMMER-PC
Current User Name: Roy Sommer
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Roy Sommer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Mobile Partner Manager\UIMain.exe ()
PRC - C:\Program Files\Mobile Partner Manager\AssistantServices.exe ()
PRC - C:\Program Files\Mobile Partner Manager\UIExec.exe ()
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Virtual CD v9\System\VC9Tray.exe (H+H Software GmbH)
PRC - C:\Program Files\Virtual CD v9\System\vc9play.exe (H+H Software GmbH)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)
PRC - C:\Program Files\Virtual CD v9\System\VC9SecS.exe (H+H Software GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
PRC - C:\Program Files\Last.fm\LastFMHelper.exe (Last.fm)
PRC - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
PRC - C:\Windows\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\Windows\System32\msfeedssync.exe (Microsoft Corporation)
PRC - C:\Program Files\AGEIA Technologies\TrayIcon.exe ()
PRC - C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Roy Sommer\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (UI Assistant Service) -- C:\Program Files\Mobile Partner Manager\AssistantServices.exe ()
SRV - (LBTServ) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (VC9SecS) -- C:\Program Files\Virtual CD v9\System\VC9SecS.exe (H+H Software GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Capture Device Service) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)
SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (catchme) -- C:\Combo-Fix\catchme.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (vdrv9000) -- C:\Windows\System32\drivers\vdrv9000.sys (H+H Software GmbH)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM) -- C:\Windows\System32\drivers\s217unic.sys (MCCI)
DRV - (s217mgmt) Sony Ericsson Device 217 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s217mgmt.sys (MCCI Corporation)
DRV - (s217obex) -- C:\Windows\System32\drivers\s217obex.sys (MCCI Corporation)
DRV - (s217nd5) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS) -- C:\Windows\System32\drivers\s217nd5.sys (MCCI Corporation)
DRV - (s217mdm) -- C:\Windows\System32\drivers\s217mdm.sys (MCCI Corporation)
DRV - (s217bus) Sony Ericsson Device 217 driver (WDM) -- C:\Windows\System32\drivers\s217bus.sys (MCCI Corporation)
DRV - (s217mdfl) -- C:\Windows\System32\drivers\s217mdfl.sys (MCCI Corporation)
DRV - (ACEDRV05) -- C:\Windows\System32\drivers\ACEDRV05.sys (Protect Software GmbH)
DRV - (PAC7302) -- C:\Windows\System32\drivers\PAC7302.SYS (PixArt Imaging Inc.)
DRV - (acehlp10) -- C:\Windows\System32\drivers\acehlp10.sys (Protect Software GmbH)
DRV - (acedrv10) -- C:\Windows\System32\drivers\ACEDRV10.sys (Protect Software GmbH)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (Ser2at) -- C:\Windows\System32\drivers\ser2at.sys (Prolific Technology Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (HH9Help.sys) -- C:\Windows\System32\drivers\HH9Help.sys (H+H Software GmbH)
DRV - (nvraid) NVIDIA nForce(tm) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvatabus) -- C:\Windows\system32\drivers\nvatabus.sys (NVIDIA Corporation)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (PCLEPCI) -- C:\Windows\System32\drivers\Pclepci.sys (Pinnacle Systems GmbH)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..extensions.enabledItems: {4b0a905d-b508-4574-8d12-b8fe120ace09}:0.5
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.5
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.23
FF - prefs.js..extensions.enabledItems: djziggy@gmail.com:1.1.7
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.1&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.05 15:28:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.06 18:44:08 | 000,000,000 | ---D | M]
 
[2009.03.07 21:49:56 | 000,000,000 | ---D | M] -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Extensions
[2010.07.09 17:49:48 | 000,000,000 | ---D | M] -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions
[2010.07.09 17:49:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.18 14:28:42 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.04.18 15:10:22 | 000,000,000 | ---D | M] (Faark's Grepolis Bericht 2 Image - Exporter) -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\{4b0a905d-b508-4574-8d12-b8fe120ace09}
[2009.03.07 21:50:38 | 000,000,000 | ---D | M] (Aquatint Black Gloss) -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2010.07.09 17:49:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.04.16 20:16:00 | 000,000,000 | ---D | M] (Blue Ice 2) -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}
[2010.07.09 17:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.05.14 13:12:28 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.04.18 14:28:42 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.07.05 15:29:38 | 000,000,000 | ---D | M] -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\djziggy@gmail.com
[2010.07.09 17:49:48 | 000,000,000 | ---D | M] -- C:\Users\Roy Sommer\AppData\Roaming\mozilla\Firefox\Profiles\mqr3ywbo.default\extensions\smarterwiki@wikiatic.com
[2012.12.25 21:22:02 | 000,000,961 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-1.xml
[2009.03.07 22:22:12 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-10.xml
[2009.03.28 16:25:07 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-11.xml
[2009.04.23 10:41:30 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-12.xml
[2009.04.06 08:57:19 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-13.xml
[2009.06.13 04:02:10 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-14.xml
[2010.06.01 11:13:43 | 000,000,961 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-15.xml
[2008.03.26 20:06:12 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-2.xml
[2008.04.17 15:30:41 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-3.xml
[2008.07.03 18:46:08 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-4.xml
[2008.07.16 18:02:01 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-5.xml
[2008.07.17 06:25:18 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-6.xml
[2008.07.24 06:29:29 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-7.xml
[2009.03.07 17:37:07 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-8.xml
[2009.03.07 21:52:30 | 000,000,950 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin-9.xml
[2008.07.10 14:07:28 | 000,000,944 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Roaming\Mozilla\FireFox\Profiles\mqr3ywbo.default\searchplugins\icqplugin.xml
[2010.06.02 20:13:25 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2008.01.31 18:04:22 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.04.18 21:25:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008.02.22 17:24:06 | 000,095,832 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPPDLicenseHelper.dll
[2010.07.05 15:28:40 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.05 15:28:40 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.05 15:28:40 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.05 15:28:40 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.05 15:28:40 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.07.09 08:17:20 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe ()
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [MsgCenterExe] C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe (MAGIX AG)
O4 - HKLM..\Run: [UIExec] C:\Program Files\Mobile Partner Manager\UIExec.exe ()
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [VC9Player] C:\Program Files\Virtual CD v9\System\VC9Play.exe (H+H Software GmbH)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Programme\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found
O4 - HKCU..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Roy Sommer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe (Last.fm)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &ICQ Toolbar Search - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Roy Sommer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Roy Sommer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012.12.25 21:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2012.12.13 11:16:24 | 000,000,000 | ---D | C] -- C:\Users\Roy Sommer\AppData\Local\Real
[2012.12.13 11:15:52 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012.12.13 11:15:44 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012.12.13 11:15:44 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012.12.13 11:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010.07.10 14:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010.07.10 14:35:05 | 000,791,393 | ---- | C] (Lars Hederer                                                ) -- C:\Users\Roy Sommer\Desktop\erunt-setup.exe
[2010.07.09 17:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.07.09 17:49:10 | 000,000,000 | ---D | C] -- C:\Users\Roy Sommer\AppData\Roaming\QuickScan
[2010.07.09 15:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010.07.09 08:31:55 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.07.09 08:31:54 | 000,000,000 | ---D | C] -- C:\Users\Roy Sommer\AppData\Local\temp
[2010.07.09 08:29:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.07.09 08:00:53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.07.09 08:00:53 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.07.09 08:00:53 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.07.09 08:00:53 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.07.09 08:00:39 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.07.09 07:55:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.07.08 19:43:53 | 000,000,000 | ---D | C] -- C:\Users\Roy Sommer\Documents\Games for Windows - LIVE Demos
[2010.07.08 19:42:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010.07.08 19:23:39 | 029,268,256 | ---- | C] (Microsoft® Corporation) -- C:\Users\Roy Sommer\Desktop\gfwlivesetupmin.exe
[2010.07.06 23:23:44 | 000,000,000 | ---D | C] -- C:\Users\Roy Sommer\AppData\Roaming\Malwarebytes
[2010.07.06 23:23:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.07.06 23:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.06 23:23:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.07.06 23:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.07.06 23:04:41 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.07.05 15:53:31 | 000,000,000 | ---D | C] -- C:\Users\Roy Sommer\AppData\Roaming\Avira
[2010.07.05 15:42:39 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.07.05 15:42:36 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.07.05 15:42:36 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.07.05 15:42:36 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.07.05 15:42:36 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.07.05 15:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.07.05 15:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010.07.05 14:30:52 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Roy Sommer\Desktop\OTL.exe
[2010.07.05 13:12:59 | 000,000,000 | ---D | C] -- C:\bases
[2010.07.05 13:09:32 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2010.07.05 13:09:31 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2010.07.05 13:09:30 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2010.07.05 13:09:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2010.07.05 13:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2010.07.05 12:57:04 | 000,000,000 | ---D | C] -- C:\Users\Roy Sommer\AppData\Roaming\Download Manager
[2010.07.05 12:51:07 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc
[2010.07.02 13:07:15 | 000,000,000 | ---D | C] -- C:\Users\Roy Sommer\Documents\Command and Conquer 4
[2010.07.02 12:59:33 | 000,000,000 | ---D | C] -- C:\Users\Roy Sommer\AppData\Roaming\Command and Conquer 4
[2010.07.02 12:59:30 | 000,000,000 | ---D | C] -- C:\Users\Roy Sommer\AppData\Local\Electronic_Arts_Inc
[2010.06.30 13:18:58 | 000,000,000 | ---D | C] -- C:\Eigene Dateien
[2010.06.24 00:04:06 | 000,000,000 | ---D | C] -- C:\Users\Roy Sommer\Desktop\DVD-RW-Laufwerk
[2010.06.14 13:05:44 | 000,655,872 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\System32\drivers\netr28u.sys
[2010.06.14 13:05:44 | 000,221,184 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012.12.19 11:17:26 | 000,001,842 | ---- | M] () -- C:\Users\Roy Sommer\Desktop\Runes of Magic.lnk
[2012.12.13 11:15:53 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012.12.13 11:15:44 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012.12.13 11:15:44 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012.12.13 11:15:25 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2012.12.11 18:23:53 | 000,152,004 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2010.07.10 14:40:23 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5F18A9EC-DDD2-42C1-968D-6D420F1D60AE}.job
[2010.07.10 14:39:45 | 005,767,168 | ---- | M] () -- C:\Users\Roy Sommer\ntuser.dat
[2010.07.10 14:36:18 | 000,000,777 | ---- | M] () -- C:\Users\Roy Sommer\Desktop\NTREGOPT.lnk
[2010.07.10 14:36:18 | 000,000,758 | ---- | M] () -- C:\Users\Roy Sommer\Desktop\ERUNT.lnk
[2010.07.10 14:35:11 | 000,791,393 | ---- | M] (Lars Hederer                                                ) -- C:\Users\Roy Sommer\Desktop\erunt-setup.exe
[2010.07.10 13:45:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.10 13:44:49 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.10 13:44:49 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.10 11:44:48 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.10 11:44:46 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.10 11:44:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.10 10:05:33 | 002,294,614 | -H-- | M] () -- C:\Users\Roy Sommer\AppData\Local\IconCache.db
[2010.07.09 08:18:13 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.07.09 08:17:20 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.07.09 07:54:30 | 003,728,433 | R--- | M] () -- C:\Users\Roy Sommer\Desktop\Combo-Fix.exe
[2010.07.08 23:26:28 | 001,470,334 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.08 23:26:28 | 000,644,606 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.08 23:26:28 | 000,612,848 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.08 23:26:28 | 000,117,518 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.08 23:26:28 | 000,104,570 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.08 19:41:55 | 029,268,256 | ---- | M] (Microsoft® Corporation) -- C:\Users\Roy Sommer\Desktop\gfwlivesetupmin.exe
[2010.07.08 16:32:02 | 000,001,062 | ---- | M] () -- C:\Users\Roy Sommer\Desktop\Imperium Romanum.lnk
[2010.07.06 23:23:35 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.06 18:46:27 | 000,000,680 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Local\d3d9caps.dat
[2010.07.05 16:07:32 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010.07.05 14:44:12 | 000,293,376 | ---- | M] () -- C:\Users\Roy Sommer\Desktop\0hb71xyc.exe
[2010.07.05 14:31:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Roy Sommer\Desktop\OTL.exe
[2010.07.05 13:09:31 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2010.07.05 13:09:30 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2010.07.05 13:09:29 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2010.07.05 12:51:08 | 000,001,874 | ---- | M] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2010.07.03 19:22:38 | 000,000,136 | ---- | M] () -- C:\Users\Roy Sommer\Desktop\Command & Conquer™ 4 Tiberian Twilight - Verknüpfung.lnk
[2010.07.03 19:22:31 | 000,000,136 | ---- | M] () -- C:\Users\Roy Sommer\Desktop\Command & Conquer 3 Tiberium Wars - Verknüpfung.lnk
[2010.07.02 19:49:12 | 000,103,424 | ---- | M] () -- C:\Users\Roy Sommer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.29 22:55:58 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.06.24 17:28:54 | 000,000,035 | ---- | M] () -- C:\Windows\Worldbuilder.INI
[2010.06.16 16:00:28 | 000,000,627 | ---- | M] () -- C:\NetworkCfg.xml
[2010.06.14 20:32:56 | 000,002,281 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010.06.13 03:03:00 | 000,524,288 | -HS- | M] () -- C:\Users\Roy Sommer\ntuser.dat{4f11132c-7587-11df-8110-003005a14ed7}.TMContainer00000000000000000002.regtrans-ms
[2010.06.13 03:03:00 | 000,524,288 | -HS- | M] () -- C:\Users\Roy Sommer\ntuser.dat{4f11132c-7587-11df-8110-003005a14ed7}.TMContainer00000000000000000001.regtrans-ms
[2010.06.13 03:03:00 | 000,065,536 | -HS- | M] () -- C:\Users\Roy Sommer\ntuser.dat{4f11132c-7587-11df-8110-003005a14ed7}.TM.blf
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010.07.10 14:36:18 | 000,000,777 | ---- | C] () -- C:\Users\Roy Sommer\Desktop\NTREGOPT.lnk
[2010.07.10 14:36:18 | 000,000,758 | ---- | C] () -- C:\Users\Roy Sommer\Desktop\ERUNT.lnk
[2010.07.09 08:00:53 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010.07.09 08:00:53 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.07.09 08:00:53 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.07.09 08:00:53 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.07.09 08:00:53 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.07.09 07:54:07 | 003,728,433 | R--- | C] () -- C:\Users\Roy Sommer\Desktop\Combo-Fix.exe
[2010.07.08 16:32:02 | 000,001,062 | ---- | C] () -- C:\Users\Roy Sommer\Desktop\Imperium Romanum.lnk
[2010.07.06 23:23:35 | 000,000,862 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.05 16:07:32 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.07.05 14:44:04 | 000,293,376 | ---- | C] () -- C:\Users\Roy Sommer\Desktop\0hb71xyc.exe
[2010.07.05 13:09:30 | 000,000,522 | ---- | C] () -- C:\Windows\System32\Microsoft.VC80.CRT.manifest
[2010.07.05 12:51:08 | 000,001,874 | ---- | C] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2010.07.03 19:22:38 | 000,000,136 | ---- | C] () -- C:\Users\Roy Sommer\Desktop\Command & Conquer™ 4 Tiberian Twilight - Verknüpfung.lnk
[2010.07.03 19:22:31 | 000,000,136 | ---- | C] () -- C:\Users\Roy Sommer\Desktop\Command & Conquer 3 Tiberium Wars - Verknüpfung.lnk
[2010.06.24 17:28:54 | 000,000,035 | ---- | C] () -- C:\Windows\Worldbuilder.INI
[2010.06.14 13:05:44 | 000,015,312 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2010.06.12 11:21:21 | 000,524,288 | -HS- | C] () -- C:\Users\Roy Sommer\ntuser.dat{4f11132c-7587-11df-8110-003005a14ed7}.TMContainer00000000000000000002.regtrans-ms
[2010.06.12 11:21:21 | 000,524,288 | -HS- | C] () -- C:\Users\Roy Sommer\ntuser.dat{4f11132c-7587-11df-8110-003005a14ed7}.TMContainer00000000000000000001.regtrans-ms
[2010.06.12 11:21:21 | 000,065,536 | -HS- | C] () -- C:\Users\Roy Sommer\ntuser.dat{4f11132c-7587-11df-8110-003005a14ed7}.TM.blf
[2010.05.27 21:26:07 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010.05.27 21:26:07 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2010.05.27 21:26:07 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2010.04.13 16:57:52 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.10.06 17:53:40 | 000,016,070 | ---- | C] () -- C:\Windows\German2.ini
[2009.08.10 13:36:49 | 000,000,400 | ---- | C] () -- C:\Windows\g_lfolqn515.ini
[2009.06.30 21:42:55 | 000,000,354 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2009.04.16 20:03:44 | 001,868,944 | ---- | C] () -- C:\Windows\System32\RSA32_16.DLL
[2009.03.16 15:54:40 | 000,720,896 | ---- | C] () -- C:\Windows\System32\ImageDll.dll
[2009.03.16 15:54:40 | 000,258,048 | ---- | C] () -- C:\Windows\System32\vec.dll
[2009.03.16 15:54:40 | 000,159,744 | ---- | C] () -- C:\Windows\System32\fio.dll
[2009.03.16 15:54:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\imgs.dll
[2009.03.16 15:54:40 | 000,045,056 | ---- | C] () -- C:\Windows\System32\vecom.dll
[2009.02.16 14:32:07 | 000,000,551 | ---- | C] () -- C:\Windows\Qiii.INI
[2009.01.11 18:02:47 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.01.11 18:02:46 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.11.30 18:27:00 | 000,053,248 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.09.26 13:57:13 | 000,000,133 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008.06.07 22:40:19 | 000,000,232 | ---- | C] () -- C:\Windows\ulead32.ini
[2008.03.30 02:21:55 | 000,000,028 | ---- | C] () -- C:\Windows\Robota.INI
[2008.03.30 02:17:12 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2008.03.30 02:07:57 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2008.03.29 21:58:29 | 000,000,084 | ---- | C] () -- C:\Windows\MSGCB.INI
[2008.01.11 22:22:44 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2008.01.02 02:16:59 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2008.01.02 02:16:59 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2008.01.02 02:16:59 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2007.10.28 16:36:14 | 000,000,000 | ---- | C] () -- C:\Windows\wiso.ini
[2007.10.27 16:31:55 | 000,000,503 | ---- | C] () -- C:\Windows\System32\FeMakro.ini
[2007.10.27 16:31:55 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini
[2007.10.27 16:31:31 | 000,000,132 | ---- | C] () -- C:\Windows\System32\synsopos.ini
[2007.10.21 12:24:30 | 000,000,247 | ---- | C] () -- C:\Windows\musicmaker.INI
[2007.10.21 11:18:07 | 000,038,912 | ---- | C] () -- C:\Windows\System32\mgxasio.dll
[2007.10.20 13:17:56 | 000,000,000 | ---- | C] () -- C:\Windows\hiphopmaker.INI
[2007.10.20 12:45:03 | 000,000,345 | ---- | C] () -- C:\Windows\BeatBox.INI
[2007.10.20 07:39:39 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2007.10.20 07:34:13 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.06.14 13:48:32 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2007.06.13 12:39:23 | 000,000,238 | ---- | C] () -- C:\Windows\BUHL.INI
[2007.05.17 02:13:29 | 000,000,063 | ---- | C] () -- C:\Windows\Listed.INI
[2007.05.06 17:40:50 | 000,000,030 | ---- | C] () -- C:\Windows\Q3version.ini
[2007.04.21 12:59:27 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2007.04.21 12:17:04 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.04.17 14:14:38 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007.03.28 21:45:15 | 000,135,168 | ---- | C] () -- C:\Windows\System32\property.dll
[2007.03.20 16:44:02 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP7302.ini
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.08.11 09:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2006.06.01 21:06:00 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2005.08.10 00:12:28 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2003.10.30 19:29:00 | 000,000,187 | ---- | C] () -- C:\Windows\System32\lxbvcoin.ini
[2002.11.13 17:40:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbvvs.dll
[2002.10.06 20:42:57 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2002.10.05 01:04:25 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2002.10.05 01:04:24 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2002.10.05 01:04:17 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000096.DLL
[2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000081.DLL
[1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
< End of report >

11.07.2010, 00:44

Swisstreasure

Moderator

Beiträge: 5694

#23 Funktionieren die Updates?

11.07.2010, 19:23

Ereinion

Member

Themenstarter

Beiträge: 30

#24 Nein leider nicht. Kommt ständig die Meldung: "Mit Windows Update kann derzeit nicht nach Updates gesucht werden, da der Dienst nicht ausgeführt wird. Möglicherweise müssen Sie den Computer neu starten."
Bringt aber nichts, hab ich schon des öfteren versucht!

11.07.2010, 21:32

Swisstreasure

Moderator

Beiträge: 5694

#25 Schritt 1

Lade Dir bitte WVCheck ( by Artellos ) von einem der folgenden Downloadspiegel herunter
Artellos.com (exe)
Artellos.com (zip)
und speichere die Datei auf dem Desktop.

• Starte WVCheck.exe
• Wie Du im DOS Fenster lesen kannst wird das Tool eventuell eine Weile brauchen.
Bestätige mit Enter.
• Wenn der Scan beendet wurde, öffnet sich ein Textdokument. Kopiere den Inhalt und poste diesen bitte hier in deinen Thread.
Das Textdokument wird dort gespeichert, wo auch die WVCheck.exe ist ( WVCheck_<Uhrzeit>_<Datum>.txt )

Schritt 2

Versuche es einmal wie hier beschrieben:
http://www.computerhilfen.de/frameset-links.php?url=http%3A%2F%2Fsupport.microsoft.com%2Fkb%2F910337

oder so:
http://support.microsoft.com/kb/971058

12.07.2010, 12:40

Ereinion

Member

Themenstarter

Beiträge: 30

#26

Code

Windows Validation Check
Log Created On: 1237_12-07-2010
------------------------

Windows Information
-----------------------
Windows Version: Windows Vista  
Windows Mode: Normal


WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
------------------------------
Last Success Time for Update Detection: 2010-04-18 16:39:04
Last Success Time for Update Download: 2010-04-18 16:49:10
Last Success Time for Update Installation: 2010-04-18 17:11:13


WVCheck's File Dump
-------------------
WVCheck found no known bad files.


WVCheck's Missing File Check
-------------------
WVCheck found no missing Windows files.


WVCheck's MBAM Quarantine Check
-------------------
There were no bad files quarantined by MBAM.


WVCheck's HOSTS File Check
-------------------
WVCheck found no bad lines in the hosts file.


WVCheck's MD5 Check
EXPERIMENTAL!!
-------------------
user32.dll - 63b4f59d7c89b1bf5277f1ffefd491cd


-------- End of File, program close at 1238_12-07-2010 --------

12.07.2010, 12:48

Ereinion

Member

Themenstarter

Beiträge: 30

#27 Ich habe gelesen das der Support für Windows ohne Service Pach eingestellt wurde und es keine Updates mehr dafür gibt. Kann es daran liegen und soll ich dann vielleicht doch mal die SP1 und 2 installieren?

12.07.2010, 13:37

Ereinion

Member

Themenstarter

Beiträge: 30

#28 Also die Möglichkeiten funktionieren leider nicht!

12.07.2010, 19:36

Swisstreasure

Moderator

Beiträge: 5694

#29 Ach so.. das habe ich natürlich nicht gesehen! Ja sicher musst Du das. Ich dachte dass wäre normal dass man das macht. Aber denoch mache bitte schritt 1 zuerst.

13.07.2010, 07:31

Ereinion

Member

Themenstarter

Beiträge: 30

#30 Hab es nicht gemacht weil du zu beginn des Threads davon abgeraten hast. Aber das mich ich dann!

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1 2 3 4